Submitted URL: http://coupang.app.com/
Effective URL: https://www.app.com/
Submission: On November 21 via api from KR — Scanned from CA

Summary

This website contacted 82 IPs in 4 countries across 64 domains to perform 313 HTTP transactions. The main IP is 151.101.194.62, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.app.com. The Cisco Umbrella rank of the primary domain is 204246.
TLS certificate: Issued by R10 on September 25th 2024. Valid for: 3 months.
This is the only time www.app.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 151.101.66.189 54113 (FASTLY)
37 151.101.194.62 54113 (FASTLY)
3 108.138.112.90 16509 (AMAZON-02)
7 2600:9000:247... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
15 151.101.1.44 54113 (FASTLY)
2 2606:4700:440... 13335 (CLOUDFLAR...)
4 199.232.193.91 54113 (FASTLY)
2 2620:100:a00b... 19750 (AS-CRITEO)
6 151.101.193.44 54113 (FASTLY)
1 23.203.105.149 16625 (AKAMAI-AS)
2 2620:100:a00b... 19750 (AS-CRITEO)
4 151.101.66.132 54113 (FASTLY)
1 1 54.224.103.108 14618 (AMAZON-AES)
1 7 52.200.250.208 14618 (AMAZON-AES)
11 151.101.66.62 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 3 142.250.65.198 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 142.251.41.2 15169 (GOOGLE)
2 3.168.102.127 16509 (AMAZON-02)
1 18.173.132.105 16509 (AMAZON-02)
2 18.173.140.223 16509 (AMAZON-02)
1 23.203.179.38 16625 (AKAMAI-AS)
1 20.40.202.2 8075 (MICROSOFT...)
2 52.205.167.202 14618 (AMAZON-AES)
2 108.59.7.249 30633 (LEASEWEB-...)
1 2607:f8b0:400... 15169 (GOOGLE)
38 151.101.65.44 54113 (FASTLY)
3 2a04:4e42:600... 54113 (FASTLY)
3 3 8.28.7.82 62713 (AS-PUBMATIC)
1 1 8.28.7.83 62713 (AS-PUBMATIC)
2 34.149.193.192 396982 (GOOGLE-CL...)
3 54.84.83.189 14618 (AMAZON-AES)
10 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 98.82.156.107 14618 (AMAZON-AES)
1 4 35.244.193.51 396982 (GOOGLE-CL...)
14 162.19.138.118 16276 (OVH OVH SAS)
1 34.107.165.188 396982 (GOOGLE-CL...)
1 52.45.244.46 14618 (AMAZON-AES)
3 3.33.220.150 16509 (AMAZON-02)
9 34.198.236.31 14618 (AMAZON-AES)
2 52.72.153.112 14618 (AMAZON-AES)
1 1 23.58.90.38 16625 (AKAMAI-AS)
19 141.226.124.48 200478 (TABOOLA-A...)
1 1 141.226.224.48 200478 (TABOOLA-A...)
1 20.33.67.17 8069 (MICROSOFT...)
4 5 68.67.160.186 29990 (ASN-APPNEX)
1 141.226.224.32 200478 (TABOOLA-A...)
1 1 172.240.155.108 7979 (SERVERS-COM)
3 5 52.223.22.214 16509 (AMAZON-02)
2 18.238.49.48 16509 (AMAZON-02)
1 23.59.145.189 16625 (AKAMAI-AS)
3 2620:116:800b... 14618 (AMAZON-AES)
1 52.0.178.58 14618 (AMAZON-AES)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 192.184.68.228 14618 (AMAZON-AES)
2 2600:9000:251... 16509 (AMAZON-02)
3 23.59.144.227 16625 (AKAMAI-AS)
1 1 63.251.28.231 26558 (FREEWHEEL)
1 3 104.18.27.193 13335 (CLOUDFLAR...)
1 1 23.205.2.235 16625 (AKAMAI-AS)
2 23.203.105.107 16625 (AKAMAI-AS)
1 1 23.105.12.116 30633 (LEASEWEB-...)
3 108.59.7.241 30633 (LEASEWEB-...)
2 2 35.227.252.103 396982 (GOOGLE-CL...)
1 199.232.197.91 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
7 162.19.138.116 16276 (OVH OVH SAS)
2 23.82.15.161 30633 (LEASEWEB-...)
4 4 35.211.202.130 15169 (GOOGLE)
1 3 34.98.64.218 396982 (GOOGLE-CL...)
1 207.65.32.83 62713 (AS-PUBMATIC)
4 2600:9000:261... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a02:6ea0:c40... 60068 (CDN77 Dat...)
3 3 2607:f350:3:2... 27630 (AS-XFERNET)
1 3.208.203.174 14618 (AMAZON-AES)
2 69.194.240.11 26120 (RHYTHMONE)
1 18.214.213.87 14618 (AMAZON-AES)
3 74.214.194.131 19189 (PULSEPOINT)
6 2600:1f13:800... 16509 (AMAZON-02)
1 1 44.214.221.11 14618 (AMAZON-AES)
1 54.88.240.128 14618 (AMAZON-AES)
2 3.224.66.114 14618 (AMAZON-AES)
1 23.200.0.188 20940 (AKAMAI-AS...)
1 1 69.173.146.5 26667 (RUBICONPR...)
1 1 2600:9000:284... 16509 (AMAZON-02)
1 104.18.24.18 13335 (CLOUDFLAR...)
1 23.200.0.25 20940 (AKAMAI-AS...)
1 52.72.250.48 14618 (AMAZON-AES)
1 104.21.64.98 13335 (CLOUDFLAR...)
1 209.58.147.67 ()
313 82
Apex Domain
Subdomains
Transfer
83 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 934
display.bidder.taboola.com — Cisco Umbrella Rank: 2856
c2.taboola.com — Cisco Umbrella Rank: 9458
nr-events.taboola.com — Cisco Umbrella Rank: 12523
pm-widget.taboola.com — Cisco Umbrella Rank: 3118
trc.taboola.com — Cisco Umbrella Rank: 763
vidstat.taboola.com — Cisco Umbrella Rank: 3976
ch-trc-events.taboola.com — Cisco Umbrella Rank: 3749
beacon.taboola.com — Cisco Umbrella Rank: 2035
images.taboola.com — Cisco Umbrella Rank: 1906
sync.taboola.com — Cisco Umbrella Rank: 1304
pips.taboola.com — Cisco Umbrella Rank: 1948
cds.taboola.com — Cisco Umbrella Rank: 1786
imprchmp.taboola.com — Cisco Umbrella Rank: 6424
ch-vid-events.taboola.com — Cisco Umbrella Rank: 5974
ch-match.taboola.com — Cisco Umbrella Rank: 6703
vidstatb.taboola.com — Cisco Umbrella Rank: 6082
1 MB
38 app.com
coupang.app.com
www.app.com — Cisco Umbrella Rank: 204246
user.app.com — Cisco Umbrella Rank: 294378
cm.app.com — Cisco Umbrella Rank: 454018
350 KB
25 ex.co
exbd.ex.co — Cisco Umbrella Rank: 49266
player.ex.co — Cisco Umbrella Rank: 8512
gannet-player.ex.co — Cisco Umbrella Rank: 54310
collector-1.ex.co — Cisco Umbrella Rank: 8712
mcd-playlist.ex.co — Cisco Umbrella Rank: 10804
ps.ex.co — Cisco Umbrella Rank: 32786
rtb.ex.co — Cisco Umbrella Rank: 9705
gannet-cdn.ex.co — Cisco Umbrella Rank: 52898
sync.ex.co — Cisco Umbrella Rank: 4515
cdn.ex.co — Cisco Umbrella Rank: 9300
collector.ex.co — Cisco Umbrella Rank: 9603
637 KB
20 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 639
pixel.adsafeprotected.com — Cisco Umbrella Rank: 680
dt.adsafeprotected.com — Cisco Umbrella Rank: 537
213 KB
14 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 533
10 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
ad.doubleclick.net — Cisco Umbrella Rank: 145
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
188 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
bfbe0faf6068975b8fa4dcc6a6141780.safeframe.googlesyndication.com
101 KB
9 gannett-cdn.com
www.gannett-cdn.com — Cisco Umbrella Rank: 11474
hlsmedia.gannett-cdn.com — Cisco Umbrella Rank: 14866
api.gannett-cdn.com — Cisco Umbrella Rank: 41388
2 MB
8 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 684
image2.pubmatic.com — Cisco Umbrella Rank: 886
ads.pubmatic.com — Cisco Umbrella Rank: 570
st.pubmatic.com — Cisco Umbrella Rank: 1286
2 KB
8 channelexco.com
p.channelexco.com — Cisco Umbrella Rank: 9758
s-06.channelexco.com — Cisco Umbrella Rank: 79218
rtb.channelexco.com — Cisco Umbrella Rank: 9580
e.channelexco.com — Cisco Umbrella Rank: 9472
a.channelexco.com
19 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687
aax.amazon-adsystem.com — Cisco Umbrella Rank: 468
s.amazon-adsystem.com — Cisco Umbrella Rank: 337
91 KB
7 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
2 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com — Cisco Umbrella Rank: 643
5 KB
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 552
u.openx.net — Cisco Umbrella Rank: 761
574 B
5 quantcount.com
content.quantcount.com — Cisco Umbrella Rank: 5185
pixel.quantcount.com — Cisco Umbrella Rank: 3431
exch.quantcount.com — Cisco Umbrella Rank: 3834
pixel-ssn.quantcount.com — Cisco Umbrella Rank: 41371
4 KB
5 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
2 KB
4 undertone.com
cdn.undertone.com — Cisco Umbrella Rank: 3272
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 393
1 KB
4 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1060
eus.rubiconproject.com — Cisco Umbrella Rank: 616
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
2 KB
4 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1453
655 B
4 google.com
adservice.google.com — Cisco Umbrella Rank: 518
region1.analytics.google.com — Cisco Umbrella Rank: 4108
63 B
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 949
gum.criteo.com — Cisco Umbrella Rank: 450
1 KB
3 contextweb.com
bid.contextweb.com — Cisco Umbrella Rank: 6282
bh.contextweb.com — Cisco Umbrella Rank: 665
918 B
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 915
apex.go.sonobi.com Failed
2 KB
3 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 521
htlb.casalemedia.com Failed
918 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
563 B
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 2514
collector.brandmetrics.com — Cisco Umbrella Rank: 2556
20 KB
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 853
229 B
2 bfmio.com
reachms.bfmio.com — Cisco Umbrella Rank: 7424
sync.bfmio.com — Cisco Umbrella Rank: 1532
165 B
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 506
145 KB
2 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2080
144 KB
2 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 1059
527 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 332
34 KB
2 gannettdigital.com
traxex.gannettdigital.com — Cisco Umbrella Rank: 11592
2 parsely.com
p1.parsely.com — Cisco Umbrella Rank: 2508
518 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 186
599 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1734
273 KB
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 7034
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 698
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 574
450 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1960
296 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1222
369 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 576
528 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 7283
156 B
1 authorizedvault.com
topics.authorizedvault.com — Cisco Umbrella Rank: 7204
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
17 KB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 775
375 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 619
523 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1640
244 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 1848
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1839
670 B
1 temu.com
www.temu.com — Cisco Umbrella Rank: 1951
368 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1165
prebid.media.net Failed
846 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2708
822 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 995
250 B
1 google.com.mt
www.google.com.mt — Cisco Umbrella Rank: 43477
408 B
1 usatodaynetworkservice.com
www.usatodaynetworkservice.com — Cisco Umbrella Rank: 15716
1 gannettinnovation.com
reporting-api.gannettinnovation.com — Cisco Umbrella Rank: 13250
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120
17 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
98 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 530
345 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1737
514 B
0 com.com Failed
rtb.channelexco.com.com Failed
313 64
Domain Requested by
35 www.app.com www.app.com
20 beacon.taboola.com cdn.taboola.com
14 id5-sync.com exbd.ex.co
cdn.ex.co
vidstat.taboola.com
11 ch-trc-events.taboola.com cdn.taboola.com
www.app.com
11 vidstat.taboola.com cdn.taboola.com
www.app.com
11 cdn.taboola.com www.app.com
cdn.taboola.com
9 ps.ex.co exbd.ex.co
www.app.com
cdn.ex.co
8 images.taboola.com www.app.com
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.app.com
pagead2.googlesyndication.com
imasdk.googleapis.com
7 lb.eu-1-id5-sync.com exbd.ex.co
cdn.ex.co
vidstat.taboola.com
7 ch-vid-events.taboola.com www.app.com
vidstat.taboola.com
7 hlsmedia.gannett-cdn.com www.app.com
gannet-cdn.ex.co
7 pixel.adsafeprotected.com 1 redirects static.adsafeprotected.com
www.app.com
7 static.adsafeprotected.com www.app.com
6 dt.adsafeprotected.com www.app.com
5 eb2.3lift.com 3 redirects exbd.ex.co
cdn.ex.co
4 cdn.undertone.com exbd.ex.co
cdn.ex.co
www.app.com
4 x.bidswitch.net 4 redirects
4 ib.adnxs.com 3 redirects www.app.com
4 lexicon.33across.com 1 redirects www.app.com
cdn.ex.co
4 securepubads.g.doubleclick.net www.app.com
imasdk.googleapis.com
3 sync.go.sonobi.com 3 redirects
3 u.openx.net 1 redirects exbd.ex.co
cdn.ex.co
3 rtb.channelexco.com gannet-cdn.ex.co
www.app.com
3 ssum-sec.casalemedia.com 1 redirects gannet-cdn.ex.co
www.app.com
3 ads.pubmatic.com gannet-cdn.ex.co
www.app.com
cdn.ex.co
3 gannet-cdn.ex.co www.app.com
gannet-cdn.ex.co
3 match.adsrvr.org exbd.ex.co
cdn.ex.co
3 region1.analytics.google.com www.googletagmanager.com
3 collector-1.ex.co player.ex.co
3 image8.pubmatic.com 3 redirects
3 trc.taboola.com cdn.taboola.com
www.app.com
3 ad.doubleclick.net 2 redirects www.app.com
3 c.amazon-adsystem.com www.app.com
c.amazon-adsystem.com
2 bh.contextweb.com www.app.com
vidstat.taboola.com
2 collector.ex.co player.ex.co
2 targeting.unrulymedia.com vidstat.taboola.com
2 e.channelexco.com gannet-cdn.ex.co
2 imasdk.googleapis.com www.app.com
imasdk.googleapis.com
2 rtb.openx.net 2 redirects
2 eus.rubiconproject.com gannet-cdn.ex.co
www.app.com
cdn.ex.co
2 rumcdn.geoedge.be gannet-cdn.ex.co
rumcdn.geoedge.be
2 pixel.quantserve.com www.app.com
2 www.googletagservices.com www.app.com
2 content.quantcount.com www.app.com
2 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 traxex.gannettdigital.com www.app.com
2 pm-widget.taboola.com cdn.taboola.com
www.app.com
2 nr-events.taboola.com c2.taboola.com
www.app.com
2 p1.parsely.com www.app.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 sb.scorecardresearch.com www.app.com
2 player.ex.co www.app.com
player.ex.co
2 gum.criteo.com www.app.com
cdn.taboola.com
2 bidder.criteo.com www.app.com
2 cdn.confiant-integrations.net www.app.com
cdn.confiant-integrations.net
2 cdn.brandmetrics.com www.app.com
cdn.brandmetrics.com
1 a.channelexco.com
1 biddr.brealtime.com vidstat.taboola.com
1 sync.bfmio.com vidstat.taboola.com
1 api.gannett-cdn.com www.app.com
1 acdn.adnxs.com cdn.ex.co
1 js-sec.indexww.com cdn.ex.co
1 s.ad.smaato.net 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 qsearch-a.akamaihd.net www.app.com
1 crb.kargo.com www.app.com
1 ads.yieldmo.com 1 redirects
1 bid.contextweb.com vidstat.taboola.com
1 hb.emxdgt.com vidstat.taboola.com
1 reachms.bfmio.com vidstat.taboola.com
1 topics.authorizedvault.com cdn.ex.co
1 s0.2mdn.net imasdk.googleapis.com
1 st.pubmatic.com www.app.com
1 vidstatb.taboola.com www.app.com
1 cdn.ex.co gannet-cdn.ex.co
1 secure.adnxs.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 sync.ex.co gannet-cdn.ex.co
1 ads.stickyadstv.com 1 redirects
1 s-06.channelexco.com www.app.com
1 pixel-ssn.quantcount.com www.app.com
1 exch.quantcount.com 1 redirects
1 protected-by.clarium.io www.app.com
1 pixel.quantcount.com www.app.com
1 z.moatads.com www.app.com
1 cm.app.com www.app.com
1 sync.colossusssp.com 1 redirects
1 ch-match.taboola.com vidstat.taboola.com
1 imprchmp.taboola.com vidstat.taboola.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 www.temu.com www.app.com
1 sync.taboola.com 1 redirects
1 hbx.media.net 1 redirects
1 rtb.ex.co exbd.ex.co
1 id.crwdcntrl.net exbd.ex.co
1 api.rlcdn.com exbd.ex.co
1 www.google.com.mt www.app.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 bfbe0faf6068975b8fa4dcc6a6141780.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.usatodaynetworkservice.com www.app.com
1 mcd-playlist.ex.co player.ex.co
1 gannet-player.ex.co player.ex.co
1 image2.pubmatic.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 reporting-api.gannettinnovation.com www.app.com
1 googleads.g.doubleclick.net www.app.com
1 p.channelexco.com exbd.ex.co
1 collector.brandmetrics.com cdn.brandmetrics.com
1 secure.cdn.fastclick.net www.app.com
1 config.aps.amazon-adsystem.com www.app.com
1 www.googleadservices.com www.app.com
1 adservice.google.com www.app.com
1 www.googletagmanager.com www.app.com
1 www.gannett-cdn.com www.app.com
1 match.sharethrough.com 1 redirects
1 c2.taboola.com www.app.com
1 a.teads.tv www.app.com
1 display.bidder.taboola.com www.app.com
1 exbd.ex.co www.app.com
1 user.app.com
1 coupang.app.com 1 redirects
0 apex.go.sonobi.com Failed vidstat.taboola.com
0 htlb.casalemedia.com Failed cdn.ex.co
0 prebid.media.net Failed cdn.ex.co
0 rtb.channelexco.com.com Failed www.app.com
313 128
Subject Issuer Validity Valid
usatoday.com
R10
2024-09-25 -
2024-12-24
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03
2024-11-19 -
2025-12-18
a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2024-04-25 -
2025-05-24
a year crt.sh
brandmetrics.com
WE1
2024-10-23 -
2025-01-21
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-30 -
2024-12-31
5 months crt.sh
confiant-integrations.net
WE1
2024-11-07 -
2025-02-05
3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2
2024-06-09 -
2025-07-11
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-25
3 months crt.sh
*.bidder.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-20 -
2025-11-20
a year crt.sh
teads.tv
R11
2024-11-05 -
2025-02-03
3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M03
2024-02-28 -
2025-03-28
a year crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.googleadservices.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-28
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-07 -
2025-08-07
a year crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2
2024-05-13 -
2025-06-11
a year crt.sh
*.parsely.com
R11
2024-11-04 -
2025-02-02
3 months crt.sh
*.channelexco.com
R11
2024-09-04 -
2024-12-03
3 months crt.sh
gannettinnovation.com
R10
2024-10-01 -
2024-12-30
3 months crt.sh
qqms.gannettdigital.com
R10
2024-11-14 -
2025-02-12
3 months crt.sh
*.google.com.mt
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2024-04-24 -
2025-04-17
a year crt.sh
id5-sync.com
E6
2024-11-11 -
2025-02-09
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-06 -
2025-03-05
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2024-09-07 -
2025-10-07
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2024-03-13 -
2025-04-10
a year crt.sh
quantserve.com
R11
2024-10-22 -
2025-01-20
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2024-09-27 -
2025-09-27
a year crt.sh
protected-by.clarium.io
Amazon RSA 2048 M02
2024-10-17 -
2025-11-15
a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M03
2024-07-12 -
2025-08-09
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
casalemedia.com
E6
2024-10-13 -
2025-01-11
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
eu-1-id5-sync.com
R11
2024-11-11 -
2025-02-09
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2024-08-14 -
2025-08-18
a year crt.sh
*.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.undertone.com
Amazon RSA 2048 M03
2024-08-10 -
2025-09-08
a year crt.sh
lexicon.33across.com
WR3
2024-11-02 -
2025-01-31
3 months crt.sh
1657490710.rsc.cdn77.org
E6
2024-10-29 -
2025-01-27
3 months crt.sh
*.bfmio.com
Amazon RSA 2048 M02
2024-02-15 -
2025-03-14
a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2024-04-30 -
2025-05-31
a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M03
2024-04-03 -
2025-05-02
a year crt.sh
*.contextweb.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-04-11 -
2025-05-11
a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M03
2024-04-08 -
2025-05-08
a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03
2023-12-11 -
2025-01-08
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2024-04-18 -
2025-04-19
a year crt.sh
indexww.com
WE1
2024-10-01 -
2024-12-31
3 months crt.sh
cdn.adnxs.com
R11
2024-10-31 -
2025-01-29
3 months crt.sh
brealtime.com
E5
2024-10-09 -
2025-01-07
3 months crt.sh

This page contains 46 frames:

Primary Page: https://www.app.com/
Frame ID: 49640ADACF8321CCB426E505DC5AB8CB
Requests: 228 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.app.com
Frame ID: 6B5BD91D3EA17C0F493717F1E9B9B795
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: BA3B52E172B5DFCABD72DF51F39A1FA6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 0983A508AFC8B3DFCB4C4ED0501C3472
Requests: 1 HTTP requests in this frame

Frame: https://www.usatodaynetworkservice.com/tangstatic/html/papp/sf-q1a2z330306dc3.min.html
Frame ID: 505462FC13E2BCEC4ED13FA79ECD2293
Requests: 1 HTTP requests in this frame

Frame: https://bfbe0faf6068975b8fa4dcc6a6141780.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AE536583E22EFED98453F6CF86F82502
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&dcc=t
Frame ID: 740D7D3C56741C81B979DFF6E0C540B3
Requests: 1 HTTP requests in this frame

Frame: https://www.temu.com/api/adx/cm/pixel-taboola?id=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958
Frame ID: F23C24B50DFEF0B56B37F45691EA5A23
Requests: 2 HTTP requests in this frame

Frame: https://gannet-cdn.ex.co/sync/0.0.1-cc508f4/cookie_sync.html?network=368531133%2C1802083144&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Frame ID: 5CB2E85AFD3B11AE594888E2B371A6BB
Requests: 1 HTTP requests in this frame

Frame: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9-3oCABYDAFrdXNRLVr2wBABa3VzUS1a9sAUAAAAABgYA9AcAJGVybHaziWEtMY1Ma9FgNlorF87FWuFyzgYj22zmco6MAEBSJsdmN5sY1hLTyLQWDWajtXLhXKwVLudsMLLNZi7nyAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDAAWaTofPda_X_X53heFw1_jdfjkAAAAAADwA_P___0MAAAAAAEQAAAAAAEgAAAAAAFAABFQA_FsACFwAAAAAAGAA_P___2sAAJhsAAg8nRwAB_S3_O2mvz8AAAAAAEAAAAAAAEgAAAQKd0sAADrCF04A_v________9jAAboM29kAP7___9vABZ6AAAefAAAHoQAAAAALoYAztqLg9fC01yIAAAEfguLABgBAAAAAAAAAAAcAUwC6ASACsCiCuD__7_fCgDgCgAAIGDyybOAMgtAd1DiLQwAAAAAYAxggR4Wv9_ssGv8bpcB_P________-bAfyfAfyjAQi54EqlAQh7cqeoAfwCAgCsAfwCAgCwAYwbAADAG0AAHEDQARC0YjBYHQBBrIbL2QEAAAAA3AH8____6wGA1HJiWoxWs8lssHLNPLbBcGRaDAcjm8M4241cFu8B2BHk9JpqJDL2AbAIy-z3HYR8t8vw8LkMMpbLZFALZCyXySBpmVyep89uEB80DMvJIJgfwIQtRqvJZLMczpaLyWA4Go5G-wMYiM1ggAAULVmslsPVbrIYbRaLyXI3HE0mCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgaLVwrCwLm1sxWQ7Wos3G4paYJp61ZuKbzSye0criG61Fr4_p5RmunKvhFgEEA1b2InlapBOFazfa-Ia7zcTiHMw2js1sthiuXK7JZjAZDWemiViiOVmkE9ll31pOTIvRajaZDVaumcc2GI5Mi-FgZHMYZ7uRy-IvrRaOlWVhcysmy8FatNlY3BLTxLPWTHyzmcUzWll8o7Xo9TG9PMOVczXcN3abyWSwW-1m-8ZuM5kMdqvdbN9hMj1Tn7NRWDyZOy6fyBY0D2umg8JlsHhXqtNKW5AcnNuLyOlTr5UFndHv9_v9fr_f7_f7DVrPwWxQ-MaFZcX2HFutOYm2IDYoPAeLQRFLBBfpROew212m08fvNjzszrfCcLiIJUrTRTrRF_1ul-Hhc_krYongdJFOhH63y6L-I8CFDAaL6Wi5Gk4Xo8lgulhNptPFcrZKAAAAAAAAAAAASwCbAAAAAACcAAYxW20Gu3UCHMRyNVysVssFAHiIktIF-PluVXgo9g3fBbBX3UXSJMxrPAaQOIfd7jKdPn634WF3vhWGw5UBAAAEPpgBNgN8BiCItVotawAAAAABbAAAAAABbgDdALwBBJ7OcYD__39_egAAAAD6fQAgJoR64UeuFH6AghgMh5P9AwAIUIi1Wq1uN9ZqtQICCGI4GU4g4P___58gAAAAAAAAQEWwIAAAAAAAAGCJFiFAYNtNCKAQYDBEy9_t8kJAh4Ac_7oJJRgj24cAAICAySfPgVE!&cmcv=&pix=undefined&cb=1732207577578&uv=3451&tms=1732207577578&abt=adxsub-out_vA!adxsub-out_vB!tbt_loaf_fader!ufm_vE!vdprc_vD&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=ed1376b0-b4d4-4064-9a91-ae960d66fe9d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 640F243F8D6FDE7684C9ABF7CC1BFCB6
Requests: 1 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V9-3oCABYDAFrdXNRLVr2wBABa3VzUS1a9sAUAAAAABgYA9AcAJGVybHaziWEtMY1Ma9FgNlorF87FWuFyzgYj22zmco6MAEBSJsdmN5sY1hLTyLQWDWajtXLhXKwVLudsMLLNZi7nyAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDAAWaTofPda_X_X53heFw1_jdfjkAAAAAADwA_P___0MAAAAAAEQAAAAAAEgAAAAAAFAABFQA_FsACFwAAAAAAGAA_P___2sAAJhsAAg8nRwAB_S3_O2mvz8AAAAAAEAAAAAAAEgAAAQKd0sAADrCF04A_v________9jAAboM29kAP7___9vABZ6AAAefAAAHoQAAAAALoYAztqLg9fC01yIAAAEfguLABgBAAAAAAAAAAAcAUwC6ASACsCiCuD__7_fCgDgCgAAIGDyybOAMgtAd1DiLQwAAAAAYAxggR4Wv9_ssGv8bpcB_P________-bAfyfAfyjAQi54EqlAQh7cqeoAfwCAgCsAfwCAgCwAYwbAADAG0AAHEDQARC0YjBYHQBBrIbL2QEAAAAA3AH8____6wGA1HJiWoxWs8lssHLNPLbBcGRaDAcjm8M4241cFu8B2BHk9JpqJDL2AbAIy-z3HYR8t8vw8LkMMpbLZFALZCyXySBpmVyep89uEB80DMvJIJgfwIQtRqvJZLMczpaLyWA4Go5G-wMYiM1ggAAULVmslsPVbrIYbRaLyXI3HE0mCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgaLVwrCwLm1sxWQ7Wos3G4paYJp61ZuKbzSye0criG61Fr4_p5RmunKvhFgEEA1b2InlapBOFazfa-Ia7zcTiHMw2js1sthiuXK7JZjAZDWemiViiOVmkE9ll31pOTIvRajaZDVaumcc2GI5Mi-FgZHMYZ7uRy-IvrRaOlWVhcysmy8FatNlY3BLTxLPWTHyzmcUzWll8o7Xo9TG9PMOVczXcN3abyWSwW-1m-8ZuM5kMdqvdbN9hMj1Tn7NRWDyZOy6fyBY0D2umg8JlsHhXqtNKW5AcnNuLyOlTr5UFndHv9_v9fr_f7_f7DVrPwWxQ-MaFZcX2HFutOYm2IDYoPAeLQRFLBBfpROew212m08fvNjzszrfCcLiIJUrTRTrRF_1ul-Hhc_krYongdJFOhH63y6L-I8CFDAaL6Wi5Gk4Xo8lgulhNptPFcrZKAAAAAAAAAAAASwCbAAAAAACcAAYxW20Gu3UCHMRyNVysVssFAHiIktIF-PluVXgo9g3fBbBX3UXSJMxrPAaQOIfd7jKdPn634WF3vhWGw5UBAAAEPpgBNgN8BiCItVotawAAAAABbAAAAAABbgDdALwBBJ7OcYD__39_egAAAAD6fQAgJoR64UeuFH6AghgMh5P9AwAIUIi1Wq1uN9ZqtQICCGI4GU4g4P___58gAAAAAAAAQEWwIAAAAAAAAGCJFiFAYNtNCKAQYDBEy9_t8kJAh4Ac_7oJJRgj24cAAICAySfPgVE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: B558CFFAE2ECA7C8848D5CC7A8D7BA9E
Requests: 1 HTTP requests in this frame

Frame: https://cm.app.com/overlay/entrance_110624_LocalBAU24
Frame ID: D98CC7449218483A30CE9CB80561B9B5
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 5E2007E87763C1539F464FFA23B1E8A6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvBd7BNO-WN7ZioXGBFTUlONrTnE8HQ35RACbZyjdTcV3bIxLzG84U1FnGI7onLFRdTouwsKSfoNcbYUAV2QlYpkUI3PZ1pvKIurJ5X9gBi4uqysVRc82YZbKr4ivgcZ3jubPIYJaD9hMoqj6kShfUQcCvmGBPizxrR0IolAp0BklgNeNHf37e2n4l9eBDGDhv9S3pn26whJjOMY2aIc7cbnALP-BGS9RiheVTag2H7dHHwr2Zm9n1ODhdvqvP_qgE7SOAZoAgBC0U8OnzimbDowqjYmIi0bLzlWe5SHEWs1qJ39Wz_Xj_-8MRK2sUrOakoWlrkT51OgFpKZNY5mVldeTQB2PcSZWmoNcwD00JuOMmUroiLjUj9FovmG4dm9igK9OrVXwXPlWYTN1XUgoCUTFYg3qxbq67GkdmEZet4o4Ci1bEvQraZYj9arLcERYYu2oaFYSqL0HYbig&sig=Cg0ArKJSzE9TMO9syu3lEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 24440D302956F164E14A38D165CAAB48
Requests: 21 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/papi.js
Frame ID: 0D0030F6FEDE7364F992AB3320F96661
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&predirect=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D21527%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3DPM_UID
Frame ID: AC53237A1F29252BD3F68D993C6EB3AC
Requests: 1 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=6819bca2fff5ea7cc1e23ab3935ccf0
Frame ID: 41048F2F6D0D5A4102916FFC9A428331
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D&s=190719&C=1
Frame ID: BAFBEE4D2BC12099D52ACB2CB941E58F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east&gpp=[GPP]&gpp_sid=[GPP_SID]
Frame ID: 2B77FE51280CD97157D3344550A68A9A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.channelexco.com/cookie_sync?bid=11395&srv=channelexco.com&uid=5727811877443088093&gdpr=0&gdpr_consent=
Frame ID: D452EA0014624AFB6D4C7BA753E688BE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ex.co/player/pb/3.13.0/expb.js
Frame ID: 3C71D854EE08FCCA30C7740733A639C0
Requests: 19 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/7c7ea9ed-8cd5-4a12-83ce-277e3bff2ea7/grumi.js
Frame ID: 2E61653616BCF84DDC1259B59E535396
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 72D58E0E0C3097535519DB7CEEA17C2D
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N30608.3752770-QUANTCAST/B29192617.357392513;dc_ver=102.299;sz=300x600;u_sd=1;gdpr=0;nel=1;dc_adk=2912815425;ord=cq1qjn;click=https%3A%2F%2Fexch.quantserve.com%2Fr%3F%26a%3Dp-y6Nyh2U0YDhwK%26labels%3D_qc.clk%2C_click.adserver.rtb%2C_click.rand.15836839%26rtbip%3D192.184.73.144%26rtbdata2%3DEAM6E2h0dHBzOi8vd3d3LmFwcC5jb21aJEw3SmNvUktPVjZzQ3J5bmVNODEzb2hMUVZzMDBzZmJPcEhvPYAB15663Qq6AQDAAeDUA8gB7fz3_LQy2gElQzBGRTAyNzMtMjg3OS00OTI1LTlCMDgtQUYzODc3QzgwOTcxQrACDsgCANACzuGG-_if98ypAegCugfyAg8InOYfEOHJi4im_Pyr9wHyAg4IugcQxLv8sJWokqa1AfgCAIoDBjE2NTQ2NpgDAKgDALIDBJ3-McS6AxIJgk0K-FoZ3xERFDQckqYeUJzCAxIJVEcWfzt6N6AR741Fz3xB3KvIA76AwBPYA6fNxgfiAw9wLXk2TnloMlUwWURod0vqAwYIrAIQ2ATyAwltNWElMjAwYTH4AwCABPIYigQCNzeaBBIJ0kB7QPTpYyARIIfB0WNqrpWiBBIJgk0K-FoZ3xERFDQckqYeUJyqBBIJgk0K-FoZ3xERFDQckqYeUJy4BEjQBBXyBAJDQYAFAYoFKjIwODcyOGRmZDFmODM0OTgxOWEzMzdiNzQwODdjZDBjZTM0Yjg0YWU2MpAFAZoFFSCHKN_R-DSYGaM3t0CHzQzjS4SuYqIFJEw3SmNvUktPVjZzQ3J5bmVNODEzb2hMUVZzMDBzZmJPcEhvPbgFAMAF2bK5-A_IBd38qATSBQYIAhABGB_oBQeaBhQKEgnSQHtA9OljIBEgh8HRY2qulaAGALUGiy56OroGSgoCQ0ESAk9OGPfMByIHdG9yb250byoJbTVhJTIwMGExOih2YW50aXZhJTIwdXNhJTIwc2hhcmVkJTIwc2VydmljZXMlMjBpbmMuyQbI8DBtlrh_B9AGB9gGHOIGJl9mcC5ldmVudC5UaWNrZXQgUHVyY2hhc2UgQ29uZmlybWF0aW9u6gYVaHR0cHM6Ly9mbHlwb3J0ZXIuY29t8QYC8DBtlrh_B_gGAYAHAA%26redirecturl3%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.app.com%2F$0;xdt=0;crlt=kr_sXhaqbw;gcsr=m;stc=1;chaa=1;sttr=497;prcl=s
Frame ID: 6E94FA3932A75E08157389157075C85F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3658AF0A2B34B96FAA21950528CFFBE1
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=165466&siteId=1266954&adId=6238589&imprId=99BEB569-DDF4-4105-863F-D619E6F26EBA&cksum=E1C8E0CE438EFFA9&adType=10&adServerId=243&kefact=0.060000&kaxefact=0.060000&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1732207574&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.060000&dcId=2&tldId=0&passback=0&svr=BIDNJE10724&adsver=_602816652&adsabzcid=0&cls=BID&i0=0x3100000000000000&ekefact=1mM_Z-aICgB7bGQWHb4PkXWxfl_Mezt6ycRmeQXCoTgybJ49&ekaxefact=1mM_Z-yICgCy7JECCmkcSzVC95JLcyJibZomih2tOQ0J2rUO&ekpbmtpfact=1mM_Z_GICgCfNMe6yVp7RT3WfZbIh3uLpwwQkT5bJcGEhcwl&enpp=1mM_Z_aICgAS5Or8d8pKUwwUOgqeGr-CHflJd3BQH3jKpL58&pmr_m=1mM_Z_uICgBx081udyv7P13hACAyDt5XiobEMiNnTYaHlh4V&mdsp=1mM_ZwKJCgCqg3Q_SxgbVzHYPWVZS2B2Jjnzghtqm0IAlTrI&pfi=1&domId=13711471118807611990&dc=NJE1&pubBuyId=48503&crID=a0377a3b-7f16-4754-abdc-417ccf458def&lpu=flyporter.com&ucrid=13021352673772408942&wAdType=10&campaignId=19420&creativeId=0&pctr=0.000000&wDSPByrId=77&wDspId=153&wbId=0&wrId=0&wAdvID=50579&wDspCampId=11df195a-f80a-4d82-9c50-1ea6921c3414&isRTB=1&rtbId=C0FE0273-2879-4925-9B08-AF3877C80971B&burl=https%3A%2F%2Fus-east-pubmatic-rtb.quantserve.com%3A8443%2Fpubmatic_openrtb_notify%3FauctionId%3DC0FE0273-2879-4925-9B08-AF3877C80971B%26winPrice%3D0.060000%26rtbdata2%3DEAM6E2h0dHBzOi8vd3d3LmFwcC5jb21aJEw3SmNvUktPVjZzQ3J5bmVNODEzb2hMUVZzMDBzZmJPcEhvPYAB15663Qq6AQDAAeDUA8gB7fz3_LQy2gElQzBGRTAyNzMtMjg3OS00OTI1LTlCMDgtQUYzODc3QzgwOTcxQrACDsgCANACzuGG-_if98ypAegCugfyAg8InOYfEOHJi4im_Pyr9wHyAg4IugcQxLv8sJWokqa1AfgCAIoDBjE2NTQ2NpgDAKgDALIDBJ3-McS6AxIJgk0K-FoZ3xERFDQckqYeUJzCAxIJVEcWfzt6N6AR741Fz3xB3KvIA76AwBPYA6fNxgfiAw9wLXk2TnloMlUwWURod0vqAwYIrAIQ2ATyAwltNWElMjAwYTH4AwCABPIYigQCNzeaBBIJ0kB7QPTpYyARIIfB0WNqrpWiBBIJgk0K-FoZ3xERFDQckqYeUJyqBBIJgk0K-FoZ3xERFDQckqYeUJy4BEjQBBXyBAJDQYAFAYoFKjIwODcyOGRmZDFmODM0OTgxOWEzMzdiNzQwODdjZDBjZTM0Yjg0YWU2MpAFAZoFFSCHKN_R-DSYGaM3t0CHzQzjS4SuYqIFJEw3SmNvUktPVjZzQ3J5bmVNODEzb2hMUVZzMDBzZmJPcEhvPbgFAMAF2bK5-A_IBd38qATSBQYIAhABGB_oBQeaBhQKEgnSQHtA9OljIBEgh8HRY2qulaAGALUGiy56OroGSgoCQ0ESAk9OGPfMByIHdG9yb250byoJbTVhJTIwMGExOih2YW50aXZhJTIwdXNhJTIwc2hhcmVkJTIwc2VydmljZXMlMjBpbmMuyQbI8DBtlrh_B9AGB9gGHOIGJl9mcC5ldmVudC5UaWNrZXQgUHVyY2hhc2UgQ29uZmlybWF0aW9u6gYVaHR0cHM6Ly9mbHlwb3J0ZXIuY29t8QYC8DBtlrh_B_gGAYAHAA%26notificationType%3Dbilling%26labels%3D_qc.notification&ver=24&dateHr=2024112116&usrgen=0&usryob=0&layeringebl=1&gctry=ca&greg=on&uid=0&mid=0&wccookied=0&qpsladszid=681&eburl=aHR0cHM6Ly91cy1lYXN0LXB1Ym1hdGljLXJ0Yi5xdWFudHNlcnZlLmNvbTo4NDQzL3B1Ym1hdGljX29wZW5ydGJfbm90aWZ5P2F1Y3Rpb25JZD1DMEZFMDI3My0yODc5LTQ5MjUtOUIwOC1BRjM4NzdDODA5NzFCJndpblByaWNlPTAuMDYwMDAwJnJ0YmRhdGEyPUVBTTZFMmgwZEhCek9pOHZkM2QzTG1Gd2NDNWpiMjFhSkV3M1NtTnZVa3RQVmpaelEzSjVibVZOT0RFemIyaE1VVlp6TURCelptSlBjRWh2UFlBQjE1NjYzUXE2QVFEQUFlRFVBOGdCN2Z6M19MUXkyZ0VsUXpCR1JUQXlOek10TWpnM09TMDBPVEkxTFRsQ01EZ3RRVVl6T0RjM1F6Z3dPVGN4UXJBQ0RzZ0NBTkFDenVHRy1faWY5OHlwQWVnQ3VnZnlBZzhJbk9ZZkVPSEppNGltX1B5cjl3SHlBZzRJdWdjUXhMdjhzSldva3FhMUFmZ0NBSW9EQmpFMk5UUTJOcGdEQUtnREFMSURCSjMtTWNTNkF4SUpnazBLLUZvWjN4RVJGRFFja3FZZVVKekNBeElKVkVjV2Z6dDZONkFSNzQxRnozeEIzS3ZJQTc2QXdCUFlBNmZOeGdmaUF3OXdMWGsyVG5sb01sVXdXVVJvZDB2cUF3WUlyQUlRMkFUeUF3bHROV0VsTWpBd1lUSDRBd0NBQlBJWWlnUUNOemVhQkJJSjBrQjdRUFRwWXlBUklJZkIwV05xcnBXaUJCSUpnazBLLUZvWjN4RVJGRFFja3FZZVVKeXFCQklKZ2swSy1Gb1ozeEVSRkRRY2txWWVVSnk0QkVqUUJCWHlCQUpEUVlBRkFZb0ZLakl3T0RjeU9HUm1aREZtT0RNME9UZ3hPV0V6TXpkaU56UXdPRGRqWkRCalpUTTBZamcwWVdVMk1wQUZBWm9GRlNDSEtOX1ItRFNZR2FNM3QwQ0h6UXpqUzRTdVlxSUZKRXczU21OdlVrdFBWalp6UTNKNWJtVk5PREV6YjJoTVVWWnpNREJ6Wm1KUGNFaHZQYmdGQU1BRjJiSzUtQV9JQmQzOHFBVFNCUVlJQWhBQkdCX29CUWVhQmhRS0VnblNRSHRBOU9saklCRWdoOEhSWTJxdWxhQUdBTFVHaXk1Nk9yb0dTZ29DUTBFU0FrOU9HUGZNQnlJSGRHOXliMjUwYnlvSmJUVmhKVEl3TUdFeE9paDJZVzUwYVhaaEpUSXdkWE5oSlRJd2MyaGhjbVZrSlRJd2MyVnlkbWxqWlhNbE1qQnBibU11eVFiSThEQnRscmhfQjlBR0I5Z0dIT0lHSmw5bWNDNWxkbVZ1ZEM1VWFXTnJaWFFnVUhWeVkyaGhjMlVnUTI5dVptbHliV0YwYVc5dTZnWVZhSFIwY0hNNkx5OW1iSGx3YjNKMFpYSXVZMjl0OFFZQzhEQnRscmhfQl9nR0FZQUhBQSZub3RpZmljYXRpb25UeXBlPWJpbGxpbmcmbGFiZWxzPV9xYy5ub3RpZmljYXRpb24=&oid=99BEB569-DDF4-4105-863F-D619E6F26EBA&cntryId=40&sec=1&pAuSt=3&wops=0&sURL=app.com&BrID=5&te=1
Frame ID: BFADCAFEC68F1AB6266A9D707BDF9601
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x600&pubId=4763756135&chanId=145219968&placementId=6228309075&pubCreative=138285945346&pubOrder=3157456942&cb=712399650&adsafe_par&impId=1f8913d7-a828-11ef-905c-22f9a6b797eb&custom2=direct&custom3=home-front
Frame ID: 90959482A4C08AC61F326E34F63B0700
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Frame ID: 9017D96CBE1ED37C4E532CAA471CBEF5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 075CB274681704166E11E42D0D2CCE34
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Frame ID: 838189F5F9BBE2219E3AB3A748D9A696
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 45E45610010BCEC73DB3935D590FE692
Requests: 1 HTTP requests in this frame

Frame: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Frame ID: 17667BDFA0E490BF43F2DAEFB0265B4F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 380F608D08DDAAECFC9EFDCA59290415
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 8DEB7EE5FAC1FB0571C355B069107E59
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 991857E0B27B709DB45A0576ED825CD3
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: B32B7B96D51754FF145384AD9BAC0800
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: D3BDF15F30B8DD5AC692F6D0008B83CA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: 949DE59AE8BAFBDAB458AAFB50F8CF33
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2BB3FE3E973F61FE0B7090DE46F64AD8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8F1630B9FD107B3668E513EDF372B7EF
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 06CD89FD347802061AB44E339A39ACD4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F72A529603B003F7FA762A1CF8C84A1E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 5762AF2AD2243775221A7CAA47071B90
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=6a3690d7-dcfd-415d-c24e-c06b020d97fc&gdpr=0&gc=&gce=1&us_privacy=&gpp=&gpp_sid=
Frame ID: 6E9BC799A084E1D8A84D1898736A85D3
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 56A80B68683049C9E6E30BC144549D5A
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 883722EA42F6B156BF020711EF89E660
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Asbury Park Press NJ | Jersey Shore & New Jersey News

Page URL History Show full URLs

  1. http://coupang.app.com/ HTTP 307
    https://coupang.app.com/ HTTP 301
    https://www.app.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

313
Requests

89 %
HTTPS

26 %
IPv6

64
Domains

128
Subdomains

82
IPs

4
Countries

5452 kB
Transfer

15173 kB
Size

268
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://coupang.app.com/ HTTP 307
    https://coupang.app.com/ HTTP 301
    https://www.app.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://match.sharethrough.com/FGMrCMMc/v1?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirectUri=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://www.app.com/pbd/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&f=i&uid=81f3ca1e-fe76-4c3f-90c1-53bd01f7c506
Request Chain 46
  • https://ad.doubleclick.net/ddm/activity/src=9782452;type=visits;cat=ganne0;u1=app.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1133320409345912 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=9782452;dc_pre=CIzS0Ynw7YkDFW3t9QIdNmc21w;type=visits;cat=ganne0;u1=app.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1133320409345912 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=9782452;dc_pre=CIzS0Ynw7YkDFW3t9QIdNmc21w;type=visits;cat=ganne0;u1=app.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1133320409345912
Request Chain 69
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mjg2QzE0RUItNzlCMS00MENDLTkwOTAtMzc4NjEyMjZCODgx&gdpr=-1&gdpr_consent=&google_cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=CAESENz607oYjRdeZzw9kw6pT64&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://www.app.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=286C14EB-79B1-40CC-9090-37861226B881
Request Chain 86
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&dcc=t
Request Chain 88
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003EkOH8AAN&gdpr=0&src=pbjs&ver=8.27.0&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003EkOH8AAN&gdpr=0&src=pbjs&ver=8.27.0&coppa=0&b=1&tp=4GdGOrll2M3ES2%2B4peZ96LauOxLw%2BhUVDrEhFvC8488%3D
Request Chain 97
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%3Cvsid%3E&gpp=&gpp_sid= HTTP 302
  • https://www.app.com/pbd/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=3752091778179636000V10
Request Chain 134
  • https://sync.taboola.com/sg/temurtbnative-network/1/rtb/ HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-taboola?id=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958
Request Chain 135
  • https://ib.adnxs.com/setuid?entity%3D584%26code%3D%7BtaboolaID%7D%26gdpr%3D%7Bgdpr_applies%7D%26gdpr_consent%3D%7Bdaisybit%7D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%253D584%2526code%253D%257BtaboolaID%257D%2526gdpr%253D%257Bgdpr_applies%257D%2526gdpr_consent%253D%257Bdaisybit%257D
Request Chain 152
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://www.app.com/pbd/setuid?bidder=colossus&gdpr=&gdpr_consent=&f=i&uid=e16793ff-2d52-4a92-bd7d-ad2bc0e3096b
Request Chain 154
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 166
  • https://exch.quantcount.com/pixel/p-y6Nyh2U0YDhwK.gif?iid=540353436524277762&labels=_qc.extra_user_agent&platform=&platformVersion=&model= HTTP 302
  • https://pixel-ssn.quantcount.com/pixel/p-y6Nyh2U0YDhwK.gif?iid=540353436524277762&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=cb38e251-6773-4d89-b57f-27d3e1828719
Request Chain 172
  • https://ads.stickyadstv.com/user-matching?id=3684&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=6819bca2fff5ea7cc1e23ab3935ccf0
Request Chain 173
  • https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D&s=190719&C=1
Request Chain 174
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east&gpp=[GPP]&gpp_sid=[GPP_SID] HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east&gpp=[GPP]&gpp_sid=[GPP_SID]
Request Chain 175
  • https://ssbsync.smartadserver.com/api/sync?callerId=35 HTTP 302
  • https://rtb.channelexco.com/cookie_sync?bid=11395&srv=channelexco.com&uid=5727811877443088093&gdpr=0&gdpr_consent=
Request Chain 176
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Frtb.channelexco.com.com%2Fcookie_sync%3Fbid%3D8197%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Frtb.channelexco.com.com%2Fcookie_sync%3Fbid%3D8197%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://rtb.channelexco.com.com/cookie_sync?bid=8197&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=JtGuALZHtsTpYmeER2e_REvT
Request Chain 177
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D21635%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D$UID HTTP 302
  • https://rtb.channelexco.com/cookie_sync?bid=21635&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=4084451142370176893291
Request Chain 178
  • https://secure.adnxs.com/getuid?https://rtb.channelexco.com/cookie_sync?bid=19349&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=$UID HTTP 302
  • https://rtb.channelexco.com/cookie_sync?bid=19349&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=7977835346143707685
Request Chain 179
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://www.app.com/pbd/setuid?bidder=openx&gdpr=&gdpr_consent=&f=i&uid=9e2eb754-31fe-4844-b70e-89f2ae43a483
Request Chain 182
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ps.ex.co/setuid?bidder=appnexus&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=7977835346143707685
Request Chain 188
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 191
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dtrustx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dtrustx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://www.app.com/pbd/setuid?bidder=trustx&gdpr=&gdpr_consent=&f=i&uid=f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
Request Chain 195
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Request Chain 212
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dtrustx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ps.ex.co/setuid?bidder=trustx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
Request Chain 214
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://www.app.com/pbd/setuid?bidder=appnexus&gdpr=&gdpr_consent=&f=i&uid=7977835346143707685
Request Chain 234
  • https://pixel.adsafeprotected.com/rfw/st/2184108/81709832/skeleton.js?ias_advId=${ACCOUNT_ID}&ias_creativeId=0&ias_campId=9059933&ias_placementId=9160149&adsafe_par&ias_impId=540353436524277762&custom=a0377a3b-7f16-4754-abdc-417ccf458def&custom2=11df195a-f80a-4d82-9c50-1ea6921c3414&custom3=p-y6Nyh2U0YDhwK&adsafe_url=https%3A%2F%2Fwww.app.com%2F&adsafe_type=abedfq&adsafe_jsinfo=,id:cee99a89-eb2a-c0e9-93fa-b59a20248664,c:uGtl9w,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-experiment-primary-6d98577b5b-x7r5r,rg:va,pt:1-5-15,wc:1570.1170.1600.1200,ac:2580.1947.300.600,am:i,cc:2580.1947.300.600,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:ctKpc1,mtim:2831,mot:0,app:0,maw:0,tdt:s,fm:uuMutMU+11%7C12%7C13%7C14%7C151%7C1521%7C1522%7C1523%7C1611%7C16121%7C16122%7C161231%7C161232%7C161233%7C161234%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C161c%7C17%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d*.2184108-81709832%7C1d1%7C1d2%7C1d3%7C1d4%7C1e1%7C1e2%7C1f1%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1g7%7C1g8%7C1g9%7C1ga%7C1gb%7C1gc%7C1gd%7C1ge%7C1gf%7C1gg%7C1gh%7C1gi%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1d*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:2943,oid:21b78ca5-a828-11ef-80ae-f2ac3794567f,v:19.8.554,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ff:1,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 242
  • https://sync.go.sonobi.com/us.gif?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://www.app.com/pbd/setuid?bidder=sonobi&gdpr=&gdpr_consent=&f=i&uid=873c37bf-3392-4538-8a35-a37831bb8e33
Request Chain 243
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://ps.ex.co/setuid?bidder=sonobi&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=873c37bf-3392-4538-8a35-a37831bb8e33
Request Chain 258
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirectUri=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://www.app.com/pbd/setuid?bidder=yieldmo&f=i&uid=VFrQE33vJQ3zQaWuay7b&gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
Request Chain 264
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 266
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://ps.ex.co/setuid?bidder=sonobi&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=873c37bf-3392-4538-8a35-a37831bb8e33
Request Chain 283
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-gannett&redirect_domain=www.app.com&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://www.app.com/pbd/setuid?bidder=rubicon&uid=M3RJO5Q0-27-EL9C
Request Chain 287
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
  • https://ps.ex.co/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
Request Chain 289
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID&gdpr=&gdpr_consent= HTTP 302
  • https://www.app.com/pbd/setuid?bidder=smaato&gdpr=&gdpr_consent=&f=i&uid=1401b34b29
Request Chain 293
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://www.app.com/pbd/setuid?bidder=triplelift&gdpr=&gdpr_consent=&f=i&uid=4084451142370176893291

313 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.app.com/
Redirect Chain
  • http://coupang.app.com/
  • https://coupang.app.com/
  • https://www.app.com/
170 KB
56 KB
Document
General
Full URL
https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d12a93038272c3b3c33b4b0062c16d362da00bf9aac59af68adb2d849bbd19a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
no-store
content-encoding
br
content-length
55160
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
content-security-policy-report-only
script-src https: blob: 'unsafe-inline' 'unsafe-eval' 'self';base-uri 'self';report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 21 Nov 2024 16:46:14 GMT
etag
W/"2f7f4-QDDcbacSjlaShYwvSv1KZ8iUDhk"
feature-policy
camera 'none';display-capture 'none';geolocation 'none';microphone 'none';payment 'none';usb 'none';xr-spatial-tracking 'none'
link
<https://user.app.com/PAPP-GUP/user/>;rel=preload;as=fetch;crossorigin=use-credentials;nopush,<https://www.app.com/tangstatic/svg/weather/7-q1a2z3371d08dc.svg>;rel=preload;as=image;nopush
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
origin-agent-cluster
?1
permissions-policy
camera=(),display-capture=(),geolocation=(),microphone=(),payment=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
server-timing
gnt_i;desc="07483534861843373259*577*CA~ON"
strict-transport-security
max-age=63072000;includeSubDomains;preload
vary
Accept-Encoding,User-Agent,Sec-CH-UA-Mobile
x-cache
MISS, MISS, MISS
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block

Redirect headers

accept-ranges
bytes
cache-control
max-age=600
content-length
0
date
Thu, 21 Nov 2024 16:46:13 GMT
gannett-debug-path
(null); false-redirect: false X-UA-Device: desktop; final redirect: coupang.app.com==>https://www.app.com/ ttl: (null);
location
https://www.app.com/
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul1970046-YUL
x-timer
S1732207574.587038,VS0,VE0
/
user.app.com/PAPP-GUP/user/
1 KB
2 KB
Other
General
Full URL
https://user.app.com/PAPP-GUP/user/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7b4b4d272c69c9ec049592526a53794b8dff4372e521d64603822d00dd23a93d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

x-clacks-overhead
GNU Terry Pratchett
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 16:46:14 GMT
x-cache
MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
application/json
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
x-frame-options
DENY
vary
Origin
content-security-policy
frame-ancestors 'none'
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
cross-origin-opener-policy
same-origin
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish
gup-request-id
6c0658fbb6647eba6163c54f0eef198e
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
content-length
1121
server
nginx
7-q1a2z3371d08dc.svg
www.app.com/tangstatic/svg/weather/
392 B
429 B
Image
General
Full URL
https://www.app.com/tangstatic/svg/weather/7-q1a2z3371d08dc.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f0f7932c11059707e73d8ef0f91e70e0cf7a7faf2f18fccffbdad0a6f2e1f8eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, immutable, max-age=315360000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
content-encoding
br
age
783919
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
accept-ranges
bytes
x-cache
MISS, HIT, HIT
content-length
255
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Nov 2024 14:31:35 GMT
vary
Accept-Encoding
pbjsandwichdirecta9-q1a2z39bc6a581.min.js
www.app.com/tangstatic/js/
290 KB
79 KB
Script
General
Full URL
https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b352d8e12f630f1d8ad487dcc7d40b3dc5a7c10e907527243cd2048ed0d488e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, immutable, max-age=315360000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
content-encoding
br
age
867303
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
accept-ranges
bytes
x-cache
MISS, HIT, HIT
content-length
80714
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
application/javascript
last-modified
Mon, 11 Nov 2024 15:46:49 GMT
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/
345 KB
85 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"f4218dbb17ff2c3421282ef9135e5375"
age
3415
via
1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront), 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
IZObpp-BZ4zcpOI8qfMu5UYjd3HYNn8UH13gE7Q343W-N7Z-y9I7sA==
date
Thu, 21 Nov 2024 15:49:20 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 22:51:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
x-amz-server-side-encryption
AES256
iasPET.1.js
static.adsafeprotected.com/
22 KB
7 KB
Script
General
Full URL
https://static.adsafeprotected.com/iasPET.1.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:fa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9823d0872c81c8e82c90402e16618a0cdf9e457822bae78a0692de1b6bafc2bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

vary
Accept-Encoding
x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
bIt.tFjTDd30g9URWBswZyaJ1NsJsw2q
etag
W/"cf6b3387aa6a3743209472e160699684"
age
65374
via
1.1 4bcc80622a10d0ee4a55e5fd4f387c84.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
GLswIoufrfTVxGYj6T-fbMpybAm7TqUxLcdpOIRSOQ8_i6z4IlJuXg==
date
Wed, 20 Nov 2024 22:36:41 GMT
content-type
application/javascript
last-modified
Tue, 15 Oct 2024 16:02:35 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
gannett_net.js
cdn.brandmetrics.com/tag/f5e47f5ae82e4c48bbc1a7f9281ed95b/
5 KB
3 KB
Script
General
Full URL
https://cdn.brandmetrics.com/tag/f5e47f5ae82e4c48bbc1a7f9281ed95b/gannett_net.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30254e255422accd9499d4ebe8306d4a293fe5f10c53719b299fd70a1a0b77b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
1733
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ep7mcxvd1eOm6%2Fi8zjPkX4rcnAxbD8bSA2ySWF9LHc%2F4GBMkiFajvZyReUX%2FnVGeYjMxyvPisKv7a7oFTzgaNJKXNfxsU2czYaaPm1%2BKhdN3eVbcjwPHPV69pjvfZt0FkGBbzrplZ6bZLnpzeac%2F0Wxl"}],"group":"cf-nel","max_age":604800}
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-ray
8e62279e898a41c1-EWR
server-timing
cfL4;desc="?proto=TCP&rtt=16223&sent=7&recv=7&lost=0&retrans=0&sent_bytes=4012&recv_bytes=2181&delivery_rate=250783&cwnd=254&unsent_bytes=0&cid=dec1b92d25635868&ts=306&x=0"
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
text/javascript;charset=utf-8
last-modified
Thu, 21 Nov 2024 16:17:21 GMT
vary
Accept-Encoding
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/
108 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a74d9724ae67f74751f2e4cce56f6d6e500233aef75597aaed1a501921b0099e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
796 / 20048 / m202411180101 / config-hash: 79477889192541496
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 16:46:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33486
x-xss-protection
0
server
cafe
main-q1a2z3cc252fdc.min.js
www.app.com/tangstatic/js/
89 KB
34 KB
Script
General
Full URL
https://www.app.com/tangstatic/js/main-q1a2z3cc252fdc.min.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af9e2a83c2bc6cccaa29c0ad55d30708ea9cc921faf02e106bfbda33cc0f6b1e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, immutable, max-age=315360000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
content-encoding
br
age
511124
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
accept-ranges
bytes
x-cache
MISS, HIT, HIT
content-length
34289
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 18:44:37 GMT
vary
Accept-Encoding
loader.js
cdn.taboola.com/libtrc/gannett-network/
2 MB
363 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/gannett-network/loader.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5d54d9a4d92439573737d236717f4cc3d0f21bc75de2ba49d06964d4f7d1b61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"d92305c86b09cbf5835486d6ee6e5cd2ad3ff575"
x-amz-version-id
zfOfTmcpI4lurFsfyDR5oHXM1tvebKDC
age
2538
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 16:01:49 UTC
x-served-by
cache-yul1970072-YUL
x-cache-hits
1
x-amz-id-2
LtQAOGJ3+Im71CjZ4h3ATRpA4CRx/r4EaVMaXCAXvRMCm2D8jBjtAnzQCvuu/hNQWi5MnMHIA5s=
vary
Accept-Encoding, Accept-Encoding
x-amz-replication-status
FAILED
cache-control
private,max-age=14400
x-envoy-upstream-service-time
13
x-timer
S1732207575.205677,VS0,VE2
via
1.1 varnish
x-amz-request-id
4TE1H9ZSS72TJWDB
accept-ranges
bytes
access-control-allow-origin
*
abp
27
content-length
371257
x-from-cache
1
server
nginx
x-amz-server-side-encryption
AES256
config.js
cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/
866 KB
166 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8065b7df2963238e83bb9613a83a56e3b411798d45a53810eaaa3874b58d72ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"9c5200c278b3b1d741c030f7b31c5e5c"
age
63
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 16:09:10 GMT
vary
Accept-Encoding
x-amz-id-2
irXQEII3Fn2Mk6/9xAbdHIyLtcS2mM+hdcRiLkX5BGiRMpHIhVZaQvP+eRTmBETYFWyxcTPy7Is=
cache-control
public, max-age=900, stale-while-revalidate=3600
x-amz-request-id
T4YV8QP65WVJPSN5
cf-ray
8e62279eddc6c411-EWR
accept-ranges
bytes
content-length
169213
server
cloudflare
x-amz-server-side-encryption
AES256
76185278007-getty-images-2173558258.jpg
www.app.com/gcdn/authoring/authoring-images/2024/11/10/PAPP/
65 KB
65 KB
Image
General
Full URL
https://www.app.com/gcdn/authoring/authoring-images/2024/11/10/PAPP/76185278007-getty-images-2173558258.jpg?crop=2119,1193,x0,y103&width=660&height=370&format=pjpg&auto=webp
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80677a4b5c39b39809f96e0ccdfed9384336c12ffa40d1f1d553e77901b17028
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

etag
"TU1F7YwwJQExKHVEUdvgw30QwJvwVFAUX/CFd6hn4Dc"
age
887926
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
66916
76197815007-plumstedsewer-1106-b.jpg
www.app.com/gcdn/authoring/authoring-images/2024/11/11/PAPP/
6 KB
6 KB
Image
General
Full URL
https://www.app.com/gcdn/authoring/authoring-images/2024/11/11/PAPP/76197815007-plumstedsewer-1106-b.jpg?crop=2399,1350,x0,y0&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d820a5264dfff129308165d185e4ac3a5f9e2a5d28a6391831b27935fbfd080
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

etag
"V89CNx2uiPp2pES0GPqZuoV8dWyYaXGcmwyzhTfnKUs"
age
30402
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
5892
76476570007-mc-rib-mc-donalds-sauce-jug.jpg
www.app.com/gcdn/authoring/authoring-images/2024/11/21/PAPP/
3 KB
4 KB
Image
General
Full URL
https://www.app.com/gcdn/authoring/authoring-images/2024/11/21/PAPP/76476570007-mc-rib-mc-donalds-sauce-jug.jpg?crop=199,113,x0,y29&width=199&height=111&format=pjpg&auto=webp
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c20e6200f71d128e8a1feff9bbf8aee67e26da41044e47a6af6314eeeb643f23
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

etag
"qNigecfwfj2q2Sy4l3Z0GVkTu9UiPznH7feHdZn1xB4"
age
4874
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
3280
139959b6-8651-4c79-be21-bf04ce2284fa-OSPREYWALL0906E.jpg
www.app.com/gcdn/presto/2021/09/06/PAPP/
5 KB
5 KB
Image
General
Full URL
https://www.app.com/gcdn/presto/2021/09/06/PAPP/139959b6-8651-4c79-be21-bf04ce2284fa-OSPREYWALL0906E.jpg?crop=2399,1349,x1,y7&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e9e22c90f4d3a638dd09a6064a8f838d69839068e056ea5ea8634cb59f8539f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

etag
"z9AcgFlNG8mZ2sKkUn4+rXC3gil8vazGcEu+78KB4Yc"
age
23360
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
4884
76415901007-clean.jpg
www.app.com/gcdn/authoring/authoring-images/2024/11/18/USAT/
4 KB
4 KB
Image
General
Full URL
https://www.app.com/gcdn/authoring/authoring-images/2024/11/18/USAT/76415901007-clean.jpg?crop=1079,607,x0,y768&width=660&height=371&format=pjpg&auto=webp&quality=40
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
11525efb02094ebc00fce553967f57983411eb1dbc30204e6b08a0e6fe9c115f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

etag
"oO6WFCOd1/Ebe4liLwmGkYDyw3xCDLBhmQGC94iu93Q"
age
231314
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
4320
truncated
/
8 KB
8 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09ff51e8da83c9e21d60dfe0362dd8ba6757e563659f1ab043779e1dd5118b4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
adx
securepubads.g.doubleclick.net/gampad/
0
254 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/adx?t=position%3Dnative-front_tile&iu=7103%2Fnj-asburypark-C1171%2Fnative-front_tile%2Fhomepage&sz=2x3&cust_params=utm_props%3D%7C%7C%26navigationtype%3Ddirect%26cst_section%3Dhomepage%26pageType%3Dhome-front%26property%3DPAPP%26sitepage%3DPAPP%2Fhome%26ssts_section%3Dhome%26aam_props%3Dtangent-desktop%7Cdesktop%7Chomefront%26build%3Dtangent-desktop%26gnt_sb%3D19%26gnt_ub%3D95%26variant%3D0060_ex_B&pageId=1732207574438_233413257&tfcd=0&c=115309720425699
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
text/html; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.app.com
content-length
0
x-xss-protection
0
server
cafe
sdk.js
exbd.ex.co/
260 KB
75 KB
Script
General
Full URL
https://exbd.ex.co/sdk.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21d9a7dc3edd4fcc04c12f9c6fa2e80d3d6bb76892926a5d5ce644ff11274fd5
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
"c66b655d607cf867bf43272e381881d2"
age
1803775
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:15 GMT
last-modified
Thu, 31 Oct 2024 19:36:52 GMT
vary
Accept-Encoding
x-cache-hits
5676
content-type
application/javascript;charset=utf-8
x-served-by
cache-yul1970074-YUL
strict-transport-security
max-age=31557600
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
x-timer
S1732207575.227963,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
76741
server
AmazonS3
cookie_sync
www.app.com/pbd/
4 KB
1 KB
Fetch
General
Full URL
https://www.app.com/pbd/cookie_sync
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9f1752e77cfe685b15ce30b4337cecc4804a1e6561c498b0722e4059e395f5a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
cache-control
no-store
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
x-timer
S1732207575.582180,VS0,VE41
accept-ranges
bytes
x-xss-protection
1;mode=block
auction
www.app.com/pbd/openrtb2/
88 KB
15 KB
Fetch
General
Full URL
https://www.app.com/pbd/openrtb2/auction
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8d78ea42c6a2dcb9066ebaa8a8d6a56a108e3e3e89308ac2c7f8f865b35df16
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
observe-browsing-topics
?1
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
application/json
vary
accept-encoding
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
cache-control
no-store
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-timer
S1732207575.596172,VS0,VE1044
accept-ranges
bytes
x-xss-protection
1;mode=block
cdb
bidder.criteo.com/
0
486 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?ptv=149&profileId=185&av=36&wv=8.32.0&cb=10226802216
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:15 GMT
vary
Origin
server
Kestrel
auction
display.bidder.taboola.com/OpenRTB/TaboolaHB/
0
201 B
Fetch
General
Full URL
https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1676485
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

x-envoy-upstream-service-time
4
x-timer
S1732207575.250078,VS0,VE14
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
MISS
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
application/json;charset=utf-8
x-served-by
cache-yul1970082-YUL
server
nginx
x-cache-hits
0
bid-request
a.teads.tv/hb/
16 B
514 B
Fetch
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.105.149 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-105-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 21 Nov 2024 16:46:15 GMT
access-control-allow-origin
https://www.app.com
content-length
42
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
application/json
vary
Accept-Encoding
newsroom.js
c2.taboola.com/nr/gannettcompany-app/
59 KB
18 KB
Script
General
Full URL
https://c2.taboola.com/nr/gannettcompany-app/newsroom.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be79db2764fbc076a383e533a982573f4ed7d644e5e8eeb09628dfd0038f3e71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"0e3102de618c256c5706dae30758e718"
x-amz-version-id
null
age
0
access-control-allow-methods
GET, HEAD, POST
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:15 GMT
last-modified
Mon, 18 Nov 2024 18:55:58 GMT
content-type
application/javascript
x-served-by
cache-yul1970080-YUL
x-cache-hits
0
x-amz-id-2
rJsSsZUyAoGTgcebOtmDeTbCzkwtjo7frJcltsuUHQaxR8ntL9wDHPvVhDXNuM8e1VQpJbEePwo=
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=14400
x-timer
S1732207575.236236,VS0,VE42
via
1.1 varnish
x-amz-request-id
0NYHAJKPCA0A1ENX
accept-ranges
bytes
access-control-allow-origin
*
content-length
17468
server
AmazonS3
x-amz-server-side-encryption
AES256
global-q1a2z3qgHoTa02wKKRGnrTwUxgN+OoeyE.min.json
www.app.com/
9 KB
3 KB
Other
General
Full URL
https://www.app.com/global-q1a2z3qgHoTa02wKKRGnrTwUxgN+OoeyE.min.json
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
796ef0ab667574002aea17b14012128df73c7359f36bfc7bbe780775a2837612
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
W/"qgHoTa02wKKRGnrTwUxgN+OoeyE"
age
791734
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
log-mgt-timing
fetch=134399,misspass=334,do_stream=0
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
application/json; charset=utf-8
feature-policy
camera 'none';display-capture 'none';geolocation 'none';microphone 'none';payment 'none';usb 'none';xr-spatial-tracking 'none'
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
cache-control
public,immutable,max-age=315360000
backend_is_origin
1
cross-origin-opener-policy
same-origin
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
log-mgt-origin
ip=146.75.29.51,port=443,name=F_sigsci_waf,status=200,reason=OK,method=GET,host=se--gannett--654523089ba116e39c6de572.edgecompute.app,path="/global-q1a2z3qgHoTa02wKKRGnrTwUxgN+OoeyE.min.json",qs,shield=IAD,src_ip,alternate_path=0
cross-origin-resource-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
script-src https: blob: 'unsafe-inline' 'unsafe-eval' 'self';base-uri 'self';report-uri https://reporting-api.gannettinnovation.com;report-to default
permissions-policy
camera=(),display-capture=(),geolocation=(),microphone=(),payment=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
content-length
1996
x-xss-protection
1; mode=block
origin-agent-cluster
?1
syncframe
gum.criteo.com/ Frame 6B5B
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.app.com
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 16:46:14 GMT
server
Kestrel
server-processing-duration-in-ticks
324951
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
eUdPVnUvb0YzczUvcC9odHRwcyUzQSUyRiUyRnd3dy5hcHAuY29tJTJGLyU3QiUyMnZpc2l0b3JJZCUyMiUzQSUyMmI1NThmN2IwLTdiYTgtNDJlNC04NTk0LWFkNTAyZTZlNmZlMCUyMiUyQyUyMmV2ZW50VHlwZSUyMiUzQSUyMmhvbWUtcGFnZS12aWV3JTIyJ...
www.app.com/
7 B
0
Fetch
General
Full URL
https://www.app.com/eUdPVnUvb0YzczUvcC9odHRwcyUzQSUyRiUyRnd3dy5hcHAuY29tJTJGLyU3QiUyMnZpc2l0b3JJZCUyMiUzQSUyMmI1NThmN2IwLTdiYTgtNDJlNC04NTk0LWFkNTAyZTZlNmZlMCUyMiUyQyUyMmV2ZW50VHlwZSUyMiUzQSUyMmhvbWUtcGFnZS12aWV3JTIyJTJDJTIycmVmZXJyZXJVcmklMjIlM0ElMjIlMjIlMkMlMjJ1c2VySW5mbyUyMiUzQSU3QiUyMnVzZXJJZCUyMiUzQSUyMmFkOTIwNTg1LTcyNTItNDgzNS04YjhmLTgyMDQwOTE0ZjY2MSUyMiU3RCUyQyUyMmF0dHJpYnV0ZXMlMjIlM0ElN0IlMjJzaXRlX2NvZGUlMjIlM0ElN0IlMjJ0ZXh0JTIyJTNBJTVCJTIyUEFQUCUyMiU1RCU3RCUyQyUyMnBsYXRmb3JtJTIyJTNBJTdCJTIydGV4dCUyMiUzQSU1QiUyMnRhbmdlbnQlMjIlNUQlN0QlN0QlN0Q
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
server-timing
gfet4t7; dur=62
x-cache
MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
image/gif
vary
Origin,Referer
feature-policy
autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
x-frame-options
DENY
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
cache-control
no-store
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
cross-origin-opener-policy
same-origin
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
permissions-policy
autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
content-length
7
x-xss-protection
1;mode=block
origin-agent-cluster
?1
main.js
www.app.com/gcdn/dcjs/prod/
46 KB
15 KB
Script
General
Full URL
https://www.app.com/gcdn/dcjs/prod/main.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bfb59705829eff9d0ad56239809e368dee43985d2ac9b6cb22aa00d82b51775a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
"ddce5c54938e7e30a414b50f29c6522b"
age
75844
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
last-modified
Fri, 15 Nov 2024 19:26:25 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=3800
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
15131
streamsense-5.1.1.160316.min.js
www.app.com/gcdn/gannett-web/apps/teal/dist/vendor/comscore/
88 KB
14 KB
Script
General
Full URL
https://www.app.com/gcdn/gannett-web/apps/teal/dist/vendor/comscore/streamsense-5.1.1.160316.min.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e0f3e088896d15c5b2d1a0396fe84159eeee608a535c6f4e62992c927e8434f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
"a0c60599a9512a64d6caa9126cf57de4"
age
201645
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
last-modified
Tue, 30 Jul 2019 21:59:07 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, immutable, max-age=315360000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
14269
9854d92e-e8e7-4176-9ad8-a8dc2e96a467
player.ex.co/player/
505 KB
163 KB
Script
General
Full URL
https://player.ex.co/player/9854d92e-e8e7-4176-9ad8-a8dc2e96a467
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c176d10ab744408c11b6c27e9812693aa1ad3052b21fff915ee1ea4413baf945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

access-control-max-age
600
content-encoding
gzip
etag
W/"7e4cc-vRi4PL5ipuSHkUwWxT4fU1Zvz0g"
age
5011
access-control-allow-methods
GET, POST, PUT, DELETE
x-cache
HIT, HIT
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000028-IAD, cache-yul1970077-YUL
x-cache-hits
7, 0
access-control-allow-headers
Accept, Authorization, Content-Type
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
cache-control
no-cache
x-timer
S1732207575.238041,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
166323
server
nginx
76290584007-thumbnail-image-0.jpg
www.app.com/gcdn/authoring/authoring-images/2024/11/14/PAPP/
1 KB
1 KB
Image
General
Full URL
https://www.app.com/gcdn/authoring/authoring-images/2024/11/14/PAPP/76290584007-thumbnail-image-0.jpg?crop=1025,1025,x731,y341&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1cdc2274e5eaf0d4d1c18e0651e0f8e75abc2a1f2b1d4295c3a01cf94c6fff16
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

etag
"wf3SbdJVzAx104J/PQrnLffHyZdsfnlv1gbvjAuIxEA"
age
97676
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
1350
75690409007-half-moon-point-thanksgiving-to-go.jpg
www.app.com/gcdn/authoring/authoring-images/2024/10/15/PAPP/
2 KB
2 KB
Image
General
Full URL
https://www.app.com/gcdn/authoring/authoring-images/2024/10/15/PAPP/75690409007-half-moon-point-thanksgiving-to-go.jpg?crop=2592,2593,x0,y486&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34cf3d36da914a3f9c4b5a1bb214c391d5d5b8168a911ed2d39d4bbd538b4294
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

etag
"hIJOddvnee6/vJ/24qeB8dNK6MLE6zKWw/fpI4PdhPw"
age
187767
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
2076
75382225007-strupp-fam-138-1.jpg
www.app.com/gcdn/authoring/authoring-images/2024/09/25/PAPP/
2 KB
2 KB
Image
General
Full URL
https://www.app.com/gcdn/authoring/authoring-images/2024/09/25/PAPP/75382225007-strupp-fam-138-1.jpg?crop=3548,3549,x0,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca1516faacb3dc8defcc099069bd409f4088449411445e1d5881e3e452aca05d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

etag
"ZlcJN68MoH3VpGXTpMFgTcaErP6yr2OpMWV2+JTHKyQ"
age
6267
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
1660
76433779007-campbell-brands.jpg
www.app.com/gcdn/authoring/authoring-images/2024/11/19/PCHH/
2 KB
2 KB
Image
General
Full URL
https://www.app.com/gcdn/authoring/authoring-images/2024/11/19/PCHH/76433779007-campbell-brands.jpg?crop=1080,1079,x420,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93f32a02c00467cf4033b24e211df51fee6bcf9bf1ffecb025d997165672bb47
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

etag
"NAhVYn5IaLCIJvgqHkA/dbvMNdRrnSRI9ueZjYUWrS8"
age
8942
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
1556
76471934007-abdi-bashir-msu-1.jpg
www.app.com/gcdn/authoring/authoring-images/2024/11/21/PAPP/
3 KB
3 KB
Image
General
Full URL
https://www.app.com/gcdn/authoring/authoring-images/2024/11/21/PAPP/76471934007-abdi-bashir-msu-1.jpg?crop=3643,3642,x743,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d033dee4eb850e52337cf5ecfdfcbdf3b2c507b734156d38811036ecafc7d22
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

etag
"rSydjMYswxlOjeryJw86MbI/QXaw8MgHWqdJwJlczLo"
age
21011
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
3016
setuid
www.app.com/pbd/
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirectUri=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D%26gdpr_consent%3D%26f...
  • https://www.app.com/pbd/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&f=i&uid=81f3ca1e-fe76-4c3f-90c1-53bd01f7c506
86 B
1 KB
Image
General
Full URL
https://www.app.com/pbd/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&f=i&uid=81f3ca1e-fe76-4c3f-90c1-53bd01f7c506
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
image/png
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1732207576.546640,VS0,VE35
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1;mode=block

Redirect headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
location
https://www.app.com/pbd/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&f=i&uid=81f3ca1e-fe76-4c3f-90c1-53bd01f7c506
content-length
0
PAPP-TEALIUM-TANGENT.json
www.app.com/gcdn/dcc/prod/
27 KB
5 KB
Fetch
General
Full URL
https://www.app.com/gcdn/dcc/prod/PAPP-TEALIUM-TANGENT.json
Requested by
Host: www.app.com
URL: https://www.app.com/gcdn/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0c9fe56108491de6d1887d3266581dcf1c38336e7bd5b682120da8203b6ca80
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
"84d26f864bd29776c35355cb62127fa1"
age
75840
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Thu, 21 Nov 2024 16:46:14 GMT
last-modified
Wed, 13 Nov 2024 23:08:12 GMT
content-type
application/json
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=3800
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
5090
pub
pixel.adsafeprotected.com/services/
768 B
949 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:ad-slot-7103-nj-asburypark-C1171-high_impact-homepage-1-ac1,s:1000.250,p:7103/nj-asburypark-C1171/high_impact/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-nj-asburypark-C1171-poster_front-homepage-2-ac1,s:300.250,p:7103/nj-asburypark-C1171/poster_front/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-nj-asburypark-C1171-poster_scroll_front-homepage-3-ac1,s:300.250,p:7103/nj-asburypark-C1171/poster_scroll_front/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-nj-asburypark-C1171-leaderboard_btf-homepage-7-ac1,s:728.90,p:7103/nj-asburypark-C1171/leaderboard_btf/homepage,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=33414610-bbb4-3548-8124-9e74cd96f8c8&url=https%253A%252F%252Fwww.app.com%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.250.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-250-208.compute-1.amazonaws.com
Software
/
Resource Hash
a8141250dcf0391a87693799e12e993288e0a90133be06f9bed2dc3a316778ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
access-control-expose-headers
X-Server-Name
timing-allow-origin
*
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
application/json
access-control-allow-credentials
true
iasADX.js
static.adsafeprotected.com/
12 KB
5 KB
Script
General
Full URL
https://static.adsafeprotected.com/iasADX.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:fa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
x-amz-version-id
S08nbEMSQBiWsSqdAKl6yaGPRyD0riRA
etag
W/"c700d1e14608af0f21adaf6e08ac2cf5"
age
65375
x-cache
Hit from cloudfront
x-amz-cf-id
I8jG7y61Ik5HrDXz2b730z6KQiJSINDRq50IrRkh-0o2yBj-W69Czw==
date
Wed, 20 Nov 2024 22:36:41 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 14 Feb 2022 12:59:56 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=604800
via
1.1 4bcc80622a10d0ee4a55e5fd4f387c84.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
jsdiagnostic
pixel.adsafeprotected.com/
43 B
198 B
Image
General
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_m&anid:922805&sessionId:33414610-bbb4-3548-8124-9e74cd96f8c8
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.250.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-250-208.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 21 Nov 2024 16:46:15 GMT
pragma
no-cache
content-type
image/gif
server
Apache-Coyote/1.1
65568.js
cdn.brandmetrics.com/scripts/bundle/
56 KB
18 KB
Script
General
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=6384de98-7e2a-4671-b441-6ea4cb092952&toploc=www.app.com
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/f5e47f5ae82e4c48bbc1a7f9281ed95b/gannett_net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a21e88ae16a60054e122df28a9518dfce9619f51caba062973e6f0793c4a96e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
1729
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gk7JMX4dXrMnsvJ8y3lD4JsJ4lWy3VRHuue1EB8t37OayksJgLGx5YqQMFQt47OeCyqtYc8UoIr7xgSDX0grQh5KTVa4sN40Gp%2BgtZi5S3VwBtUW3IR1PUz8%2FFwpmnD%2FbseyTAgfRgQzGqcPNGRupG8k"}],"group":"cf-nel","max_age":604800}
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-ray
8e6227a03b9841c1-EWR
server-timing
cfL4;desc="?proto=TCP&rtt=17853&sent=13&recv=11&lost=0&retrans=0&sent_bytes=6834&recv_bytes=2322&delivery_rate=250783&cwnd=256&unsent_bytes=0&cid=dec1b92d25635868&ts=573&x=0"
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
text/javascript;charset=utf-8
last-modified
Thu, 21 Nov 2024 16:17:26 GMT
vary
Accept-Encoding
server
cloudflare
215ba713-4e96-4806-bd6a-f5d49527bcfe-GettyImages_1484969074_1.jpeg
www.gannett-cdn.com/presto/2023/07/07/USAT/
2 KB
3 KB
Image
General
Full URL
https://www.gannett-cdn.com/presto/2023/07/07/USAT/215ba713-4e96-4806-bd6a-f5d49527bcfe-GettyImages_1484969074_1.jpeg?fit=crop&width=120&height=120&format=pjpg&auto=webp
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
72a9917e00b5dc4dbf2230fd30528c1e2bfffe070a8a7607b65d0c7a81bfd298
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

etag
"FT00ysI6JPxmcyNVUgXjMYMHzN0Nxz52xrN0nohSps8"
age
1569183
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
log-mgt-timing
fetch=98050,misspass=133,do_stream=0
x-cache
MISS, HIT, HIT
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
image/webp
vary
Accept
x-cache-hits
0, 0, 0
fastly-stats
io=1
strict-transport-security
max-age=63072000; includeSubDomains; preload
log-mgt-origin
ip=146.75.33.51,port=443,name=F_sigsci_waf,status=200,reason=OK,method=GET,host=se--gannett--65d8b71191d0a4f792d1e5c9.edgecompute.app,path="/2023/07/07/USAT/215ba713-4e96-4806-bd6a-f5d49527bcfe-GettyImages_1484969074_1.jpeg",qs="iox=tng0&iox=tng0",shield=IAD,src_ip,alternate_path=0
backend_is_origin
1
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
2530
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/
492 KB
152 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
1421939719645060458
age
345
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 16:40:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 21 Nov 2024 16:40:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155913
x-xss-protection
0
server
cafe
sd
www.app.com/gciaf/prod/
0
0
Fetch
General
Full URL
https://www.app.com/gciaf/prod/sd
Requested by
Host: www.app.com
URL: https://www.app.com/gcdn/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
x-cache
MISS, MISS
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
application/json; charset=utf-8
feature-policy
autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
vary
Origin,Referer
x-frame-options
DENY
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
no-store
timing-allow-origin
*
cross-origin-opener-policy
same-origin
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
permissions-policy
autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-xss-protection
1;mode=block
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/
280 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
645036bb15fef1d1e241628b7eea269a074b2b4a81ec68e48bbf8cb400c19352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 21 Nov 2024 16:46:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99498
x-xss-protection
0
server
Google Tag Manager
p-q1a2z32AvpW5NZ.min.js
www.app.com/gcdn/dcjs/prod/p/
56 KB
17 KB
Script
General
Full URL
https://www.app.com/gcdn/dcjs/prod/p/p-q1a2z32AvpW5NZ.min.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4e8cfde282fd024d54edff75ca3608cc1f2ed38c56b2ee3829257df1b58e70a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
"87fbfda2750410690ebcd42aa75c8ab9"
age
721607
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Thu, 21 Nov 2024 16:46:15 GMT
last-modified
Fri, 08 Nov 2024 14:23:34 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public,immutable,max-age=315360000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
content-length
17361
;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1133320409345912
adservice.google.com/ddm/fls/z/src=9782452;dc_pre=CIzS0Ynw7YkDFW3t9QIdNmc21w;type=visits;cat=ganne0;u1=app.com/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=9782452;type=visits;cat=ganne0;u1=app.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=113332040...
  • https://ad.doubleclick.net/ddm/activity/src=9782452;dc_pre=CIzS0Ynw7YkDFW3t9QIdNmc21w;type=visits;cat=ganne0;u1=app.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=...
  • https://adservice.google.com/ddm/fls/z/src=9782452;dc_pre=CIzS0Ynw7YkDFW3t9QIdNmc21w;type=visits;cat=ganne0;u1=app.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;...
42 B
63 B
Fetch
General
Full URL
https://adservice.google.com/ddm/fls/z/src=9782452;dc_pre=CIzS0Ynw7YkDFW3t9QIdNmc21w;type=visits;cat=ganne0;u1=app.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1133320409345912
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H3
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 21 Nov 2024 16:46:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 21 Nov 2024 16:46:15 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"6057629600921933131"}],"aggregatable_trigger_data":[{"filters":[{"14":["89171070"]}],"key_piece":"0xd4107ee07f0a325a","source_keys":["12","13","14","15","16","17","18","19","20","21","24814196","24814197","24814198","24814199","26337396","26337397","26337398","26337399","27839736","27839737","27839738","27839739","634831508","634831509","634831510","634831511","905555844","905555845","905555846","905555847"]},{"key_piece":"0x3dc98cfc47a11740","not_filters":{"14":["89171070"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","24814196","24814197","24814198","24814199","26337396","26337397","26337398","26337399","27839736","27839737","27839738","27839739","634831508","634831509","634831510","634831511","905555844","905555845","905555846","905555847"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"24814196":50,"24814197":50,"24814198":50,"24814199":4889,"26337396":72,"26337397":72,"26337398":72,"26337399":7062,"27839736":43,"27839737":43,"27839738":43,"27839739":4237,"634831508":32,"634831509":32,"634831510":32,"634831511":3177,"905555844":65,"905555845":65,"905555846":65,"905555847":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"3410254812494052725","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"6057629600921933131","filters":[{"14":["89171070"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"6057629600921933131","filters":[{"14":["89171070"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"6057629600921933131","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"6057629600921933131","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9782452"]}}
content-type
image/png
cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://adservice.google.com/ddm/fls/z/src=9782452;dc_pre=CIzS0Ynw7YkDFW3t9QIdNmc21w;type=visits;cat=ganne0;u1=app.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1133320409345912
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
0
x-xss-protection
0
server
cafe
conversion_async.js
www.googleadservices.com/pagead/
57 KB
20 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
83d748c25d26625b315cdea321942227ca15d89b0cee7fecd4db51dc30e07a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
1129976121955905753
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 16:46:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
20798
x-xss-protection
0
server
cafe
p
sb.scorecardresearch.com/
43 B
301 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035223&c5=home&category=home&comscorekw=home_tangent&c6=home&c4=https%3A%2F%2Fwww.app.com%2F&c15=ad920585-7252-4835-8b8f-82040914f661&cs_fpid=ad920585-7252-4835-8b8f-82040914f661&cs_ucfr=&cs_fpit=lo&&cv=3.6.0&cj=1
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-127.jfk52.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 15c2cf85eb6b1f3e4b8c8d0befbed77a.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
MgLyswvuIAh97vFsvUCEQnV-TSRzT1fWj6hlx-alNEOHKYTw9Fa3vA==
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
46686
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
59vCxqnorcxz2M0dnFT9pSTI37M-H9oP0RuH_J3Yle65YO0HxTgipQ==
date
Thu, 21 Nov 2024 03:48:10 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
3062
config.aps.amazon-adsystem.com/configs/
531 B
807 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/3062
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-105.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
a8754d0d56b047609230516dcc57dacd00eb24e2fc5bd2afb88409520539fc6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
max-age=3600
age
1376
via
1.1 1fbe7db1bc981550874105fc5a6d6d86.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
531
x-amz-cf-id
wjRrxNkoBJgYsF-x09kzRAw67q0x4z-3JjNdolDOoRn8-rv2ifbkvg==
date
Thu, 21 Nov 2024 16:23:19 GMT
content-type
application/javascript
x-amz-cf-pop
JFK52-P2
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/
641 B
988 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3062&u=https%3A%2F%2Fwww.app.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
f3e3353bd01e767ff59da7875dc275115913898a536f5542349fcce15b66a48b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.app.com
x-cache
Miss from cloudfront
content-length
641
x-amz-cf-id
Dt91TkbHqKdyyMuApB20-tJqyW8yfQYmlIRTNHG4gLAt6xgAwkrbGQ==
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
JFK50-P3
server
Server
bid
aax.amazon-adsystem.com/e/dtb/
253 B
554 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Fwww.app.com%2F&pid=Pz5xWnKOxq0re&cb=0&ws=1600x1200&v=24.1105.2150&t=1500&slots=%5B%7B%22sd%22%3A%22ad-slot-7103-nj-asburypark-C1171-high_impact-homepage-1-ac1%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fnj-asburypark-C1171%2Fhigh_impact%2Fhomepage%2F1%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-nj-asburypark-C1171-poster_front-homepage-2-ac1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F7103%2Fnj-asburypark-C1171%2Fposter_front%2Fhomepage%2F1%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-nj-asburypark-C1171-poster_scroll_front-homepage-3-ac1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fnj-asburypark-C1171%2Fposter_scroll_front%2Fhomepage%2F1%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-nj-asburypark-C1171-leaderboard_btf-homepage-7-ac1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fnj-asburypark-C1171%2Fleaderboard_btf%2Fhomepage%2F1%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.140.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-140-223.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
5adbe30d65ea687c54a62dff06df8949960520b18a43a90a56c80a841bc49635

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 11280d8f37ba4cb1d8f36f9f2a6e4c76.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.app.com
x-cache
Miss from cloudfront
content-length
223
x-amz-cf-id
0sASFGyEkVlGRejcGFW_Ywrp2rHslHJB6VSAnzzGoXk1z5O3zpXOog==
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
JFK52-P2
server
Server
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-179-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Thu, 21 Nov 2024 17:01:16 GMT
accept-ranges
bytes
content-length
17407
date
Thu, 21 Nov 2024 16:46:16 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
c.js
collector.brandmetrics.com/
0
0
Fetch
General
Full URL
https://collector.brandmetrics.com/c.js?siteid=6384de98-7e2a-4671-b441-6ea4cb092952&toploc=www.app.com&rnd=682682&json
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=6384de98-7e2a-4671-b441-6ea4cb092952&toploc=www.app.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

Request-Context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Access-Control-Allow-Origin
https://www.app.com
Content-Length
0
Date
Thu, 21 Nov 2024 16:46:16 GMT
Content-Type
application/json
Vary
Origin
Access-Control-Allow-Credentials
true
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202410171241/
301 KB
107 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202410171241/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8296451fb9812759da5b17aabf641439bb89b12d19cf56e6a7b4f61b8383d6fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"c2db5095904bd02d6102c1d20bd14028"
age
1159475
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 17 Oct 2024 18:35:57 GMT
vary
Accept-Encoding
x-amz-id-2
3cRZ/tek6sB20udwS0dO/PSW9I+OWFppDzr8eAN6Vfow6QDrrYJKvftk/eqikmazdD9jk9mpzBw=
cache-control
public, max-age=31536000
x-amz-request-id
FQY5HSK96NRMEFSE
cf-ray
8e6227a199e342b8-EWR
accept-ranges
bytes
content-length
109168
server
cloudflare
x-amz-server-side-encryption
AES256
/
p1.parsely.com/plogger/
43 B
259 B
Image
General
Full URL
https://p1.parsely.com/plogger/?rand=1732207575303&plid=fbf1e9cf-c62d-4c28-98ba-021b6f01ece0&idsite=app.com&url=https%3A%2F%2Fwww.app.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22sevenDayReturn%22%3Afalse%2C%22userStatus%22%3A%22unauthenticated%22%2C%22userType%22%3A%22anonymous%22%7D&tagManager=gciAnalytics%3Aprod%3A0.375.0%3APAPP-TEALIUM-TANGENT&sid=1&surl=https%3A%2F%2Fwww.app.com%2F&sref=&sts=1732207575277&slts=0&title=Asbury+Park+Press+NJ+%7C+Jersey+Shore+%26+New+Jersey+News&date=Thu+Nov+21+2024+08%3A46%3A15+GMT-0800+(Pacific+Standard+Time)&action=pageview&pageDomain=www.app.com&urlRef=https%3A%2F%2Fwww.app.com%2F&js=1&pvid=dcc85316-be75-4bbd-a6c0-ce4d27e6cd78&u=pid%3D4de8471f-9914-42f6-ba88-072ac4c3e983
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

Cache-Control
no-cache
Content-Length
43
Date
Thu, 21 Nov 2024 16:46:16 GMT
Content-Type
image/gif
Last-Modified
Thursday, 21-Nov-2024 16:46:16 GMT
Server
nginx
Connection
keep-alive
player.js
p.channelexco.com/player/
39 KB
18 KB
Fetch
General
Full URL
https://p.channelexco.com/player/player.js?p=3177225&d=https%253A%252F%252Fwww.app.com%252F&w=640&h=360&asr=1&auction=1&auctionFast=5&publisherType=publisher&rv=true&pub=1&pageLoadUid=27979911-6eb2-4e16-801c-0a99c59dc221&hu=true&ijsn=true&b64e=1&cnl=2&impDetail=1
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.59.7.249 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
f056270405dbdb369c4b2eb52059bcda66aa4e280ab4d5a1788402e3ed60b651

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
expires
Thu, 21 Nov 2024 16:46:15 GMT
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:16 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
server
openresty
get-action
nr-events.taboola.com/newsroom/1.0/gannettcompany-app/
132 B
338 B
Script
General
Full URL
https://nr-events.taboola.com/newsroom/1.0/gannettcompany-app/get-action?page.url=https%3A%2F%2Fwww.app.com%2F&view.id=149845713255218159&page.template=home&page.dashboard=home
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/gannettcompany-app/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f0a0fa9cc56b102d1cf9b68c3aa8ab928d3e0d1aedec7c0b6b20c428dd5f827a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

tbl-x-upstream
10.15.65.140:80
access-control-allow-methods
GET,POST,PUT
x-cache
MISS
date
Thu, 21 Nov 2024 16:46:15 GMT
content-type
application/json;charset=UTF-8
x-served-by
cache-yul1970072-YUL
x-cache-hits
0
vary
Origin
x-envoy-upstream-service-time
1
x-timer
S1732207576.593743,VS0,VE11
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-application-context
front-page-event-server:production
content-length
132
server
nginx
notify-impression
nr-events.taboola.com/newsroom/1.0/gannettcompany-app/
0
231 B
Image
General
Full URL
https://nr-events.taboola.com/newsroom/1.0/gannettcompany-app/notify-impression?page.url=https%3A%2F%2Fwww.app.com%2F&view.id=149845713255218159&page.template=home&page.dashboard=home
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

x-envoy-upstream-service-time
0
tbl-x-upstream
10.15.187.30:80
x-timer
S1732207576.316318,VS0,VE11
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
x-application-context
front-page-event-server:production
date
Thu, 21 Nov 2024 16:46:16 GMT
x-served-by
cache-yul1970067-YUL
server
nginx
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/
43 B
61 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/?random=1732207575609&cv=9&fst=1732207575609&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.app.com%2F&tiba=Asbury%20Park%20Press%20NJ%20%7C%20Jersey%20Shore%20%26%20New%20Jersey%20News&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
37
date
Thu, 21 Nov 2024 16:46:16 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
client-logs
reporting-api.gannettinnovation.com/
0
0
Fetch
General
Full URL
https://reporting-api.gannettinnovation.com/client-logs
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/main-q1a2z3cc252fdc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

events
bidder.criteo.com/csm/
0
189 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:15 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
tr5
cdn.taboola.com/libtrc/
3 B
184 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=trecs-1410-rr-refactor&pub=gannett-network
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
private,max-age=14400
retry-after
0
x-timer
S1732207576.349833,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
3
date
Thu, 21 Nov 2024 16:46:16 GMT
content-type
text/html
x-served-by
cache-yul1970037-YUL
server
Varnish
x-cache-hits
0
taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame BA3B
0
0
Document
General
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

abp
6
accept-ranges
bytes
access-control-allow-origin
*
age
15126
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
340
content-type
text/html
date
Thu, 21 Nov 2024 16:46:16 GMT
etag
"8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified
Tue, 13 Feb 2024 13:15:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
cAoD0yIBXXErVPjxRccA660QvbLcTWrC9gbyiP1lsNTyVpOG9TrlCdEOGy9T2FuZeYxifz5d+jM=
x-amz-replication-status
COMPLETED
x-amz-request-id
Z4WPXQA9MJG5NYE2
x-amz-server-side-encryption
AES256
x-amz-version-id
4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache
HIT
x-cache-hits
5039
x-served-by
cache-yul1970042-YUL
x-timer
S1732207576.441903,VS0,VE0
load.js
pm-widget.taboola.com/gannett-network/
5 KB
2 KB
Script
General
Full URL
https://pm-widget.taboola.com/gannett-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b050bdfe319eb40e7ea55dfb25f5c4df807342910483c56acdfd4b9a1286422

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
x-amz-version-id
w5hF4_4_ilY_NWEWMpXLJ9c0udqee_No
etag
"2d6083a67d3890ae75329324e0f2b50d"
age
3380
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:16 GMT
last-modified
Wed, 18 Sep 2024 11:35:41 GMT
x-served-by
cache-yul1970039-YUL
x-cache-hits
18
content-type
application/javascript; charset=utf-8
x-amz-id-2
yyW7uj5AjgsjDebJ0EqbHwlgyh/jGW9pgDwXVHHcM3mrkO32lvxr57+ahO+dZhk+3QFG4y5uxIE=
vary
Accept-Encoding,
cache-control
max-age=3600
x-timer
S1732207576.462094,VS0,VE0
via
1.1 varnish
x-amz-request-id
W3B9K93GR56K0MHR
accept-ranges
bytes
access-control-allow-origin
*
content-length
1678
server
AmazonS3
sync
gum.criteo.com/
73 B
623 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5bfba1a773428ab790799f96951926050b764f7c46af9b633183987458ca5604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
1240113
expires
60
date
Thu, 21 Nov 2024 16:46:16 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
impl.20241121-12_b2-DEV-177400-trecs-reco-reel-refactor-part-2-ea545490d89.js
cdn.taboola.com/libtrc/
919 KB
185 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20241121-12_b2-DEV-177400-trecs-reco-reel-refactor-part-2-ea545490d89.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c938254f7334b5356b837bf6d9881faed749498e00dd528cf4db66ba0938591a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
"176da113252a1f7e799e59ce7d486839"
x-amz-version-id
e6NkHcr_XMinHcCmBGL7m5MuMEJosMo8
age
8441
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:16 GMT
last-modified
Thu, 21 Nov 2024 14:09:20 GMT
content-type
application/javascript
x-served-by
cache-yul1970072-YUL
x-cache-hits
8
x-amz-id-2
0X66YRrQ1h4xPZttHHqTYlgvNXDMRqWrEdNVpK2Zqw/t/OBH77fqrkY8+nVF0vVokQyZqcEoQlQ=
vary
Accept-Encoding
cache-control
private,max-age=14400
x-timer
S1732207576.016990,VS0,VE0
via
1.1 varnish
x-amz-request-id
76XFJCFQ8JZ81EB3
accept-ranges
bytes
access-control-allow-origin
*
abp
48
content-length
189114
server
AmazonS3-br
x-amz-server-side-encryption
AES256
json
trc.taboola.com/gannettcompany-app/trc/3/
109 KB
36 KB
XHR
General
Full URL
https://trc.taboola.com/gannettcompany-app/trc/3/json?llvl=2&tim=08%3A46%3A15.971&lti=trecs-1410-rr-refactor&pubit=n&t=1&data=%7B%22id%22%3A%2270603%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1732207575971%2C%22cv%22%3A%2220241121-12_b2-DEV-177400-trecs-reco-reel-refactor-part-2-ea545490d89%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.app.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.app.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6591%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs-1410-rr-refactor%22%2C%22nsid%22%3A%22gannett-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-feed-desktop-03%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22cd%22%3A5116.25%2C%22mw%22%3A660%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22Right%20Rail%20Home%20Thumbnails%20-%20Redesign%22%2C%22orig_uip%22%3A%22Right%20Rail%20Home%20Thumbnails%20-%20Redesign%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-rr%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22cd%22%3A1735%2C%22mw%22%3A300%7D%5D%2C%22pev%22%3A%2221439%2C13309%22%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Feed%20-%20Feed%20Redesign%3Dthumbnails-feed-desktop-03%3Apub%3Dgannett-network%3Aabp%3D0%2CRight%20Rail%20Home%20Thumbnails%20-%20Redesign%3Dthumbnails-rr%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22usrtyp%22%3A%22guest%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1732198298786%2C%22wc%22%3Atrue%2C%22pa%22%3A%7B%22en%22%3Atrue%2C%22su%22%3Atrue%7D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0d0a4f6b15f5ed7dfd9932442a3f07bf7ef6e348fce922d533245734a1b5702

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Thu, 21 Nov 2024 16:46:16 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-yyz4545-YYZ
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
14271
x-timer
S1732207576.427476,VS0,VE346
x-vcl-time-ms
346
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.7087500000000001
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-service-version
v1
server
nginx
setuid
www.app.com/pbd/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%23...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%23...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mjg2QzE0RUItNzlCMS00MENDLTkwOTAtMzc4NjEyMjZCODgx&gdpr=-1&gdpr_consent=&google_cm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=CAESENz607oYjRdeZzw9kw6pT64&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://www.app.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=286C14EB-79B1-40CC-9090-37861226B881
86 B
656 B
Image
General
Full URL
https://www.app.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=286C14EB-79B1-40CC-9090-37861226B881
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:19 GMT
content-type
image/png
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1732207580.737359,VS0,VE36
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1;mode=block

Redirect headers

location
https://www.app.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=286C14EB-79B1-40CC-9090-37861226B881
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
150
date
Thu, 21 Nov 2024 16:46:18 GMT
content-type
text/html; charset=utf-8
76415821007.webvtt.m3u8
hlsmedia.gannett-cdn.com/_captions/
10 B
267 B
Other
General
Full URL
https://hlsmedia.gannett-cdn.com/_captions/76415821007.webvtt.m3u8
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

fastly-stats
otfp=1
x-fastly-package-error
Origin 404
x-timer
S1732207576.102474,VS0,VE1
age
265
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
10
date
Thu, 21 Nov 2024 16:46:16 GMT
content-type
text/plain; charset=utf-8
x-served-by
cache-iad-kjyo7100072-IAD, cache-yul1970043-YUL
server
otfp
x-cache-hits
119, 0
config
gannet-player.ex.co/
3 KB
3 KB
Fetch
General
Full URL
https://gannet-player.ex.co/config?sfid=0010J00002BLrTtQAL&nid=1802083144
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/9854d92e-e8e7-4176-9ad8-a8dc2e96a467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a4269c83d8810a9675434dd70f496d5d9937a00fe8cee2503121e30b8fea4673

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

access-control-max-age
600
content-encoding
gzip
etag
W/"b07-FExtREP0LMLAPuKLjKs4k9O1HFU"
age
7111
access-control-allow-methods
GET, POST, PUT, DELETE
x-cache
HIT, HIT
date
Thu, 21 Nov 2024 16:46:16 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kjyo7100077-IAD, cache-yul1970077-YUL
x-cache-hits
5, 0
access-control-allow-headers
Accept, Authorization, Content-Type
vary
x-pb-domain
cache-control
no-cache
x-timer
S1732207576.103683,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
2461
server
nginx
prebid-event
traxex.gannettdigital.com/
0
0
Fetch
General
Full URL
https://traxex.gannettdigital.com/prebid-event
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.149.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
date
Thu, 21 Nov 2024 16:46:16 GMT
x-content-type-options
nosniff
events
collector-1.ex.co/main/
17 B
155 B
XHR
General
Full URL
https://collector-1.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/9854d92e-e8e7-4176-9ad8-a8dc2e96a467
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.83.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-83-189.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

access-control-allow-origin
*
content-length
17
date
Thu, 21 Nov 2024 16:46:16 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-type
application/json; charset=utf-8
ads-home.js
player.ex.co/
19 B
360 B
Fetch
General
Full URL
https://player.ex.co/ads-home.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/9854d92e-e8e7-4176-9ad8-a8dc2e96a467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aad5319fa68d4ffea7c51f2994cd36ba8a8fb9a460f3a9f54e49efa059e47d3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

access-control-max-age
600
etag
W/"13-s+Qwc3bmi62AFI16g+g41KBFcBk"
age
34138
access-control-allow-methods
GET, POST, PUT, DELETE
x-cache
MISS, HIT
date
Thu, 21 Nov 2024 16:46:16 GMT
content-type
text/html; charset=utf-8
vary
x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
x-served-by
cache-iad-kiad7000105-IAD, cache-yul1970077-YUL
x-cache-hits
0, 72
access-control-allow-headers
Accept, Authorization, Content-Type
x-timer
S1732207576.279051,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
19
server
nginx
google-topics-api.20241121-12_b2-DEV-177400-trecs-reco-reel-refactor-part-2-ea545490d89.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/google-topics-api.20241121-12_b2-DEV-177400-trecs-reco-reel-refactor-part-2-ea545490d89.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e79d484a403cce56d6efdce4a215adf6dc9bc2b4bebc720283cb1f7f8c34814

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"58026bfc36207bb3cdc7375375ba313e"
x-amz-version-id
McVO5YVqh5rgKb81RW1VhpocgDsrFR.4
age
8440
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:16 GMT
last-modified
Thu, 21 Nov 2024 14:10:26 GMT
x-served-by
cache-yul1970072-YUL
x-cache-hits
19
content-type
application/javascript; charset=utf-8
x-amz-id-2
Am2GP2r0cchtfOI0gppTALNha2Cc2wNA+rox/9XgpDyy/687jRbHLvVqPYRWQ3Q/UGBkiZYhuVw=
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
private,max-age=14400
x-timer
S1732207576.392568,VS0,VE0
via
1.1 varnish
x-amz-request-id
76XF01JRWPDW3T50
accept-ranges
bytes
access-control-allow-origin
*
abp
19
content-length
1097
server
AmazonS3
x-amz-server-side-encryption
AES256
card-interference-detector.20241121-12_b2-DEV-177400-trecs-reco-reel-refactor-part-2-ea545490d89.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20241121-12_b2-DEV-177400-trecs-reco-reel-refactor-part-2-ea545490d89.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08e490a8a1d1f4d2d8cce23bfe17c66f92c0c9479d3e6adc875936010a29e344

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"a87cfe3ed3d55235bec29bf3f498cb6f"
x-amz-version-id
917CY4zGa3YK11fBxw9jaleXGd_ZeGE_
age
8403
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:16 GMT
last-modified
Thu, 21 Nov 2024 14:09:41 GMT
x-served-by
cache-yul1970072-YUL
x-cache-hits
12
content-type
application/javascript; charset=utf-8
x-amz-id-2
UxAcq4NvDIr8dSYbn1E9wPjHX+K80B0u24BDSds4r+xwgnn3BnyQajJWYAmeBc6wlB8AiYecuFw=
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
private,max-age=14400
x-timer
S1732207576.400810,VS0,VE0
via
1.1 varnish
x-amz-request-id
CD9G0S17SRXJXRDW
accept-ranges
bytes
access-control-allow-origin
*
abp
1
content-length
2221
server
AmazonS3
x-amz-server-side-encryption
AES256
playlist
mcd-playlist.ex.co/api/v2/
58 KB
16 KB
Fetch
General
Full URL
https://mcd-playlist.ex.co/api/v2/playlist?id=5e1dd2a9864196507f246144&targetedPlaylist=false
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/9854d92e-e8e7-4176-9ad8-a8dc2e96a467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d45327febb4848caf1bbe3fb0558e42c948c224d4ed96c6f19c168824ffd8ca9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

access-control-max-age
600
content-encoding
gzip
etag
W/"e8c6-GRWs27En1EIYQzyguYuh4PZMl0c"
age
3249
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
x-content-type-options
nosniff
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:16 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-yul1970077-YUL
x-cache-hits
7
access-control-allow-headers
Accept, Authorization, Content-Type
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-timer
S1732207576.493693,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
16108
server
nginx
taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 0983
0
0
Document
General
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20241121-12_b2-DEV-177400-trecs-reco-reel-refactor-part-2-ea545490d89.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

abp
6
accept-ranges
bytes
access-control-allow-origin
*
age
15126
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
340
content-type
text/html
date
Thu, 21 Nov 2024 16:46:16 GMT
etag
"8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified
Tue, 13 Feb 2024 13:15:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
cAoD0yIBXXErVPjxRccA660QvbLcTWrC9gbyiP1lsNTyVpOG9TrlCdEOGy9T2FuZeYxifz5d+jM=
x-amz-replication-status
COMPLETED
x-amz-request-id
Z4WPXQA9MJG5NYE2
x-amz-server-side-encryption
AES256
x-amz-version-id
4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache
HIT
x-cache-hits
5039
x-served-by
cache-yul1970042-YUL
x-timer
S1732207576.441903,VS0,VE0
sf-q1a2z330306dc3.min.html
www.usatodaynetworkservice.com/tangstatic/html/papp/ Frame 5054
0
0
Document
General
Full URL
https://www.usatodaynetworkservice.com/tangstatic/html/papp/sf-q1a2z330306dc3.min.html
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors app.com *.app.com *.gannettdigital.com 'self';object-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2594818
backend_is_origin
0
cache-control
public, immutable, max-age=315360000
content-encoding
br
content-length
837
content-security-policy
upgrade-insecure-requests;frame-ancestors app.com *.app.com *.gannettdigital.com 'self';object-src 'none'
content-type
text/html
date
Thu, 21 Nov 2024 16:46:17 GMT
feature-policy
camera 'none';display-capture 'none';geolocation 'none';microphone 'none';payment 'none';usb 'none';xr-spatial-tracking 'none'
last-modified
Tue, 22 Oct 2024 15:07:12 GMT
log-mgt-origin
shield=IAD,src_ip,alternate_path=0,ip=167.82.233.128,port=443,name=shield_ssl_cache_iad_kiad7000128_IAD,status=200,reason=OK,method=GET,host=www.usatodaynetworkservice.com,path="/tangstatic/html/papp/sf-q1a2z330306dc3.min.html",qs
log-mgt-timing
fetch=14262,misspass=86,do_stream=0
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
permissions-policy
camera=(),display-capture=(),geolocation=(),microphone=(),payment=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
x-cache
MISS, HIT, HIT
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
pagead2.googlesyndication.com/gampad/
78 KB
18 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2940885770504107&correlator=3369081729458063&eid=31089055%2C31089118&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&tfcd=0&iu_parts=7103%2Cnj-asburypark-C1171%2Chigh_impact%2Chomepage%2Cposter_front%2Cposter_scroll_front&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F4%2F3%2C0%2F1%2F5%2F3&prev_iu_szs=320x50%7C1000x250%7C970x250%7C970x90%7C970x66%7C728x90%7C2x4%7C1x2%7C2560x1440%2C300x250%7C300x600%2C300x250%7C300x600%7C300x1050&fluid=height%2C0%2C0&ifi=1&didk=81563106~2134021746~1610917652&sfv=1-0-40&fsbs=1%2C1%2C1&eri=1&sc=1&abxe=1&dt=1732207576703&lmt=1732207576&adxs=-12245933%2C1010%2C-9&adys=-12245933%2C777%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.app.com%2F&vis=1&psz=1600x268%7C300x268%7C0x-1&msz=970x250%7C300x250%7C0x-1&fws=4%2C516%2C2&ohw=1600%2C1600%2C0&td=1&egid=9119&tan=285e684a-6aab-48b3-b6fc-20c6743c1e95%2C285e684a-6aab-48b3-b6fc-20c6743c1e96%2C285e684a-6aab-48b3-b6fc-20c6743c1e97&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732207574312&idt=1252&ppid=ad920585-7252-4835-8b8f-82040914f661&prev_scp=position%3Dhigh_impact%26adCount%3D1%26hb_ap_id%3D2616245%26hb_ap%3D0.16%26hb_adid%3D99ad33600b3c1f1%26hb_size%3D970x250%26id%3D1f8913d6-a828-11ef-905c-22f9a6b797eb%26nsf%3Dparamount%2Cparamount-high_impact%2Cmomentum%7Cposition%3Dposter_front%26adCount%3D1%26hb_ap_id%3D2616245%26hb_ap%3D0.05%26hb_adid%3D10082b052f19c086%26hb_size%3D300x600%26id%3D1f8913d7-a828-11ef-905c-22f9a6b797eb%7Cposition%3Dposter_scroll_front%26adCount%3D1%26hb_ap_id%3D2616245%26hb_ap%3D0.04%26hb_adid%3D101238f6218188e%26hb_size%3D300x600%26id%3D1f8913d8-a828-11ef-905c-22f9a6b797eb%26vw%3D40%2C50%2C60%26grm%3D40%26pub%3D40&cust_params=aam_props%3Dtangent-desktop%257Cdesktop%257Chomefront%26alerttype%3D%26build%3Dtangent-desktop%26cst_section%3Dhomepage%26features%3Dnoautoplay%252CheavyAds%26gnt_sb%3D19%26gnt_ub%3D95%26hls%3Dhttps%253A%252F%252Fwww.app.com%252Fgcdn%252Fgannett-web%252Fapps%252Fteal%252Fdist%252Fvendor%252Fhls%252Fhls.1.2.8.min.js%26navigationtype%3Ddirect%26pageType%3Dhome-front%26privacy%3DNA%26property%3DPAPP%26sitepage%3DPAPP%252Fhome%26ssts_section%3Dhome%26pid%3D1732207574438_233413257%26userguid%3Dad920585-7252-4835-8b8f-82040914f661%26utm_props%3D%257C%257C%26variant%3D0060_ex_B%252Cad-control%252Cst95%26variant_p%3D0060_ex_B%26variant_e%3D01B%26entid%3D07483534861843373259%26pageId%3D1732207574438_233413257%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3011902_PG%252CIAS_3005075_PG%252CIAS_1510285_PG%252CIAS_1512790_PG%252CIAS_1500082_PG%252CIAS_3010239_PG%26ss%3Dnon%252Ca%26swgt%3Dna%26dolookalike%3DNA%26user_traits%3DAnonInfinityLow%253A19%253Aout-market%252Ccdl_none&adks=1838900160%2C3655393499%2C813957685&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de5180d113fe0ee8b97c7b5a6f987b440709caf5f538b62f40bbbfd5086b562a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
google-lineitem-id
-2,6228309075,6228307353
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2,138285945346,138285945346
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.app.com
content-length
18022
x-xss-protection
0
server
cafe
container.html
bfbe0faf6068975b8fa4dcc6a6141780.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AE53
0
0
Document
General
Full URL
https://bfbe0faf6068975b8fa4dcc6a6141780.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 16:46:17 GMT
expires
Thu, 21 Nov 2024 16:46:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5JJXNTWR1D&gtm=45je4bk0v887636012za200&_p=1732207576633&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1764719333.1732207575&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&uid=ad920585-7252-4835-8b8f-82040914f661&dp=%2F&dl=https%3A%2F%2Fwww.app.com%2F&dr=&sid=1732207576&sct=1&seg=0&dt=Asbury%20Park%20Press%20NJ%20%7C%20Jersey%20Shore%20%26%20New%20Jersey%20News&tfd=3592
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.app.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
551 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5JJXNTWR1D&cid=1764719333.1732207575&gtm=45je4bk0v887636012za200&aip=1&uid=ad920585-7252-4835-8b8f-82040914f661&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.app.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.com.mt/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com.mt/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5JJXNTWR1D&cid=1764719333.1732207575&gtm=45je4bk0v887636012za200&aip=1&uid=ad920585-7252-4835-8b8f-82040914f661&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1346000472
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 21 Nov 2024 16:46:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
pmk-20220605.20.js
pm-widget.taboola.com/gannett-network/
84 KB
24 KB
Script
General
Full URL
https://pm-widget.taboola.com/gannett-network/pmk-20220605.20.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d845f4e8d32f7ab2594a47560a708475fddc0c6c048f0fcddbfe4a94a02bba50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
gzip
x-amz-version-id
9rjMl4.nPuUyx7cIWuf4Il9e_XjbKuqz
etag
"655ed06db51199dfe037f550b72ad482"
age
1681148
access-control-allow-methods
GET,POST,PUT
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:16 GMT
last-modified
Wed, 18 Sep 2024 11:35:40 GMT
x-served-by
cache-yul1970072-YUL
x-cache-hits
908
content-type
application/javascript; charset=utf-8
x-amz-id-2
lCkVLwAeGqF/nHsNjwDDA23KkyAuAB8CrviFfv5q6anuQaavMPL6uTBYSBhcAbl6hxMu52My4LU=
vary
Accept-Encoding, ,Origin
cache-control
max-age=31536000
x-timer
S1732207577.753651,VS0,VE0
via
1.1 varnish
x-amz-request-id
EBCTMKK5CCAAZXBE
accept-ranges
bytes
access-control-allow-origin
*
content-length
24277
server
AmazonS3
iu3
s.amazon-adsystem.com/ Frame 740D
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&dcc=t
0
0
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.156.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-107.compute-1.amazonaws.com
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
382
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 21 Nov 2024 16:46:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2AKPRSHSKVHJTB9QA0E2

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Nov 2024 16:46:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SZ4MRQSSAQ8CAFH4PRA1
bid
aax.amazon-adsystem.com/e/dtb/
212 B
516 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Fwww.app.com%2F&pid=Pz5xWnKOxq0re&cb=1&ws=1600x1200&v=24.1105.2150&t=1500&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A500%2C%22id%22%3A%22Exco_video_test%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.140.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-140-223.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
040460aab8afc61d37689a26a944e5e0519c9230b3c1ee51e323a5e4bf8b703d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 11280d8f37ba4cb1d8f36f9f2a6e4c76.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.app.com
x-cache
Miss from cloudfront
content-length
186
x-amz-cf-id
L1Oy13W6W4BZPdDF4tQSDQDZEfkt1_oOzGOP-8nsr3h1ylRymm00ow==
date
Thu, 21 Nov 2024 16:46:16 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
JFK52-P2
server
Server
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003EkOH8AAN&gdpr=0&src=pbjs&ver=8.27.0&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003EkOH8AAN&gdpr=0&src=pbjs&ver=8.27.0&coppa=0&b=1&tp=4GdGOrll2M3ES2%2B4peZ96LauOxLw%2BhUVDrEhFvC8488%3D
42 B
138 B
Fetch
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003EkOH8AAN&gdpr=0&src=pbjs&ver=8.27.0&coppa=0&b=1&tp=4GdGOrll2M3ES2%2B4peZ96LauOxLw%2BhUVDrEhFvC8488%3D
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.app.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0015a00003EkOH8AAN&gdpr=0&src=pbjs&ver=8.27.0&coppa=0&b=1&tp=4GdGOrll2M3ES2%2B4peZ96LauOxLw%2BhUVDrEhFvC8488%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.app.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 21 Nov 2024 16:46:16 GMT
vary
origin
prebid
id5-sync.com/api/config/
168 B
445 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
c4cb41273a22371997a962233faaa1c6cf3dd3959016d8c9d828e2919a71154a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/
0
250 B
Fetch
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13963
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.165.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.165.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 google
access-control-allow-origin
https://www.app.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 21 Nov 2024 16:46:17 GMT
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
id
id.crwdcntrl.net/
75 B
822 B
Fetch
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.244.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-244-46.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
fc86394ee449afbb0d3c4892216a2090b882e8cbf13951b2075b2dc10836eab2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.app.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
75
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
application/json;charset=utf-8
x-server
10.40.13.113
server
Jetty(9.4.38.v20210224)
rid
match.adsrvr.org/track/
109 B
563 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=343asog&fmt=json
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
bb68b6b3efed65167419d2d83d8099d4c2f5468d13915ec0f3989f13416139a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Sat, 21 Dec 2024 16:46:17 GMT
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
cookie_sync
ps.ex.co/
2 KB
2 KB
Fetch
General
Full URL
https://ps.ex.co/cookie_sync
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.236.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-236-31.compute-1.amazonaws.com
Software
/
Resource Hash
5103b3263b3d17ff428f1f65f12173688ea2ffe97ebe97396edb03c2f9d236cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.app.com
content-length
1858
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
application/json; charset=utf-8
vary
Origin
auction
ps.ex.co/openrtb2/
314 B
547 B
Fetch
General
Full URL
https://ps.ex.co/openrtb2/auction
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.236.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-236-31.compute-1.amazonaws.com
Software
/
Resource Hash
1cfba83f4873569e304e35fb2946ca5db4443a2c3fab559bf872051feae39d91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.app.com
content-length
314
date
Thu, 21 Nov 2024 16:46:17 GMT
x-prebid
pbs-go/v2.11.0-3-g1a1080ae
content-type
application/json
vary
Origin
auction
rtb.ex.co/openrtb2/
170 B
317 B
Fetch
General
Full URL
https://rtb.ex.co/openrtb2/auction
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.153.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-153-112.compute-1.amazonaws.com
Software
/
Resource Hash
731085c22bf66b70f7ada1d3f757d3b326516ed60a58912da851ec85d877a6c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
content-length
170
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
player.js
gannet-cdn.ex.co/player/ap/4.105.0-caef12f/
470 KB
97 KB
Script
General
Full URL
https://gannet-cdn.ex.co/player/ap/4.105.0-caef12f/player.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7751496c5744ddd6ff9cd1bdfbd22afa36801cdff6f5c3b8cb86fe410bced3ec
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

access-control-max-age
86400
x-exco-cdn
fastly
content-encoding
br
etag
"58ea9e9f8c4422234b889e406ff05201"
age
115749
access-control-allow-methods
GET,POST
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:16 GMT
last-modified
Wed, 20 Nov 2024 08:36:00 GMT
vary
Accept-Encoding
x-cache-hits
94
content-type
application/javascript;charset=utf-8
x-served-by
cache-yul1970074-YUL
access-control-allow-headers
*
strict-transport-security
max-age=31557600
cache-control
max-age=31557600
x-timer
S1732207577.868872,VS0,VE0
access-control-allow-credentials
false
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98844
server
AmazonS3
setuid
www.app.com/pbd/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26...
  • https://www.app.com/pbd/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=3752091778179636000V10
86 B
1 KB
Image
General
Full URL
https://www.app.com/pbd/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=3752091778179636000V10
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:19 GMT
content-type
image/png
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1732207579.984826,VS0,VE38
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1;mode=block

Redirect headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
cache-control
max-age=0, no-cache, no-store
location
https://www.app.com/pbd/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=3752091778179636000V10
timing-allow-origin
*
pragma
no-cache
expires
Thu, 21 Nov 2024 16:46:17 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
content-length
154
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
text/html
server
Apache
fraud-detect.js
cdn.taboola.com/scripts/
121 B
579 B
Script
General
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
age
13036
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
x-served-by
cache-yul1970072-YUL
x-cache-hits
7266
content-type
application/javascript
x-amz-id-2
h6Mooc8RKO2wG+XMpQweFf+Ft9w+F6VlbqPAaFczRVNdTYSUN5uIPRvfgif6+FGv72vTsQUZSHsww9wj/9IHYUWb1fRtdQljcWdqXypJ3tc=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14400
x-timer
S1732207577.054482,VS0,VE0
via
1.1 varnish
x-amz-request-id
W4BTA1M8JJWEKN8R
accept-ranges
bytes
access-control-allow-origin
*
abp
84
content-length
125
server
AmazonS3
x-amz-server-side-encryption
AES256
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age
1637
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
x-served-by
cache-yul1970072-YUL
x-cache-hits
2143
content-type
application/javascript
x-amz-id-2
Q1gDJRgc/NEOPCIzVbqusAV5KytBIP8nyXe5jU+JXJeGHfgKpTLg7uHmjSn3yVbf1u4f0iW0YyVerhNGsZCsYw==
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private, max-age=3600
x-timer
S1732207577.054467,VS0,VE0
via
1.1 varnish
x-amz-request-id
FFGTMH9CSVAH9MGT
accept-ranges
bytes
access-control-allow-origin
*
abp
62
content-length
1347
server
AmazonS3
x-amz-server-side-encryption
AES256
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/5.1.0/
110 KB
30 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/5.1.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a681b8103a31cb35f29d0d70b81bfb12ec717801f366e1263624a8bbab8b94b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"659bb14c64d0a290c5615eb14346fb5e"
age
267953
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
3KLZ4tTwettOJdGt6SDYI09Ay38x85FRVcJK58MrfSs_5823_LzERA==
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
application/javascript
x-served-by
cache-yul1970039-YUL
x-cache-hits
7792
last-modified
Mon, 18 Nov 2024 10:04:02 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1732207577.099447,VS0,VE0
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30530
x-amz-cf-pop
YUL62-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
social
ch-trc-events.taboola.com/gannettcompany-app/log/3/
0
519 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/gannettcompany-app/log/3/social?lti=trecs-1410-rr-refactor&ri=9fb8a1ef9a67ff169fe8e08c9d2f9670&sd=v2_59b41456260e5fc608d4180dfa867deb_45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958_1732207576_1732207576_CIi3jgYQ0qI9GKOH-Py0MiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABo8a2EmsXU5ND6AXABgAEA&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&pi=%2F&wi=-672519273834055283&pt=home&vi=1732207575971&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.app.com%2F%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Asbury%20Park%20Press%20NJ%20%7C%20Jersey%20Shore%20%26%20New%20Jersey%20News%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.app.com%2Ftangstatic%2Fsites%2Fpapp%2Fog-image-q1a2z3117c6e98.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:17 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
/
beacon.taboola.com/
0
157 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=protected-audience&extraData=%7B%22eventName%22%3A%22auction_started%22%2C%22placement%22%3A%22Right%20Rail%20Home%20Thumbnails%20-%20Redesign%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.109604,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
metrics
ch-trc-events.taboola.com/gannettcompany-app/log/3/
0
519 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/gannettcompany-app/log/3/metrics?route=US%3ACH%3AV&lti=trecs-1410-rr-refactor
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:17 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
1e20e8ff-b903-43c3-81e2-8f9e185614d9.svg
cdn.taboola.com/static/1e/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/1e/1e20e8ff-b903-43c3-81e2-8f9e185614d9.svg
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2452d296244679df05abfe540f6c8cabcad97defbe9a055ced27a78616bd5642

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"7e00575ecd962424dbd089dd18b75f08"
x-amz-version-id
josUOLLQULMEm4XfZtrMnVEsDklr4cTb
age
8
access-control-allow-methods
GET
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
last-modified
Mon, 09 Sep 2024 13:46:15 GMT
x-served-by
cache-yul1970037-YUL
x-cache-hits
3
content-type
image/svg+xml
x-amz-id-2
f1XuSJtPlCNXt7Uu32kSlrq+GBGVfooACUYE5uqKzgw1ABbxGuCSp6pFRLpPneKz7cmsxMHWoP0=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=31536000
x-timer
S1732207577.126101,VS0,VE0
via
1.1 varnish
x-amz-request-id
C3DD5VDXC2H0CB11
accept-ranges
bytes
access-control-allow-origin
*
abp
27
content-length
1338
server
AmazonS3
x-amz-server-side-encryption
AES256
73f9ad77a2f9ad53c28abb5beb1e02a4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
18 KB
18 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/73f9ad77a2f9ad53c28abb5beb1e02a4.jpg
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3b5a66c6c562473f3d5e87ea3e9bf271552c9e15e51380d9b48bf714f8e8e815

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/73f9ad77a2f9ad53c28abb5beb1e02a4.jpg
etag
"ec5a705e9029b59dd60322450a60c4c4"
surrogate-reporting
width=400,height=223,bytes=30989,owidth=1200,oheight=675,obytes=130540,ef=(1,13,17,23,30)
cache-tag
471500060797389926557096955226042680655,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
age
2539852
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
image/webp
last-modified
Mon, 30 Sep 2024 11:59:54 GMT
x-served-by
cache-iad-kiad7000058-IAD, cache-iad-kiad7000058-IAD, cache-bur-kbur8200041-BUR, cache-iad-kcgs7200072-IAD, cache-yul1970039-YUL
x-cache-hits
0, 0, 0, 2710, 35
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
471500060797389926557096955226042680655,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
221
x-timer
S1732207577.186631,VS0,VE0
x-orig-request-id
ef22e734b33b9d499adb9e2b41bf99fa
x-ratelimit-reset
1
expiration
expiry-date="Thu, 31 Oct 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
x-vcl-time-ms
0
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.aajtak.in/
content-length
18144
x-ratelimit-limit
101
server
nginx
173842f9cd2a9bf41e435a724c10b792.jpeg
images.taboola.com/taboola/image/fetch/h_223%2Cw_400%2Cc_fill,g_xy_center,x_640,y_363/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
18 KB
19 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_223%2Cw_400%2Cc_fill,g_xy_center,x_640,y_363/http%3A//cdn.taboola.com/libtrc/static/thumbnails/173842f9cd2a9bf41e435a724c10b792.jpeg
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ceed49a2835d38dc0b35580057e55d09dd7c8e7ea950fc04a492f386aef5e7f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

x-debug
/taboola/image/fetch/h_223%2Cw_400%2Cc_fill,g_xy_center,x_640,y_363/http%3A//cdn.taboola.com/libtrc/static/thumbnails/173842f9cd2a9bf41e435a724c10b792.jpeg
etag
"6777389202808d0882afff5a5f46db8f"
surrogate-reporting
width=400,height=223,bytes=37290,owidth=1280,oheight=720,obytes=233783,ef=(1,17,23,30)
cache-tag
420982242347283116989711341843836928198,518037644722273390666766732514089296688,29ecf9b93bbf306179626feeda1fab70
age
512139
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
image/webp
last-modified
Wed, 13 Nov 2024 16:45:24 GMT
x-served-by
cache-iad-kcgs7200067-IAD, cache-iad-kcgs7200067-IAD, cache-lga21978-LGA, cache-iad-kjyo7100036-IAD, cache-yul1970039-YUL
x-cache-hits
0, 0, 0, 22, 0
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
420982242347283116989711341843836928198,518037644722273390666766732514089296688,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
80
x-timer
S1732207577.176545,VS0,VE1
x-orig-request-id
5d90ab221219124a701a337374033c97
x-ratelimit-reset
1
expiration
expiry-date="Sat, 14 Dec 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
x-vcl-time-ms
1
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.usatoday.com/
content-length
18016
x-ratelimit-limit
101
server
nginx
metrics
ch-trc-events.taboola.com/gannettcompany-app/log/3/
0
519 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/gannettcompany-app/log/3/metrics?route=US%3ACH%3AV&lti=trecs-1410-rr-refactor
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:17 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
94d4aca3befa675a2626672c04a7aaeb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
15 KB
16 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94d4aca3befa675a2626672c04a7aaeb.jpg
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4e574ecc224ea84750dc4af2e9f2532cf3dc4e326cd0bada0b9aa6c3197a9965

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

x-request-id
6ffb6744fb84128add67d62e7b03b9ef
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94d4aca3befa675a2626672c04a7aaeb.jpg
etag
"3e6a738ec2eb2b736830a67d4bbc7309"
surrogate-reporting
width=400,height=223,bytes=28971,owidth=1066,oheight=600,obytes=103253,ef=(1,13,17,23,30)
cache-tag
478512652028703591942099569631818977712,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
age
671147
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
image/webp
last-modified
Wed, 13 Nov 2024 21:31:16 GMT
x-served-by
cache-iad-kiad7000043-IAD, cache-iad-kiad7000043-IAD, cache-lax-kwhp1940124-LAX, cache-iad-kcgs7200106-IAD, cache-yul1970039-YUL
x-cache-hits
0, 0, 0, 2, 2
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
478512652028703591942099569631818977712,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
564
x-timer
S1732207577.196546,VS0,VE0
x-orig-request-id
0cbd19bab882cffadce7d0944096d2d0
x-ratelimit-reset
1
x-vcl-time-ms
0
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.co-47.com/
content-length
15352
x-ratelimit-limit
101
server
nginx
780e818fc816782f7b5d3a8f964c9630.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
20 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/780e818fc816782f7b5d3a8f964c9630.jpg
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
daf26826ec2a81be4a6467c1dd9d62b00e6c0b27c7852946a0b278b605262827

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/780e818fc816782f7b5d3a8f964c9630.jpg
etag
"172e075094eb637f3ba47b6e9a11891f"
surrogate-reporting
width=400,height=223,bytes=41536,owidth=1920,oheight=1080,obytes=260842,ef=(1,13,17,23,30)
cache-tag
342358604713697055243830072232007408094,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
age
3037366
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
image/webp
last-modified
Wed, 18 Sep 2024 11:49:12 GMT
x-served-by
cache-iad-kiad7000154-IAD, cache-iad-kiad7000154-IAD, cache-bur-kbur8200095-BUR, cache-iad-kcgs7200077-IAD, cache-yul1970039-YUL
x-cache-hits
0, 0, 0, 78, 75
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
342358604713697055243830072232007408094,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
158
x-timer
S1732207577.246283,VS0,VE0
x-orig-request-id
f886e7ca04d6bff6788db2c860a36d35
x-ratelimit-reset
1
expiration
expiry-date="Sat, 19 Oct 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
x-vcl-time-ms
0
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.usatoday.com/
content-length
20084
x-ratelimit-limit
101
server
nginx
b2582c369a7ef733ab28d8db243141c1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b2582c369a7ef733ab28d8db243141c1.png
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
116530ea020565447a171be5f36baf41673b2021b6ee402dfbae53dbaceb6c03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

x-request-id
4c5113653fe541d8a5a58fdf1f9ba13c
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b2582c369a7ef733ab28d8db243141c1.png
etag
"c7a3ffbe2cefecae71fd607413d3d971"
surrogate-reporting
width=1000,height=555,bytes=66480,owidth=1000,oheight=563,obytes=324455,ef=(1,13,17,23,30)
cache-tag
544898340352583041802075491986290291943,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
age
102358
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
image/webp
last-modified
Tue, 19 Nov 2024 18:44:06 GMT
x-served-by
cache-iad-kcgs7200069-IAD, cache-iad-kcgs7200069-IAD, cache-lga21977-LGA, cache-iad-kiad7000068-IAD, cache-yul1970039-YUL
x-cache-hits
0, 0, 0, 50, 5
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
544898340352583041802075491986290291943,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
284
x-timer
S1732207577.271842,VS0,VE0
x-orig-request-id
8b57be73b814353982ad1c5c736bf4ef
x-ratelimit-reset
1
x-vcl-time-ms
0
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.gastongazette.com/
content-length
8644
x-ratelimit-limit
101
server
nginx
55d416c7ddb08c21496ca338d19ef8c9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
11 KB
12 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55d416c7ddb08c21496ca338d19ef8c9.png
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ce36607a7e8bdbef7c76398954c71ff65e90da33b2ee49df9c6766f583974fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

x-request-id
871666489ec2725e6761379129016513
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55d416c7ddb08c21496ca338d19ef8c9.png
etag
"a6450e6ad62e74ee3a71a51c2820a641"
surrogate-reporting
width=1000,height=555,bytes=81712,owidth=1000,oheight=563,obytes=583516,ef=(1,13,17,23,30)
cache-tag
460651929771810858315441634623114514055,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
age
102332
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
image/webp
last-modified
Tue, 19 Nov 2024 18:56:36 GMT
x-served-by
cache-iad-kiad7000177-IAD, cache-iad-kiad7000177-IAD, cache-lga21959-LGA, cache-iad-kcgs7200157-IAD, cache-yul1970039-YUL
x-cache-hits
0, 0, 0, 24, 86
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
460651929771810858315441634623114514055,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
703
x-timer
S1732207577.272067,VS0,VE0
x-orig-request-id
e1668e5b6134a21211b73ab712516fe3
x-ratelimit-reset
1
x-vcl-time-ms
0
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.montgomeryadvertiser.com/
content-length
10952
x-ratelimit-limit
101
server
nginx
76416613007-gscpbhd-241118-a.jpg%3Fcrop%3D2499%2C1406%2Cx0%2Cy43%26width%3D2499%26height%3D1406%26format%3Dpjpg%26auto%3Dwebp
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.app.com/gcdn/authoring/authoring-images/2024/11/19/PAPP/
15 KB
16 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.app.com/gcdn/authoring/authoring-images/2024/11/19/PAPP/76416613007-gscpbhd-241118-a.jpg%3Fcrop%3D2499%2C1406%2Cx0%2Cy43%26width%3D2499%26height%3D1406%26format%3Dpjpg%26auto%3Dwebp
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6bd218778c47ed6738fa1b77fe7cf43768570eab99f575f1c671209ae2a2d86d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

x-request-id
493fe934d000da6672f29d78428886e3
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.app.com/gcdn/authoring/authoring-images/2024/11/19/PAPP/76416613007-gscpbhd-241118-a.jpg%3Fcrop%3D2499%2C1406%2Cx0%2Cy43%26width%3D2499%26height%3D1406%26format%3Dpjpg%26auto%3Dwebp
etag
"6bbc15c91d01342f2ba5ff3b7b3747e9"
surrogate-reporting
width=400,height=223,bytes=18722,owidth=2499,oheight=1406,obytes=612147,ef=(1,13,17,23,30)
cache-tag
598554836539782711982779741760900870831,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
age
227497
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
image/webp
last-modified
Tue, 19 Nov 2024 01:07:39 GMT
x-served-by
cache-iad-kjyo7100037-IAD, cache-iad-kjyo7100037-IAD, cache-lga21960-LGA, cache-iad-kjyo7100121-IAD, cache-yul1970039-YUL
x-cache-hits
0, 0, 0, 29, 0
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
598554836539782711982779741760900870831,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
1164
x-timer
S1732207577.294940,VS0,VE15
x-orig-request-id
3d675de0f2fdae4582125f692213a960
x-ratelimit-reset
1
x-vcl-time-ms
15
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.app.com/
content-length
15294
x-ratelimit-limit
101
server
nginx
/
beacon.taboola.com/
0
184 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22isTriggeredByResize%22%3Afalse%2C%22placementModeGroupId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%201_5220134241%22%2C%22eventName%22%3A%22ResponsiveWidget-event-pre_fixing_responsive_widget%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.236084,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
/
beacon.taboola.com/
0
184 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%201_5220134241%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.246756,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%201_5220134241%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.264602,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%201_5220134241%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.266072,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%201_5220134241%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.266045,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%201_5220134241%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.266031,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%201_5220134241%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.266029,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
metrics
ch-trc-events.taboola.com/gannettcompany-app/log/3/
0
519 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/gannettcompany-app/log/3/metrics?route=US%3ACH%3AV&lti=trecs-1410-rr-refactor
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:18 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%202_6553237773%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.266023,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%202_6553237773%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.265968,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
metrics
ch-trc-events.taboola.com/gannettcompany-app/log/3/
0
519 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/gannettcompany-app/log/3/metrics?route=US%3ACH%3AV&lti=trecs-1410-rr-refactor
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:18 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%203_8545569045%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.265955,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%203_8545569045%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.265939,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
metrics
ch-trc-events.taboola.com/gannettcompany-app/log/3/
0
519 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/gannettcompany-app/log/3/metrics?route=US%3ACH%3AV&lti=trecs-1410-rr-refactor
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:18 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%204_3035828980%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.271920,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
/
beacon.taboola.com/
0
179 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%204_3035828980%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.271938,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
metrics
ch-trc-events.taboola.com/gannettcompany-app/log/3/
0
519 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/gannettcompany-app/log/3/metrics?route=US%3ACH%3AV&lti=trecs-1410-rr-refactor
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:18 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%205_8214062514%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.271877,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
metrics
ch-trc-events.taboola.com/gannettcompany-app/log/3/
0
519 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/gannettcompany-app/log/3/metrics?route=US%3ACH%3AV&lti=trecs-1410-rr-refactor
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:18 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%201_5220134241%22%2C%22mode%22%3A%22thumbnails-feed-original-03%22%2C%22eventName%22%3A%22ResponsiveWidget-event-overflowing_cards_found%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.271860,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
social
ch-trc-events.taboola.com/gannettcompany-app/log/3/
0
507 B
Image
General
Full URL
https://ch-trc-events.taboola.com/gannettcompany-app/log/3/social?route=US:CH:V&tvi48=14791&tvi50=10882&lti=trecs-1410-rr-refactor&ri=9fb8a1ef9a67ff169fe8e08c9d2f9670&sd=v2_59b41456260e5fc608d4180dfa867deb_45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958_1732207576_1732207576_CIi3jgYQ0qI9GKOH-Py0MiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABo8a2EmsXU5ND6AXABgAEA&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&pi=/&wi=-672519273834055283&pt=home&vi=1732207575971&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.app.com%2F%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Asbury%20Park%20Press%20NJ%20%7C%20Jersey%20Shore%20%26%20New%20Jersey%20News%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.app.com%2Ftangstatic%2Fsites%2Fpapp%2Fog-image-q1a2z3117c6e98.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=08%3A46%3A17.242&id=7573&llvl=2&cv=20241121-12_b2-DEV-177400-trecs-reco-reel-refactor-part-2-ea545490d89&
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

access-control-allow-origin
*
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:17 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
pixel-taboola
www.temu.com/api/adx/cm/ Frame F23C
Redirect Chain
  • https://sync.taboola.com/sg/temurtbnative-network/1/rtb/
  • https://www.temu.com/api/adx/cm/pixel-taboola?id=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958
0
368 B
Image
General
Full URL
https://www.temu.com/api/adx/cm/pixel-taboola?id=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
20.33.67.17 Washington, United States, ASN8069 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
yak-timeinfo
1732207580113|3
content-security-policy-report-only
default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
x-gateway-request-id
1732207580113-5cc71821f466ba12b3c437568416c237
cip
157.254.49.196
alt-svc
h3=":443"; ma=604800
content-length
0
date
Thu, 21 Nov 2024 16:46:20 GMT
server
nginx

Redirect headers

x-fastly-to-nlb-rtt
24693
location
https://www.temu.com/api/adx/cm/pixel-taboola?id=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958
date
Thu, 21 Nov 2024 16:46:17 GMT
server
nginx
access-control-allow-credentials
true
bounce
ib.adnxs.com/ Frame F23C
Redirect Chain
  • https://ib.adnxs.com/setuid?entity%3D584%26code%3D%7BtaboolaID%7D%26gdpr%3D%7Bgdpr_applies%7D%26gdpr_consent%3D%7Bdaisybit%7D
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%253D584%2526code%253D%257BtaboolaID%257D%2526gdpr%253D%257Bgdpr_applies%257D%2526gdpr_consent%253D%257Bdaisybit%257D
43 B
1014 B
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%253D584%2526code%253D%257BtaboolaID%257D%2526gdpr%253D%257Bgdpr_applies%257D%2526gdpr_consent%253D%257Bdaisybit%257D
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
68.67.160.186 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
157.254.49.196; 157.254.49.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
ede39939-94e4-49c0-a37d-d38acdcc97a9
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 21 Nov 2024 16:46:18 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%253D584%2526code%253D%257BtaboolaID%257D%2526gdpr%253D%257Bgdpr_applies%257D%2526gdpr_consent%253D%257Bdaisybit%257D
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
157.254.49.196; 157.254.49.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
fae88054-d068-4074-8b24-58b8bb3d8504
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 21 Nov 2024 16:46:18 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
cookie_sync.html
gannet-cdn.ex.co/sync/0.0.1-cc508f4/ Frame 5CB2
0
0
Document
General
Full URL
https://gannet-cdn.ex.co/sync/0.0.1-cc508f4/cookie_sync.html?network=368531133%2C1802083144&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/ap/4.105.0-caef12f/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-max-age
86400
age
2613458
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
content-encoding
gzip
content-length
268
content-type
text/html;charset=utf-8
date
Thu, 21 Nov 2024 16:46:18 GMT
etag
"3b6ba100a35a1e444af9a901fb1a5494"
last-modified
Tue, 24 Sep 2024 10:21:53 GMT
server
AmazonS3
strict-transport-security
max-age=31557600
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3305
x-exco-cdn
fastly
x-served-by
cache-yul1970066-YUL
x-timer
S1732207579.953593,VS0,VE0
events
collector-1.ex.co/main/
17 B
154 B
XHR
General
Full URL
https://collector-1.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/9854d92e-e8e7-4176-9ad8-a8dc2e96a467
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.83.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-83-189.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

access-control-allow-origin
*
content-length
17
date
Thu, 21 Nov 2024 16:46:17 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-type
application/json; charset=utf-8
/
pips.taboola.com/
4 B
116 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-store
retry-after
0
access-control-allow-methods
GET
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
content-length
4
date
Thu, 21 Nov 2024 16:46:17 GMT
x-served-by
cache-yul1970080-YUL
server
Varnish
x-cache-hits
0
a63eead323339ece7271a83937c28809.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a63eead323339ece7271a83937c28809.jpeg
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
59c1cb71989ee3651305fc721e45525a161bed9f64e0e8cb8d0ad2f7afaa512e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a63eead323339ece7271a83937c28809.jpeg
etag
"f2d8dc9241414fa4fb81ff018ad4298d"
surrogate-reporting
width=360,height=180,bytes=12299,owidth=1200,oheight=800,obytes=1230641,ef=(1,13,17,23,30)
cache-tag
425402107883928058282620619225184491709,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
age
1594878
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
image/webp
last-modified
Tue, 22 Oct 2024 23:00:31 GMT
x-served-by
cache-iad-kjyo7100057-IAD, cache-iad-kjyo7100057-IAD, cache-lax-kwhp1940036-LAX, cache-iad-kiad7000165-IAD, cache-yul1970039-YUL
x-cache-hits
0, 0, 0, 5, 0
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
425402107883928058282620619225184491709,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
200
x-timer
S1732207578.799365,VS0,VE1
x-orig-request-id
ba77c7fbef091726c478ebd0ce115d80
x-ratelimit-reset
1
expiration
expiry-date="Fri, 22 Nov 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
x-vcl-time-ms
1
accept-ranges
bytes
access-control-allow-origin
*
content-length
8948
x-ratelimit-limit
101
server
nginx
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=protected-audience&extraData=%7B%22eventName%22%3A%22auction_lost%22%2C%22placement%22%3A%22Right%20Rail%20Home%20Thumbnails%20-%20Redesign%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.352465,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
/
beacon.taboola.com/
0
207 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=protected-audience&extraData=%7B%22eventName%22%3A%22auction_summary%22%2C%22placement%22%3A%22Right%20Rail%20Home%20Thumbnails%20-%20Redesign%22%2C%22maxAuctionAttempts%22%3A1%2C%22potentialAuctionsCount%22%3A1%2C%22numberOfWonAuctions%22%3A0%2C%22numberOfSkippedAuctions%22%3A0%2C%22numberOfFailedAuctions%22%3A1%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.352421,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
metrics
ch-trc-events.taboola.com/gannettcompany-app/log/3/
0
519 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/gannettcompany-app/log/3/metrics?route=US%3ACH%3AV&lti=trecs-1410-rr-refactor
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:18 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Right%20Rail%20Home%20Thumbnails%20-%20Redesign_1429578282%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.362453,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
metrics
ch-trc-events.taboola.com/gannettcompany-app/log/3/
0
519 B
Ping
General
Full URL
https://ch-trc-events.taboola.com/gannettcompany-app/log/3/metrics?route=US%3ACH%3AV&lti=trecs-1410-rr-refactor
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:18 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
/
beacon.taboola.com/
0
45 B
XHR
General
Full URL
https://beacon.taboola.com/?ab=trecs-1410-rr-refactor&pub=gannettcompany-app&ui=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Right%20Rail%20Home%20Thumbnails%20-%20Redesign_1429578282%22%2C%22mode%22%3A%22thumbnails-rr%22%2C%22eventName%22%3A%22ResponsiveWidget-event-overflowing_cards_found%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1732207577.362400,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
x-served-by
cache-yul1970039-YUL
server
Varnish
x-cache-hits
0
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

access-control-allow-origin
*
cache-control
no-store
date
Thu, 21 Nov 2024 16:46:19 GMT
server
nginx
st
imprchmp.taboola.com/ Frame 640F
0
0
Document
General
Full URL
https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9-3oCABYDAFrdXNRLVr2wBABa3VzUS1a9sAUAAAAABgYA9AcAJGVybHaziWEtMY1Ma9FgNlorF87FWuFyzgYj22zmco6MAEBSJsdmN5sY1hLTyLQWDWajtXLhXKwVLudsMLLNZi7nyAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDAAWaTofPda_X_X53heFw1_jdfjkAAAAAADwA_P___0MAAAAAAEQAAAAAAEgAAAAAAFAABFQA_FsACFwAAAAAAGAA_P___2sAAJhsAAg8nRwAB_S3_O2mvz8AAAAAAEAAAAAAAEgAAAQKd0sAADrCF04A_v________9jAAboM29kAP7___9vABZ6AAAefAAAHoQAAAAALoYAztqLg9fC01yIAAAEfguLABgBAAAAAAAAAAAcAUwC6ASACsCiCuD__7_fCgDgCgAAIGDyybOAMgtAd1DiLQwAAAAAYAxggR4Wv9_ssGv8bpcB_P________-bAfyfAfyjAQi54EqlAQh7cqeoAfwCAgCsAfwCAgCwAYwbAADAG0AAHEDQARC0YjBYHQBBrIbL2QEAAAAA3AH8____6wGA1HJiWoxWs8lssHLNPLbBcGRaDAcjm8M4241cFu8B2BHk9JpqJDL2AbAIy-z3HYR8t8vw8LkMMpbLZFALZCyXySBpmVyep89uEB80DMvJIJgfwIQtRqvJZLMczpaLyWA4Go5G-wMYiM1ggAAULVmslsPVbrIYbRaLyXI3HE0mCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgaLVwrCwLm1sxWQ7Wos3G4paYJp61ZuKbzSye0criG61Fr4_p5RmunKvhFgEEA1b2InlapBOFazfa-Ia7zcTiHMw2js1sthiuXK7JZjAZDWemiViiOVmkE9ll31pOTIvRajaZDVaumcc2GI5Mi-FgZHMYZ7uRy-IvrRaOlWVhcysmy8FatNlY3BLTxLPWTHyzmcUzWll8o7Xo9TG9PMOVczXcN3abyWSwW-1m-8ZuM5kMdqvdbN9hMj1Tn7NRWDyZOy6fyBY0D2umg8JlsHhXqtNKW5AcnNuLyOlTr5UFndHv9_v9fr_f7_f7DVrPwWxQ-MaFZcX2HFutOYm2IDYoPAeLQRFLBBfpROew212m08fvNjzszrfCcLiIJUrTRTrRF_1ul-Hhc_krYongdJFOhH63y6L-I8CFDAaL6Wi5Gk4Xo8lgulhNptPFcrZKAAAAAAAAAAAASwCbAAAAAACcAAYxW20Gu3UCHMRyNVysVssFAHiIktIF-PluVXgo9g3fBbBX3UXSJMxrPAaQOIfd7jKdPn634WF3vhWGw5UBAAAEPpgBNgN8BiCItVotawAAAAABbAAAAAABbgDdALwBBJ7OcYD__39_egAAAAD6fQAgJoR64UeuFH6AghgMh5P9AwAIUIi1Wq1uN9ZqtQICCGI4GU4g4P___58gAAAAAAAAQEWwIAAAAAAAAGCJFiFAYNtNCKAQYDBEy9_t8kJAh4Ac_7oJJRgj24cAAICAySfPgVE!&cmcv=&pix=undefined&cb=1732207577578&uv=3451&tms=1732207577578&abt=adxsub-out_vA!adxsub-out_vB!tbt_loaf_fader!ufm_vE!vdprc_vD&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=ed1376b0-b4d4-4064-9a91-ae960d66fe9d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 21 Nov 2024 16:46:17 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul1970042-YUL
x-timer
S1732207578.623154,VS0,VE24
st
ch-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V9-3oCABYDAFrdXNRLVr2wBABa3VzUS1a9sAUAAAAABgYA9AcAJGVybHaziWEtMY1Ma9FgNlorF87FWuFyzgYj22zmco6MAEBSJsdmN5sY1hLTyLQWDWajtXLhXKwVLudsMLLNZi7nyAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDAAWaTofPda_X_X53heFw1_jdfjkAAAAAADwA_P___0MAAAAAAEQAAAAAAEgAAAAAAFAABFQA_FsACFwAAAAAAGAA_P___2sAAJhsAAg8nRwAB_S3_O2mvz8AAAAAAEAAAAAAAEgAAAQKd0sAADrCF04A_v________9jAAboM29kAP7___9vABZ6AAAefAAAHoQAAAAALoYAztqLg9fC01yIAAAEfguLABgBAAAAAAAAAAAcAUwC6ASACsCiCuD__7_fCgDgCgAAIGDyybOAMgtAd1DiLQwAAAAAYAxggR4Wv9_ssGv8bpcB_P________-bAfyfAfyjAQi54EqlAQh7cqeoAfwCAgCsAfwCAgCwAYwbAADAG0AAHEDQARC0YjBYHQBBrIbL2QEAAAAA3AH8____6wGA1HJiWoxWs8lssHLNPLbBcGRaDAcjm8M4241cFu8B2BHk9JpqJDL2AbAIy-z3HYR8t8vw8LkMMpbLZFALZCyXySBpmVyep89uEB80DMvJIJgfwIQtRqvJZLMczpaLyWA4Go5G-wMYiM1ggAAULVmslsPVbrIYbRaLyXI3HE0mCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgaLVwrCwLm1sxWQ7Wos3G4paYJp61ZuKbzSye0criG61Fr4_p5RmunKvhFgEEA1b2InlapBOFazfa-Ia7zcTiHMw2js1sthiuXK7JZjAZDWemiViiOVmkE9ll31pOTIvRajaZDVaumcc2GI5Mi-FgZHMYZ7uRy-IvrRaOlWVhcysmy8FatNlY3BLTxLPWTHyzmcUzWll8o7Xo9TG9PMOVczXcN3abyWSwW-1m-8ZuM5kMdqvdbN9hMj1Tn7NRWDyZOy6fyBY0D2umg8JlsHhXqtNKW5AcnNuLyOlTr5UFndHv9_v9fr_f7_f7DVrPwWxQ-MaFZcX2HFutOYm2IDYoPAeLQRFLBBfpROew212m08fvNjzszrfCcLiIJUrTRTrRF_1ul-Hhc_krYongdJFOhH63y6L-I8CFDAaL6Wi5Gk4Xo8lgulhNptPFcrZKAAAAAAAAAAAASwCbAAAAAACcAAYxW20Gu3UCHMRyNVysVssFAHiIktIF-PluVXgo9g3fBbBX3UXSJMxrPAaQOIfd7jKdPn634WF3vhWGw5UBAAAEPpgBNgN8BiCItVotawAAAAABbAAAAAABbgDdALwBBJ7OcYD__39_egAAAAD6fQAgJoR64UeuFH6AghgMh5P9AwAIUIi1Wq1uN9ZqtQICCGI4GU4g4P___58gAAAAAAAAQEWwIAAAAAAAAGCJFiFAYNtNCKAQYDBEy9_t8kJAh4Ac_7oJJRgj24cAAICAySfPgVE!&cmcv=&pix=31589837&cb=1732207577577&uv=3451&tms=1732207577577&abt=adxsub-out_vA!adxsub-out_vB!tbt_loaf_fader!ufm_vE!vdprc_vD&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1732207573141.5!ts:1732207577577&mntl=2
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

date
Thu, 21 Nov 2024 16:46:17 GMT
server
nginx
content-length
0
sync
ch-match.taboola.com/ Frame B558
0
0
Document
General
Full URL
https://ch-match.taboola.com/sync?dast=V9-3oCABYDAFrdXNRLVr2wBABa3VzUS1a9sAUAAAAABgYA9AcAJGVybHaziWEtMY1Ma9FgNlorF87FWuFyzgYj22zmco6MAEBSJsdmN5sY1hLTyLQWDWajtXLhXKwVLudsMLLNZi7nyAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDAAWaTofPda_X_X53heFw1_jdfjkAAAAAADwA_P___0MAAAAAAEQAAAAAAEgAAAAAAFAABFQA_FsACFwAAAAAAGAA_P___2sAAJhsAAg8nRwAB_S3_O2mvz8AAAAAAEAAAAAAAEgAAAQKd0sAADrCF04A_v________9jAAboM29kAP7___9vABZ6AAAefAAAHoQAAAAALoYAztqLg9fC01yIAAAEfguLABgBAAAAAAAAAAAcAUwC6ASACsCiCuD__7_fCgDgCgAAIGDyybOAMgtAd1DiLQwAAAAAYAxggR4Wv9_ssGv8bpcB_P________-bAfyfAfyjAQi54EqlAQh7cqeoAfwCAgCsAfwCAgCwAYwbAADAG0AAHEDQARC0YjBYHQBBrIbL2QEAAAAA3AH8____6wGA1HJiWoxWs8lssHLNPLbBcGRaDAcjm8M4241cFu8B2BHk9JpqJDL2AbAIy-z3HYR8t8vw8LkMMpbLZFALZCyXySBpmVyep89uEB80DMvJIJgfwIQtRqvJZLMczpaLyWA4Go5G-wMYiM1ggAAULVmslsPVbrIYbRaLyXI3HE0mCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgaLVwrCwLm1sxWQ7Wos3G4paYJp61ZuKbzSye0criG61Fr4_p5RmunKvhFgEEA1b2InlapBOFazfa-Ia7zcTiHMw2js1sthiuXK7JZjAZDWemiViiOVmkE9ll31pOTIvRajaZDVaumcc2GI5Mi-FgZHMYZ7uRy-IvrRaOlWVhcysmy8FatNlY3BLTxLPWTHyzmcUzWll8o7Xo9TG9PMOVczXcN3abyWSwW-1m-8ZuM5kMdqvdbN9hMj1Tn7NRWDyZOy6fyBY0D2umg8JlsHhXqtNKW5AcnNuLyOlTr5UFndHv9_v9fr_f7_f7DVrPwWxQ-MaFZcX2HFutOYm2IDYoPAeLQRFLBBfpROew212m08fvNjzszrfCcLiIJUrTRTrRF_1ul-Hhc_krYongdJFOhH63y6L-I8CFDAaL6Wi5Gk4Xo8lgulhNptPFcrZKAAAAAAAAAAAASwCbAAAAAACcAAYxW20Gu3UCHMRyNVysVssFAHiIktIF-PluVXgo9g3fBbBX3UXSJMxrPAaQOIfd7jKdPn634WF3vhWGw5UBAAAEPpgBNgN8BiCItVotawAAAAABbAAAAAABbgDdALwBBJ7OcYD__39_egAAAAD6fQAgJoR64UeuFH6AghgMh5P9AwAIUIi1Wq1uN9ZqtQICCGI4GU4g4P___58gAAAAAAAAQEWwIAAAAAAAAGCJFiFAYNtNCKAQYDBEy9_t8kJAh4Ac_7oJJRgj24cAAICAySfPgVE!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.1.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 21 Nov 2024 16:46:19 GMT
machineid
480101
server
nginx
cmOsUnit.css
vidstat.taboola.com/vpaid/units/34_5_1/assets/css/
81 KB
11 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/34_5_1/assets/css/cmOsUnit.css
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d525d90d883cad220e87a6b6605213652228c26e2702e743f7301040f9c6e8f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
"b1d58e4bce6171849235df9c05d37a41"
age
99152
x-amz-meta-gid
0
x-amz-meta-mtime
1732108386
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:17 GMT
last-modified
Wed, 20 Nov 2024 13:13:08 GMT
content-type
text/css
x-served-by
cache-yul1970039-YUL
x-cache-hits
21849
x-amz-id-2
Ti+xF9tKq/nqqShNBqP8+adrJ8pVLItBj85r9+jfkVX6nO4rF6yxfkBus4cvu7Hw4I3aSi4AHGU=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1732207578.619548,VS0,VE0
via
1.1 varnish
x-amz-request-id
QVRTPNJQK0RNAWRH
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
10879
x-amz-meta-ctime
1732108387
server
AmazonS3-br
x-amz-server-side-encryption
AES256
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/34_5_1/infra/
500 KB
103 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/34_5_1/infra/cmTagFEED_MANAGER.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
373b29782690d4b0bb83cf9c4b1323a4900833daf920cc0514bea7023ffcb725

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
"eabd8a6a89bf1d771c074decd4b76dae"
age
99152
x-amz-meta-gid
0
x-amz-meta-mtime
1732108372
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:18 GMT
last-modified
Wed, 20 Nov 2024 13:12:53 GMT
content-type
application/javascript
x-served-by
cache-yul1970072-YUL
x-cache-hits
19004
x-amz-id-2
XoUn2sVtDt6zpp8+8ZnHVjrwOj/5hzTXszdPbCgdXbw/1xj+nriet6Qu5OV9uNJB08jygB9f+aI=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1732207578.097679,VS0,VE0
via
1.1 varnish
x-amz-request-id
QVRQMYG3JJNSJ2PF
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
105185
x-amz-meta-ctime
1732108372
server
AmazonS3-br
x-amz-server-side-encryption
AES256
setuid
www.app.com/pbd/
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D
  • https://www.app.com/pbd/setuid?bidder=colossus&gdpr=&gdpr_consent=&f=i&uid=e16793ff-2d52-4a92-bd7d-ad2bc0e3096b
86 B
537 B
Image
General
Full URL
https://www.app.com/pbd/setuid?bidder=colossus&gdpr=&gdpr_consent=&f=i&uid=e16793ff-2d52-4a92-bd7d-ad2bc0e3096b
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:19 GMT
content-type
image/png
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1732207580.532748,VS0,VE35
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1;mode=block

Redirect headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Cache-Control
no-cache, no-store, must-revalidate
Location
https://www.app.com/pbd/setuid?bidder=colossus&gdpr=&gdpr_consent=&f=i&uid=e16793ff-2d52-4a92-bd7d-ad2bc0e3096b
Pragma
no-cache
Connection
keep-alive
Expires
0
Date
Thu, 21 Nov 2024 16:46:19 GMT
Server
nginx
entrance_110624_LocalBAU24
cm.app.com/overlay/ Frame D98C
0
0
Document
General
Full URL
https://cm.app.com/overlay/entrance_110624_LocalBAU24
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/main-q1a2z3cc252fdc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors https://app.com https://*.app.com https://*.gannettdigital.com https://*.usatodaynetworkservice.com https://*.usatodaynetwork.com 'self';default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';worker-src 'none';style-src-elem 'unsafe-inline';connect-src https://reporting-api.gannettinnovation.com https://api.parsely.com;font-src https://*.app.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';img-src https://*.app.com https://*.gannettdigital.com https://*.gannett-cdn.com https://images.parsely.com data: 'self';prefetch-src https://*.app.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';form-action https://*.app.com 'self' 'unsafe-hashes';sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-sample;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
67414
cache-control
public, max-age=3600, stale-while-revalidate=7200
content-encoding
gzip
content-length
5140
content-security-policy
upgrade-insecure-requests;frame-ancestors https://app.com https://*.app.com https://*.gannettdigital.com https://*.usatodaynetworkservice.com https://*.usatodaynetwork.com 'self';default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';worker-src 'none';style-src-elem 'unsafe-inline';connect-src https://reporting-api.gannettinnovation.com https://api.parsely.com;font-src https://*.app.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';img-src https://*.app.com https://*.gannettdigital.com https://*.gannett-cdn.com https://images.parsely.com data: 'self';prefetch-src https://*.app.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';form-action https://*.app.com 'self' 'unsafe-hashes';sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-sample;report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
text/html
cross-origin-resource-policy
same-site
date
Thu, 21 Nov 2024 16:46:18 GMT
etag
"224e31d7fdb4069347759a92442120da"
expires
Wed, 20 Nov 2024 22:02:44 GMT
feature-policy
autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
last-modified
Tue, 22 Oct 2024 16:43:18 GMT
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
origin-agent-cluster
?1
permissions-policy
autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
strict-transport-security
max-age=63072000;includeSubDomains;preload
timing-allow-origin
*
vary
X-AbVCfg,X-AbVariant,Accept-Encoding
x-amz-checksum-crc32c
21Iw/g==
x-cache
HIT
x-content-type-options
nosniff
x-goog-generation
1729615398038267
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
19331
x-robots-tag
noindex
x-timer
S1732207578.101089,VS0,VE1
x-xss-protection
1;mode=block
sync
eb2.3lift.com/ Frame 5E20
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24U...
0
0
Document
General
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1096
content-type
text/html; charset=utf-8
date
Thu, 21 Nov 2024 16:46:19 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 21 Nov 2024 16:46:19 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
712 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

etag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
age
20114
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:18 GMT
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
x-served-by
cache-yul1970037-YUL
x-cache-hits
2203
content-type
image/png
x-amz-id-2
oDgd4E9wAcD88yZ8P0Dt8b65hGeBkhzfxAWt+RDd5HZTRD5njJK0POKmsb+L6h06sEEd0078cEP0iUhfRfrigN9q0Wr7l+5p7RwTh0P1Yb0=
x-amz-replication-status
COMPLETED
cache-control
private,max-age=31536000
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1732207578.134692,VS0,VE0
via
1.1 varnish
x-amz-request-id
AZCCFT842VKA3KX2
accept-ranges
bytes
access-control-allow-origin
*
abp
53
content-length
254
server
AmazonS3
view
pagead2.googlesyndication.com/pcs/ Frame 2444
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvBd7BNO-WN7ZioXGBFTUlONrTnE8HQ35RACbZyjdTcV3bIxLzG84U1FnGI7onLFRdTouwsKSfoNcbYUAV2QlYpkUI3PZ1pvKIurJ5X9gBi4uqysVRc82YZbKr4ivgcZ3jubPIYJaD9hMoqj6kShfUQcCvmGBPizxrR0IolAp0BklgNeNHf37e2n4l9eBDGDhv9S3pn26whJjOMY2aIc7cbnALP-BGS9RiheVTag2H7dHHwr2Zm9n1ODhdvqvP_qgE7SOAZoAgBC0U8OnzimbDowqjYmIi0bLzlWe5SHEWs1qJ39Wz_Xj_-8MRK2sUrOakoWlrkT51OgFpKZNY5mVldeTQB2PcSZWmoNcwD00JuOMmUroiLjUj9FovmG4dm9igK9OrVXwXPlWYTN1XUgoCUTFYg3qxbq67GkdmEZet4o4Ci1bEvQraZYj9arLcERYYu2oaFYSqL0HYbig&sig=Cg0ArKJSzE9TMO9syu3lEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 16:46:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
adchoices.css
content.quantcount.com/adchoices/ Frame 2444
4 KB
1 KB
Stylesheet
General
Full URL
https://content.quantcount.com/adchoices/adchoices.css
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-48.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a2982d1f827e63af430413250f64336eb291d3c88c91533ea3c4a556e3107b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

x-amz-cf-pop
JFK52-P3
content-encoding
gzip
etag
W/"e9cda1f80f07c09ccf744883048aefa7"
age
13372
cross-origin-resource-policy
cross-origin
via
1.1 90707ba4ec932f1b72abfb5c4f1add2e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
cMCM6Zw0yYMSAf-QEIZXe_2xJSlf_5o3mL6g1y2K3eob2ISD9n7OrA==
date
Thu, 21 Nov 2024 13:03:29 GMT
content-type
text/css
vary
accept-encoding
server
AmazonS3
last-modified
Thu, 09 Feb 2023 15:59:30 GMT
x-amz-server-side-encryption
AES256
dcmads.js
www.googletagservices.com/dcm/ Frame 2444
19 KB
9 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
646de26aca05b66f1af42326f476fa9e9fd0fe1ae0e6b84c8df43a371fff71ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
age
2733
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 17:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 16:00:47 GMT
last-modified
Wed, 25 Sep 2024 14:24:55 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges
bytes
content-length
8436
x-xss-protection
0
server
sffe
adc.png
content.quantcount.com/adchoices/img/ Frame 2444
2 KB
2 KB
Image
General
Full URL
https://content.quantcount.com/adchoices/img/adc.png
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-48.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b80e0a9102663e7bdec1f8dc01741171d9e8b40603550b6adbdef141e65fc811

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

vary
accept-encoding
etag
"be8b83ebe85cdd616b60a6877191ce5a"
age
34323
cross-origin-resource-policy
cross-origin
via
1.1 90707ba4ec932f1b72abfb5c4f1add2e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1828
x-amz-cf-id
g6OLPPjM7J4Lt2LQaNVY09Vij-BS2u5SKAHx1x_ptYfkFe3NBpumvw==
date
Thu, 21 Nov 2024 07:14:18 GMT
content-type
image/png
last-modified
Thu, 09 Feb 2023 15:59:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
moatad.js
z.moatads.com/quantcastv2691176990399/ Frame 2444
0
0
Script
General
Full URL
https://z.moatads.com/quantcastv2691176990399/moatad.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.59.145.189 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-59-145-189.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 21 Nov 2024 16:46:20 GMT
Content-Length
27
Date
Thu, 21 Nov 2024 16:46:20 GMT
AK-GRN
0.50a6d017.1732207580.5a8e4cef
Content-Type
text/html
skeleton.js
pixel.adsafeprotected.com/rjss/st/2184108/81709832/ Frame 2444
62 KB
15 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/rjss/st/2184108/81709832/skeleton.js?ias_advId=${ACCOUNT_ID}&ias_creativeId=0&ias_campId=9059933&ias_placementId=9160149&adsafe_par&ias_impId=540353436524277762&custom=a0377a3b-7f16-4754-abdc-417ccf458def&custom2=11df195a-f80a-4d82-9c50-1ea6921c3414&custom3=p-y6Nyh2U0YDhwK
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.250.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-250-208.compute-1.amazonaws.com
Software
/
Resource Hash
62da423b6725cef7408576625a446da5e52883bdf8348014a56b44e940ede980

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin
pixel.adsafeprotected.com
date
Thu, 21 Nov 2024 16:46:18 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding
p-9fYuixa7g_Hm2.gif
pixel.quantcount.com/pixel/ Frame 2444
0
38 B
Image
General
Full URL
https://pixel.quantcount.com/pixel/p-9fYuixa7g_Hm2.gif?labels=_qc.spend,_qc.image.imp&rtbdata2=EAM6E2h0dHBzOi8vd3d3LmFwcC5jb21aJEw3SmNvUktPVjZzQ3J5bmVNODEzb2hMUVZzMDBzZmJPcEhvPYAB15663Qq6AQDAAeDUA8gB7fz3_LQy2gElQzBGRTAyNzMtMjg3OS00OTI1LTlCMDgtQUYzODc3QzgwOTcxQrACDsgCANACzuGG-_if98ypAegCugfyAg8InOYfEOHJi4im_Pyr9wHyAg4IugcQxLv8sJWokqa1AfgCAIoDBjE2NTQ2NpgDAKgDALIDBJ3-McS6AxIJgk0K-FoZ3xERFDQckqYeUJzCAxIJVEcWfzt6N6AR741Fz3xB3KvIA76AwBPYA6fNxgfiAw9wLXk2TnloMlUwWURod0vqAwYIrAIQ2ATyAwltNWElMjAwYTH4AwCABPIYigQCNzeaBBIJ0kB7QPTpYyARIIfB0WNqrpWiBBIJgk0K-FoZ3xERFDQckqYeUJyqBBIJgk0K-FoZ3xERFDQckqYeUJy4BEjQBBXyBAJDQYAFAYoFKjIwODcyOGRmZDFmODM0OTgxOWEzMzdiNzQwODdjZDBjZTM0Yjg0YWU2MpAFAZoFFSCHKN_R-DSYGaM3t0CHzQzjS4SuYqIFJEw3SmNvUktPVjZzQ3J5bmVNODEzb2hMUVZzMDBzZmJPcEhvPbgFAMAF2bK5-A_IBd38qATSBQYIAhABGB_oBQeaBhQKEgnSQHtA9OljIBEgh8HRY2qulaAGALUGiy56OroGSgoCQ0ESAk9OGPfMByIHdG9yb250byoJbTVhJTIwMGExOih2YW50aXZhJTIwdXNhJTIwc2hhcmVkJTIwc2VydmljZXMlMjBpbmMuyQbI8DBtlrh_B9AGB9gGHOIGJl9mcC5ldmVudC5UaWNrZXQgUHVyY2hhc2UgQ29uZmlybWF0aW9u6gYVaHR0cHM6Ly9mbHlwb3J0ZXIuY29t8QYC8DBtlrh_B_gGAYAHAA
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

date
Thu, 21 Nov 2024 16:46:20 GMT
content-length
0
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2444
217 KB
67 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
12158714353530318320
age
723
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 17:34:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 21 Nov 2024 16:34:15 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69014
x-xss-protection
0
server
cafe
p-y6Nyh2U0YDhwK.gif
pixel.quantserve.com/pixel/ Frame 2444
35 B
425 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-y6Nyh2U0YDhwK.gif?&media=ad&p=0.060000&r=796201&rand=15836839&labels=_qc.imp,_imp.adserver.rtb,_imp.qccampaign.9059933,_imp.flight.0,_imp.lineitem.0&rtbip=192.184.73.144&rtbdata2=EAM6E2h0dHBzOi8vd3d3LmFwcC5jb21aJEw3SmNvUktPVjZzQ3J5bmVNODEzb2hMUVZzMDBzZmJPcEhvPYAB15663Qq6AQDAAeDUA8gB7fz3_LQy2gElQzBGRTAyNzMtMjg3OS00OTI1LTlCMDgtQUYzODc3QzgwOTcxQrACDsgCANACzuGG-_if98ypAegCugfyAg8InOYfEOHJi4im_Pyr9wHyAg4IugcQxLv8sJWokqa1AfgCAIoDBjE2NTQ2NpgDAKgDALIDBJ3-McS6AxIJgk0K-FoZ3xERFDQckqYeUJzCAxIJVEcWfzt6N6AR741Fz3xB3KvIA76AwBPYA6fNxgfiAw9wLXk2TnloMlUwWURod0vqAwYIrAIQ2ATyAwltNWElMjAwYTH4AwCABPIYigQCNzeaBBIJ0kB7QPTpYyARIIfB0WNqrpWiBBIJgk0K-FoZ3xERFDQckqYeUJyqBBIJgk0K-FoZ3xERFDQckqYeUJy4BEjQBBXyBAJDQYAFAYoFKjIwODcyOGRmZDFmODM0OTgxOWEzMzdiNzQwODdjZDBjZTM0Yjg0YWU2MpAFAZoFFSCHKN_R-DSYGaM3t0CHzQzjS4SuYqIFJEw3SmNvUktPVjZzQ3J5bmVNODEzb2hMUVZzMDBzZmJPcEhvPbgFAMAF2bK5-A_IBd38qATSBQYIAhABGB_oBQeaBhQKEgnSQHtA9OljIBEgh8HRY2qulaAGALUGiy56OroGSgoCQ0ESAk9OGPfMByIHdG9yb250byoJbTVhJTIwMGExOih2YW50aXZhJTIwdXNhJTIwc2hhcmVkJTIwc2VydmljZXMlMjBpbmMuyQbI8DBtlrh_B9AGB9gGHOIGJl9mcC5ldmVudC5UaWNrZXQgUHVyY2hhc2UgQ29uZmlybWF0aW9u6gYVaHR0cHM6Ly9mbHlwb3J0ZXIuY29t8QYC8DBtlrh_B_gGAYAHAA&fpan=0&fpa=I0-805685419-1732207578273&d=app.com&et=1732207578273&sr=1600x1200x24&tzo=480
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-store, proxy-revalidate
content-length
35
date
Thu, 21 Nov 2024 16:46:20 GMT
content-type
image/gif
attribution-reporting-register-source
{"destination":"https://flyporter.com","source_event_id":"540353436524277762","expiry":"604800","filter_data":{"label":["NFP3HgI3hHnGpGvkQPbH3g=="],"pcode":["p-y6Nyh2U0YDhwK"]}}
pixel
protected-by.clarium.io/ Frame 2444
68 B
244 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cjVUZGdWdmtidi1QZWFKQ0thUWZDaDVYc3RvLzI2MTYyNDU6MzAweDYwMA==&v=5&s=v31id7ps3pt&id=eyJkZnAiOnsiYWQiOjQ3NjM3NTYxMzUsImMiOjEzODI4NTk0NTM0NiwibCI6NjIyODMwOTA3NSwibyI6MzE1NzQ1Njk0MiwiQSI6IjcxMDMvbmotYXNidXJ5cGFyay1DMTE3MS9wb3N0ZXJfZnJvbnQvaG9tZXBhZ2UiLCJ5IjowLCJjbyI6MCwicyI6ImFkLXNsb3QtNzEwMy1uai1hc2J1cnlwYXJrLUMxMTcxLXBvc3Rlcl9mcm9udC1ob21lcGFnZS0yLWFjMSJ9LCJhZG9tYWluIjoiZmx5cG9ydGVyLmNvbSIsInRwX2NyaWQiOiJQQjpwdWJtYXRpYzthMDM3N2EzYi03ZjE2LTQ3NTQtYWJkYy00MTdjY2Y0NThkZWYifQ%3D%3D&cb=8328234&h=www.app.com&d=eyJ3aCI6ImNqVlVaR2RXZG10aWRpMVFaV0ZLUTB0aFVXWkRhRFZZYzNSdkx6STJNVFl5TkRVNk16QXdlRFl3TUE9PSIsIndkIjp7ImsuaGJfYXBfaWQiOiIyNjE2MjQ1IiwidyI6IjMwMCIsImgiOiI2MDAifSwid3IiOjQ4fQ==
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.178.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-178-58.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Thu, 21 Nov 2024 16:46:20 GMT
pragma
no-cache
content-type
image/png
server
nginx/1.18.0 (Ubuntu)
p-y6Nyh2U0YDhwK.gif
pixel-ssn.quantcount.com/pixel/ Frame 2444
Redirect Chain
  • https://exch.quantcount.com/pixel/p-y6Nyh2U0YDhwK.gif?iid=540353436524277762&labels=_qc.extra_user_agent&platform=&platformVersion=&model=
  • https://pixel-ssn.quantcount.com/pixel/p-y6Nyh2U0YDhwK.gif?iid=540353436524277762&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=cb38e251-6773-4d89-b57f-27d3e1828719
35 B
355 B
Image
General
Full URL
https://pixel-ssn.quantcount.com/pixel/p-y6Nyh2U0YDhwK.gif?iid=540353436524277762&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=cb38e251-6773-4d89-b57f-27d3e1828719
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
192.184.68.228 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
date
Thu, 21 Nov 2024 16:46:21 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["Vb52oG7PLKi3AUt/PBV1EA=="],"pcode":["p-y6Nyh2U0YDhwK"]}],"trigger_data":"1"}]}
content-type
image/gif

Redirect headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
location
https://pixel-ssn.quantcount.com/pixel/p-y6Nyh2U0YDhwK.gif?iid=540353436524277762&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=cb38e251-6773-4d89-b57f-27d3e1828719
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
date
Thu, 21 Nov 2024 16:46:20 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["Vb52oG7PLKi3AUt/PBV1EA=="],"pcode":["p-y6Nyh2U0YDhwK"]}],"trigger_data":"1"}]}
content-type
image/gif
bulk
trc.taboola.com/gannettcompany-app/log/3/
0
371 B
Ping
General
Full URL
https://trc.taboola.com/gannettcompany-app/log/3/bulk?route=US%3ACH%3AV&lti=trecs-1410-rr-refactor&tvi48=14791&tvi50=10882&tvi61=19380&cv=20241121-12_b2-DEV-177400-trecs-reco-reel-refactor-part-2-ea545490d89&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.app.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:19 GMT
content-type
image/gif
x-served-by
cache-yyz4545-YYZ
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
14342
pragma
no-cache
x-timer
S1732207579.134577,VS0,VE17
x-vcl-time-ms
17
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.app.com
x-service-version
v1
server
nginx
hls.min.js
gannet-cdn.ex.co/player/hls/1.4.10.ST-exco/
332 KB
98 KB
Script
General
Full URL
https://gannet-cdn.ex.co/player/hls/1.4.10.ST-exco/hls.min.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d634597e0d4565374226635016a842ab907f12fc89accb3c27655dc03841a1
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

access-control-max-age
86400
x-exco-cdn
fastly
content-encoding
gzip
etag
"847a6711cfb1b0f99a99d2b8c7bc6db9"
age
430443
access-control-allow-methods
GET,POST
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:19 GMT
last-modified
Wed, 05 Jun 2024 10:26:06 GMT
vary
Accept-Encoding
x-cache-hits
0
content-type
application/javascript
x-served-by
cache-yul1970074-YUL
access-control-allow-headers
*
strict-transport-security
max-age=31557600
cache-control
max-age=31557600
x-timer
S1732207579.232177,VS0,VE1
access-control-allow-credentials
false
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
100191
server
AmazonS3
papi.js
rumcdn.geoedge.be/ Frame 0D00
6 KB
3 KB
Script
General
Full URL
https://rumcdn.geoedge.be/papi.js
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/ap/4.105.0-caef12f/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:6400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e4425fd2ceb01a41d3602024cb2e9a76ec239149cab94755a7ab8f8357b73c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

vary
accept-encoding
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
content-encoding
br
x-amz-version-id
GXClMNW000e14A0SHDPHYz_GKOt7SqPe
etag
W/"9c126ffa6ff3b0d30c8fb433ec1ee861"
age
1194
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
i6mwCJM46w8c-_ecYm2zltEBfs3tS8ddOhZzJOTvSTekuBCCQK_DXw==
date
Thu, 21 Nov 2024 16:26:27 GMT
content-type
application/javascript
last-modified
Sun, 06 Oct 2024 12:26:47 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
x-amz-server-side-encryption
AES256
starti
s-06.channelexco.com/ppx/
0
109 B
Image
General
Full URL
https://s-06.channelexco.com/ppx/starti?sid=&domain=https%3A%2F%2Fwww.app.com&se=74d115b7-9945-49d3-a3ef-93047c9731ed&pv=117.59&dd=www.app.com&gpvck=v022887012__640x360______DEF__nil__405&sa=shd&s=0.1&p=3177225&cb=1732207579050
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.59.7.249 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
date
Thu, 21 Nov 2024 16:46:19 GMT
pragma
no-cache
server
openresty
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AC53
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&predirect=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D21527%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3DPM_UID
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/ap/4.105.0-caef12f/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.59.144.227 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-59-144-227.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=48206
content-encoding
gzip
content-length
6694
content-type
text/html
date
Thu, 21 Nov 2024 16:46:20 GMT
expires
Fri, 22 Nov 2024 06:09:46 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
sync.ex.co/v1/ Frame 4104
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3684&gdpr=0&gdpr_consent=
  • https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=6819bca2fff5ea7cc1e23ab3935ccf0
0
0
Document
General
Full URL
https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=6819bca2fff5ea7cc1e23ab3935ccf0
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/ap/4.105.0-caef12f/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.153.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-153-112.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length
86
content-type
image/png
date
Thu, 21 Nov 2024 16:46:20 GMT
vary
Origin

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Nov 2024 16:46:20 GMT
Location
https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=6819bca2fff5ea7cc1e23ab3935ccf0
Pragma
no-cache
Server
nginx
x-sticky-vk
1732207580337098-318
usermatch
ssum-sec.casalemedia.com/ Frame BAFB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D&s=190719&C=1
0
0
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D&s=190719&C=1
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/ap/4.105.0-caef12f/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8e6227c1dc4036c9-YYZ
content-encoding
br
content-type
text/html
date
Thu, 21 Nov 2024 16:46:20 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SilQZGrhyGankqcL3EHBfg40jfOSSUoDvbII9oy8YMDsc7%2BvEtTCoZkXHIdj9uCoH2GYL1ozp4LQdc4PpzmqY9NZvtMiyCQt3wNnfi5qthRPmEunaFY3a0YVi3CNG5JtNGHsTD4HbMuzGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8e6227bfd97a36c9-YYZ
content-length
0
date
Thu, 21 Nov 2024 16:46:20 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D&s=190719&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbUswBbJn0n57VhHAUyRxWVXXi8mj9Onm8DeTsBbeZGIQ4f%2BlF7GPGnEGv01eJ5xfY4AAnSLyJPBNH9JTy%2FSXdz7jTZmR%2BVSraNkHqycMYAGa78wRaNVw2qycfV5XmVkWXdPOez5FEPUzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2B77
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east&gpp=[GPP]&gpp_sid=[GPP_SID]
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east&gpp=[GPP]&gpp_sid=[GPP_SID]
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east&gpp=[GPP]&gpp_sid=[GPP_SID]
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/ap/4.105.0-caef12f/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.105.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-105-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 21 Nov 2024 16:46:20 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 21 Nov 2024 16:46:20 GMT
location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east&gpp=[GPP]&gpp_sid=[GPP_SID]
server
AkamaiGHost
cookie_sync
rtb.channelexco.com/ Frame D452
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=35
  • https://rtb.channelexco.com/cookie_sync?bid=11395&srv=channelexco.com&uid=5727811877443088093&gdpr=0&gdpr_consent=
0
0
Document
General
Full URL
https://rtb.channelexco.com/cookie_sync?bid=11395&srv=channelexco.com&uid=5727811877443088093&gdpr=0&gdpr_consent=
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/ap/4.105.0-caef12f/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.7.241 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Thu, 21 Nov 2024 16:46:21 GMT
expires
0
pragma
no-cache
server
openresty
vary
Origin

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Thu, 21 Nov 2024 16:46:19 GMT
location
https://rtb.channelexco.com/cookie_sync?bid=11395&srv=channelexco.com&uid=5727811877443088093&gdpr=0&gdpr_consent=
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
cookie_sync
rtb.channelexco.com.com/
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Frtb.channelexco.com.com%2Fcookie_sync%3Fbid%3D8197%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D...
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Frtb.channelexco.com.com%2Fcookie_sync%3Fbid%3D8197%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D...
  • https://rtb.channelexco.com.com/cookie_sync?bid=8197&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=JtGuALZHtsTpYmeER2e_REvT
0
0

cookie_sync
rtb.channelexco.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D21635%26srv%3Dchannelexco.com%26cuid%3D74ae9b49-39a6-4ed0-9e42-3fe768ed4978%26uid%3D$UID
  • https://rtb.channelexco.com/cookie_sync?bid=21635&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=4084451142370176893291
0
247 B
Image
General
Full URL
https://rtb.channelexco.com/cookie_sync?bid=21635&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=4084451142370176893291
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
108.59.7.241 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Thu, 21 Nov 2024 16:46:21 GMT
pragma
no-cache
vary
Origin
server
openresty

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://rtb.channelexco.com/cookie_sync?bid=21635&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=4084451142370176893291
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Thu, 21 Nov 2024 16:46:20 GMT
cookie_sync
rtb.channelexco.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.channelexco.com/cookie_sync?bid=19349&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=$UID
  • https://rtb.channelexco.com/cookie_sync?bid=19349&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=7977835346143707685
0
246 B
Image
General
Full URL
https://rtb.channelexco.com/cookie_sync?bid=19349&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=7977835346143707685
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
108.59.7.241 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Thu, 21 Nov 2024 16:46:21 GMT
pragma
no-cache
vary
Origin
server
openresty

Redirect headers

cache-control
no-store, no-cache, private
location
https://rtb.channelexco.com/cookie_sync?bid=19349&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=7977835346143707685
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
157.254.49.196; 157.254.49.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
d84a1261-4114-4ae2-87af-824236cbf4f1
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 21 Nov 2024 16:46:20 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
setuid
www.app.com/pbd/
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BUID%7D&ox_sc=1
  • https://www.app.com/pbd/setuid?bidder=openx&gdpr=&gdpr_consent=&f=i&uid=9e2eb754-31fe-4844-b70e-89f2ae43a483
86 B
824 B
Image
General
Full URL
https://www.app.com/pbd/setuid?bidder=openx&gdpr=&gdpr_consent=&f=i&uid=9e2eb754-31fe-4844-b70e-89f2ae43a483
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:22 GMT
content-type
image/png
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1732207582.004375,VS0,VE37
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1;mode=block

Redirect headers

cache-control
private, max-age=0, no-cache, must-revalidate
location
https://www.app.com/pbd/setuid?bidder=openx&gdpr=&gdpr_consent=&f=i&uid=9e2eb754-31fe-4844-b70e-89f2ae43a483
pragma
no-cache
x-forwarded-for
157.254.49.196
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2024 16:46:21 GMT
vary
Origin
expb.js
cdn.ex.co/player/pb/3.13.0/ Frame 3C71
677 KB
176 KB
Script
General
Full URL
https://cdn.ex.co/player/pb/3.13.0/expb.js
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/ap/4.105.0-caef12f/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.197.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc341ab6cbb870eec55e773b796511beef7d0b6ade65eae2311d7b8060474b63
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

access-control-max-age
86400
x-exco-cdn
fastly
content-encoding
br
etag
"83e52358d13a5781e88943e8861202b7"
age
113355
access-control-allow-methods
GET,POST
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:21 GMT
last-modified
Wed, 20 Nov 2024 09:13:49 GMT
vary
Accept-Encoding
x-cache-hits
1770
content-type
application/javascript;charset=utf-8
x-served-by
cache-yul1970045-YUL
access-control-allow-headers
*
strict-transport-security
max-age=31557600
cache-control
max-age=31557600
x-timer
S1732207581.437641,VS0,VE0
access-control-allow-credentials
false
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
179496
server
AmazonS3
ima3.js
imasdk.googleapis.com/js/sdkloader/
424 KB
145 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 16:46:21 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148132
date
Thu, 21 Nov 2024 16:46:21 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
setuid
ps.ex.co/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://ps.ex.co/setuid?bidder=appnexus&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=7977835346143707685
86 B
394 B
Image
General
Full URL
https://ps.ex.co/setuid?bidder=appnexus&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=7977835346143707685
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
34.198.236.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-236-31.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-length
86
date
Thu, 21 Nov 2024 16:46:19 GMT
pragma
no-cache
content-type
image/png
vary
Origin

Redirect headers

cache-control
no-store, no-cache, private
location
https://ps.ex.co/setuid?bidder=appnexus&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=7977835346143707685
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
157.254.49.196; 157.254.49.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
e87df7bb-7324-46bb-a413-542d7f21bde9
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 21 Nov 2024 16:46:19 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
cm
trc.taboola.com/sg/prebidJS/1/
43 B
129 B
Image
General
Full URL
https://trc.taboola.com/sg/prebidJS/1/cm
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Thu, 21 Nov 2024 16:46:19 GMT
x-served-by
cache-yyz4545-YYZ
x-cache-hits
0
cache-control
no-cache, no-store
x-fastly-to-nlb-rtt
14556
pragma
no-cache
x-timer
S1732207579.400665,VS0,VE15
x-vcl-time-ms
15
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
v1
lb.eu-1-id5-sync.com/lb/
45 B
283 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a5a31827c71d815b998de4e3c711f7f3766b9c36d4591497aa6e15201242d923
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:20 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/
451 KB
84 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/OvaMediaPlayer.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
0ec01b064473a67133f2dd843cb09a72f820c1e76d7830f4530a002ac0552813

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.app.com
Referer
https://www.app.com/

Response headers

content-encoding
br
etag
"00780c4b91e6e69c95a2ee03b4de3495"
age
172682
x-amz-meta-gid
0
x-amz-meta-mtime
1732034788
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Thu, 21 Nov 2024 16:46:20 GMT
last-modified
Tue, 19 Nov 2024 16:46:47 GMT
content-type
application/javascript
x-served-by
cache-yul1970072-YUL
x-cache-hits
36375
x-amz-id-2
6dPDkKZQD/wYVpNZc+jgM0rB7/cxFG65rE8XHgPVVvPhom+4GmhVeUIl72oe9IBmwEXVonIj5ko=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1732207580.436375,VS0,VE0
via
1.1 varnish
x-amz-request-id
VS213S2BAD8REKRQ
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
85707
x-amz-meta-ctime
1732034806
server
AmazonS3-br
x-amz-server-side-encryption
AES256
blackScreen5.mp4
vidstatb.taboola.com/vid/
89 KB
89 KB
Media
General
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.app.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"b2b087fe4ae638c533731c347fcd4df8"
age
801603
x-amz-meta-mtime
1497790207
x-amz-meta-gid
0
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
r9Zinb55R6wrzyN-8ZqmBXNky7inGvLVKk3ZFud9qGRXmsdmqpYw5Q==
date
Thu, 21 Nov 2024 16:46:20 GMT
content-type
video/mp4
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
x-served-by
cache-yul1970067-YUL
x-cache-hits
359576
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1732207581.513257,VS0,VE0
Content-Range
bytes 0-90783/90784
via
1.1 fa939e12c183a90c4c24e1439693ec5a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
90784
x-amz-cf-pop
YUL62-P1
server
AmazonS3
events
e.channelexco.com/
0
247 B
Ping
General
Full URL
https://e.channelexco.com/events
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/ap/4.105.0-caef12f/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.161 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-request-method
GET, POST
access-control-allow-origin
*
date
Thu, 21 Nov 2024 16:46:23 GMT
server
openresty
access-control-allow-headers
*
usync.html
eus.rubiconproject.com/
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
0
0

480p_30fps,720p_30fps,1080p_30fps,master.m3u8
hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/673bd43c322c200001df58b8/
747 B
1009 B
XHR
General
Full URL
https://hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/673bd43c322c200001df58b8/480p_30fps,720p_30fps,1080p_30fps,master.m3u8?subtitles=76415821007
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/hls/1.4.10.ST-exco/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
2b2ec58a81201c3f51829c123f469a07aa5054111e1fd02606e7c9db9531d0b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

fastly-stats
otfp=1
etag
"2xB-ljExUP7Y-J79PQAX3cx-lNMzcSPyG3bXxcdwOtkVjpr1tq3Pi5EdIlMq43jPRPihP2u7rLLl8X9kwHyBMPM8H4Epx9PsZ1pUgwi5IwcHsmSekJHOu6ehXnVzgEjSsEshI0txmtU"
age
56832
x-timer
S1732207580.697803,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
747
date
Thu, 21 Nov 2024 16:46:19 GMT
content-type
application/x-mpegurl
x-served-by
cache-iad-kiad7000039-IAD, cache-yul1970043-YUL
server
otfp
x-cache-hits
14, 24
720p_30fps.m3u8
hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/673bd43c322c200001df58b8/
330 B
537 B
XHR
General
Full URL
https://hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/673bd43c322c200001df58b8/720p_30fps.m3u8
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/hls/1.4.10.ST-exco/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
f3e52476edf8c00b6ac58abc2d151dd03723be2e7b958d46d728bf9d4a2a86bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

fastly-stats
otfp=1
etag
"4OWg1_KWp-3bo2fCRd8Kh9JJTd0aVm35ZF3EFptnGbyJG70iRiIniTABGeQBKkqVmMPowJVf5fqQA9qK37Nnt6nqZA"
age
56833
x-timer
S1732207580.124887,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
330
date
Thu, 21 Nov 2024 16:46:20 GMT
content-type
application/x-mpegurl
x-served-by
cache-iad-kiad7000085-IAD, cache-yul1970043-YUL
server
otfp
x-cache-hits
381, 30
setuid
www.app.com/pbd/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dtrustx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dtrustx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://www.app.com/pbd/setuid?bidder=trustx&gdpr=&gdpr_consent=&f=i&uid=f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
86 B
2 KB
Image
General
Full URL
https://www.app.com/pbd/setuid?bidder=trustx&gdpr=&gdpr_consent=&f=i&uid=f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:22 GMT
content-type
image/png
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1732207583.606631,VS0,VE40
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1;mode=block

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://www.app.com/pbd/setuid?bidder=trustx&gdpr=&gdpr_consent=&f=i&uid=f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 16:46:22 GMT
impl_v102.js
www.googletagservices.com/dcm/ Frame 2444
64 KB
25 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v102.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed2a473cfa3c4774bf40ecd7bf40b712194e6fb12bfe8da6be047d867a7baa61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
age
6289
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 15:01:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 15:01:31 GMT
last-modified
Mon, 23 Sep 2024 13:13:16 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges
bytes
content-length
25384
x-xss-protection
0
server
sffe
720p_30fps-1.ts
hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/673bd43c322c200001df58b8/
2 MB
2 MB
XHR
General
Full URL
https://hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/673bd43c322c200001df58b8/720p_30fps-1.ts
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/hls/1.4.10.ST-exco/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
9471fa57cc6a8968ee49095dc1df6ca897ae455c568ca19b882b883ed8255694

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

fastly-stats
otfp=1
x-fastly-otfp-info
ss=0.000 sl=6.200 vl=39.700 rs=406x720
etag
"LSWZ3MpRCZncAA9u6I3q040z_t7FmFATPz1T0hp8xMThLe7JNlCyGM-pDaiwA9FPuuaKyXUDcy7WHfCnTygR7q2lJQ"
age
56834
x-timer
S1732207580.455495,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1693880
date
Thu, 21 Nov 2024 16:46:20 GMT
content-type
video/mp2t
x-served-by
cache-iad-kcgs7200030-IAD, cache-yul1970043-YUL
server
otfp
x-cache-hits
3, 0
grumi.js
rumcdn.geoedge.be/7c7ea9ed-8cd5-4a12-83ce-277e3bff2ea7/ Frame 2E61
428 KB
141 KB
Script
General
Full URL
https://rumcdn.geoedge.be/7c7ea9ed-8cd5-4a12-83ce-277e3bff2ea7/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/papi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:6400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c7f6fd0022b86aa7d247519268380f93934600930f517737ac55284b4ed8df1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
x-amz-version-id
uFJaus4SlKkXiV13HZjO3IDe2M_kCMRn
etag
W/"c11ed7a5fd219070533581734a448b33"
age
1193
x-cache
Hit from cloudfront
x-amz-cf-id
jHxXpXzDM_XxgkTe1LhN1sYeuq5xsM1hoREU9-RREnOW5UpKlWGaDQ==
date
Thu, 21 Nov 2024 16:26:28 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Thu, 21 Nov 2024 16:23:14 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
cm
u.openx.net/w/1.0/ Frame 72D5
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_...
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26...
0
0
Document
General
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
620
content-type
text/html
date
Thu, 21 Nov 2024 16:46:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 21 Nov 2024 16:46:20 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
prebid-event
traxex.gannettdigital.com/
0
0
Fetch
General
Full URL
https://traxex.gannettdigital.com/prebid-event
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.149.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
date
Thu, 21 Nov 2024 16:46:20 GMT
x-content-type-options
nosniff
1235.json
id5-sync.com/g/v2/
670 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
b3b0ccb1e7ffe9e5c75b246d4db65e7f31e85ebc77c311c3189f3595df5c0fa0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.app.com
p3p
CP="CAO PSA OUR"
date
Thu, 21 Nov 2024 16:46:21 GMT
content-type
application/json
vary
Origin
B29192617.357392513;dc_ver=102.299;sz=300x600;u_sd=1;gdpr=0;nel=1;dc_adk=2912815425;ord=cq1qjn;click=https%3A%2F%2Fexch.quantserve.com%2Fr%3F%26a%3Dp-y6Nyh2U0YDhwK%26labels%3D_qc.clk%2C_click.adser...
ad.doubleclick.net/ddm/adi/N30608.3752770-QUANTCAST/ Frame 6E94
0
0
Document
General
Full URL
https://ad.doubleclick.net/ddm/adi/N30608.3752770-QUANTCAST/B29192617.357392513;dc_ver=102.299;sz=300x600;u_sd=1;gdpr=0;nel=1;dc_adk=2912815425;ord=cq1qjn;click=https%3A%2F%2Fexch.quantserve.com%2Fr%3F%26a%3Dp-y6Nyh2U0YDhwK%26labels%3D_qc.clk%2C_click.adserver.rtb%2C_click.rand.15836839%26rtbip%3D192.184.73.144%26rtbdata2%3DEAM6E2h0dHBzOi8vd3d3LmFwcC5jb21aJEw3SmNvUktPVjZzQ3J5bmVNODEzb2hMUVZzMDBzZmJPcEhvPYAB15663Qq6AQDAAeDUA8gB7fz3_LQy2gElQzBGRTAyNzMtMjg3OS00OTI1LTlCMDgtQUYzODc3QzgwOTcxQrACDsgCANACzuGG-_if98ypAegCugfyAg8InOYfEOHJi4im_Pyr9wHyAg4IugcQxLv8sJWokqa1AfgCAIoDBjE2NTQ2NpgDAKgDALIDBJ3-McS6AxIJgk0K-FoZ3xERFDQckqYeUJzCAxIJVEcWfzt6N6AR741Fz3xB3KvIA76AwBPYA6fNxgfiAw9wLXk2TnloMlUwWURod0vqAwYIrAIQ2ATyAwltNWElMjAwYTH4AwCABPIYigQCNzeaBBIJ0kB7QPTpYyARIIfB0WNqrpWiBBIJgk0K-FoZ3xERFDQckqYeUJyqBBIJgk0K-FoZ3xERFDQckqYeUJy4BEjQBBXyBAJDQYAFAYoFKjIwODcyOGRmZDFmODM0OTgxOWEzMzdiNzQwODdjZDBjZTM0Yjg0YWU2MpAFAZoFFSCHKN_R-DSYGaM3t0CHzQzjS4SuYqIFJEw3SmNvUktPVjZzQ3J5bmVNODEzb2hMUVZzMDBzZmJPcEhvPbgFAMAF2bK5-A_IBd38qATSBQYIAhABGB_oBQeaBhQKEgnSQHtA9OljIBEgh8HRY2qulaAGALUGiy56OroGSgoCQ0ESAk9OGPfMByIHdG9yb250byoJbTVhJTIwMGExOih2YW50aXZhJTIwdXNhJTIwc2hhcmVkJTIwc2VydmljZXMlMjBpbmMuyQbI8DBtlrh_B9AGB9gGHOIGJl9mcC5ldmVudC5UaWNrZXQgUHVyY2hhc2UgQ29uZmlybWF0aW9u6gYVaHR0cHM6Ly9mbHlwb3J0ZXIuY29t8QYC8DBtlrh_B_gGAYAHAA%26redirecturl3%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.app.com%2F$0;xdt=0;crlt=kr_sXhaqbw;gcsr=m;stc=1;chaa=1;sttr=497;prcl=s
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
32232
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 16:46:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
main.19.8.554.js
static.adsafeprotected.com/ Frame 2444
240 KB
73 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.554.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:fa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e6b8bed905b3e3d971145ea3c117824f232e749e2b14e09885061b202688ad2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
x-amz-version-id
GX9LX9nPnOpGWyyKoH_FGiKccVLWQRdE
etag
W/"ea7d8dcb5947fd248150590a4d81a339"
age
65382
x-cache
Hit from cloudfront
x-amz-cf-id
n9yrlekb8t4oGiw-kkxDaEDsL0eV_4YEjBk1ch5ZI2vlrF1hQwII6A==
date
Wed, 20 Nov 2024 22:36:41 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 14 Nov 2024 18:52:23 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 4bcc80622a10d0ee4a55e5fd4f387c84.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3658
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.59.144.227 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-59-144-227.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=62564
content-encoding
gzip
content-length
15624
content-type
text/html
date
Thu, 21 Nov 2024 16:46:21 GMT
expires
Fri, 22 Nov 2024 10:09:05 GMT
last-modified
Wed, 13 Nov 2024 05:15:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame BFAD
0
0
Document
General
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=165466&siteId=1266954&adId=6238589&imprId=99BEB569-DDF4-4105-863F-D619E6F26EBA&cksum=E1C8E0CE438EFFA9&adType=10&adServerId=243&kefact=0.060000&kaxefact=0.060000&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1732207574&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.060000&dcId=2&tldId=0&passback=0&svr=BIDNJE10724&adsver=_602816652&adsabzcid=0&cls=BID&i0=0x3100000000000000&ekefact=1mM_Z-aICgB7bGQWHb4PkXWxfl_Mezt6ycRmeQXCoTgybJ49&ekaxefact=1mM_Z-yICgCy7JECCmkcSzVC95JLcyJibZomih2tOQ0J2rUO&ekpbmtpfact=1mM_Z_GICgCfNMe6yVp7RT3WfZbIh3uLpwwQkT5bJcGEhcwl&enpp=1mM_Z_aICgAS5Or8d8pKUwwUOgqeGr-CHflJd3BQH3jKpL58&pmr_m=1mM_Z_uICgBx081udyv7P13hACAyDt5XiobEMiNnTYaHlh4V&mdsp=1mM_ZwKJCgCqg3Q_SxgbVzHYPWVZS2B2Jjnzghtqm0IAlTrI&pfi=1&domId=13711471118807611990&dc=NJE1&pubBuyId=48503&crID=a0377a3b-7f16-4754-abdc-417ccf458def&lpu=flyporter.com&ucrid=13021352673772408942&wAdType=10&campaignId=19420&creativeId=0&pctr=0.000000&wDSPByrId=77&wDspId=153&wbId=0&wrId=0&wAdvID=50579&wDspCampId=11df195a-f80a-4d82-9c50-1ea6921c3414&isRTB=1&rtbId=C0FE0273-2879-4925-9B08-AF3877C80971B&burl=https%3A%2F%2Fus-east-pubmatic-rtb.quantserve.com%3A8443%2Fpubmatic_openrtb_notify%3FauctionId%3DC0FE0273-2879-4925-9B08-AF3877C80971B%26winPrice%3D0.060000%26rtbdata2%3DEAM6E2h0dHBzOi8vd3d3LmFwcC5jb21aJEw3SmNvUktPVjZzQ3J5bmVNODEzb2hMUVZzMDBzZmJPcEhvPYAB15663Qq6AQDAAeDUA8gB7fz3_LQy2gElQzBGRTAyNzMtMjg3OS00OTI1LTlCMDgtQUYzODc3QzgwOTcxQrACDsgCANACzuGG-_if98ypAegCugfyAg8InOYfEOHJi4im_Pyr9wHyAg4IugcQxLv8sJWokqa1AfgCAIoDBjE2NTQ2NpgDAKgDALIDBJ3-McS6AxIJgk0K-FoZ3xERFDQckqYeUJzCAxIJVEcWfzt6N6AR741Fz3xB3KvIA76AwBPYA6fNxgfiAw9wLXk2TnloMlUwWURod0vqAwYIrAIQ2ATyAwltNWElMjAwYTH4AwCABPIYigQCNzeaBBIJ0kB7QPTpYyARIIfB0WNqrpWiBBIJgk0K-FoZ3xERFDQckqYeUJyqBBIJgk0K-FoZ3xERFDQckqYeUJy4BEjQBBXyBAJDQYAFAYoFKjIwODcyOGRmZDFmODM0OTgxOWEzMzdiNzQwODdjZDBjZTM0Yjg0YWU2MpAFAZoFFSCHKN_R-DSYGaM3t0CHzQzjS4SuYqIFJEw3SmNvUktPVjZzQ3J5bmVNODEzb2hMUVZzMDBzZmJPcEhvPbgFAMAF2bK5-A_IBd38qATSBQYIAhABGB_oBQeaBhQKEgnSQHtA9OljIBEgh8HRY2qulaAGALUGiy56OroGSgoCQ0ESAk9OGPfMByIHdG9yb250byoJbTVhJTIwMGExOih2YW50aXZhJTIwdXNhJTIwc2hhcmVkJTIwc2VydmljZXMlMjBpbmMuyQbI8DBtlrh_B9AGB9gGHOIGJl9mcC5ldmVudC5UaWNrZXQgUHVyY2hhc2UgQ29uZmlybWF0aW9u6gYVaHR0cHM6Ly9mbHlwb3J0ZXIuY29t8QYC8DBtlrh_B_gGAYAHAA%26notificationType%3Dbilling%26labels%3D_qc.notification&ver=24&dateHr=2024112116&usrgen=0&usryob=0&layeringebl=1&gctry=ca&greg=on&uid=0&mid=0&wccookied=0&qpsladszid=681&eburl=aHR0cHM6Ly91cy1lYXN0LXB1Ym1hdGljLXJ0Yi5xdWFudHNlcnZlLmNvbTo4NDQzL3B1Ym1hdGljX29wZW5ydGJfbm90aWZ5P2F1Y3Rpb25JZD1DMEZFMDI3My0yODc5LTQ5MjUtOUIwOC1BRjM4NzdDODA5NzFCJndpblByaWNlPTAuMDYwMDAwJnJ0YmRhdGEyPUVBTTZFMmgwZEhCek9pOHZkM2QzTG1Gd2NDNWpiMjFhSkV3M1NtTnZVa3RQVmpaelEzSjVibVZOT0RFemIyaE1VVlp6TURCelptSlBjRWh2UFlBQjE1NjYzUXE2QVFEQUFlRFVBOGdCN2Z6M19MUXkyZ0VsUXpCR1JUQXlOek10TWpnM09TMDBPVEkxTFRsQ01EZ3RRVVl6T0RjM1F6Z3dPVGN4UXJBQ0RzZ0NBTkFDenVHRy1faWY5OHlwQWVnQ3VnZnlBZzhJbk9ZZkVPSEppNGltX1B5cjl3SHlBZzRJdWdjUXhMdjhzSldva3FhMUFmZ0NBSW9EQmpFMk5UUTJOcGdEQUtnREFMSURCSjMtTWNTNkF4SUpnazBLLUZvWjN4RVJGRFFja3FZZVVKekNBeElKVkVjV2Z6dDZONkFSNzQxRnozeEIzS3ZJQTc2QXdCUFlBNmZOeGdmaUF3OXdMWGsyVG5sb01sVXdXVVJvZDB2cUF3WUlyQUlRMkFUeUF3bHROV0VsTWpBd1lUSDRBd0NBQlBJWWlnUUNOemVhQkJJSjBrQjdRUFRwWXlBUklJZkIwV05xcnBXaUJCSUpnazBLLUZvWjN4RVJGRFFja3FZZVVKeXFCQklKZ2swSy1Gb1ozeEVSRkRRY2txWWVVSnk0QkVqUUJCWHlCQUpEUVlBRkFZb0ZLakl3T0RjeU9HUm1aREZtT0RNME9UZ3hPV0V6TXpkaU56UXdPRGRqWkRCalpUTTBZamcwWVdVMk1wQUZBWm9GRlNDSEtOX1ItRFNZR2FNM3QwQ0h6UXpqUzRTdVlxSUZKRXczU21OdlVrdFBWalp6UTNKNWJtVk5PREV6YjJoTVVWWnpNREJ6Wm1KUGNFaHZQYmdGQU1BRjJiSzUtQV9JQmQzOHFBVFNCUVlJQWhBQkdCX29CUWVhQmhRS0VnblNRSHRBOU9saklCRWdoOEhSWTJxdWxhQUdBTFVHaXk1Nk9yb0dTZ29DUTBFU0FrOU9HUGZNQnlJSGRHOXliMjUwYnlvSmJUVmhKVEl3TUdFeE9paDJZVzUwYVhaaEpUSXdkWE5oSlRJd2MyaGhjbVZrSlRJd2MyVnlkbWxqWlhNbE1qQnBibU11eVFiSThEQnRscmhfQjlBR0I5Z0dIT0lHSmw5bWNDNWxkbVZ1ZEM1VWFXTnJaWFFnVUhWeVkyaGhjMlVnUTI5dVptbHliV0YwYVc5dTZnWVZhSFIwY0hNNkx5OW1iSGx3YjNKMFpYSXVZMjl0OFFZQzhEQnRscmhfQl9nR0FZQUhBQSZub3RpZmljYXRpb25UeXBlPWJpbGxpbmcmbGFiZWxzPV9xYy5ub3RpZmljYXRpb24=&oid=99BEB569-DDF4-4105-863F-D619E6F26EBA&cntryId=40&sec=1&pAuSt=3&wops=0&sURL=app.com&BrID=5&te=1
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.32.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 21 Nov 2024 16:46:22 GMT
expires
0
pragma
no-cache
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2444
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 16:46:21 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
pagead2.googlesyndication.com/pcs/ Frame 2444
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuEVWLfWsUWdQI6Fwun4dDwTKr_RKaOh2BZdqXu9hh2jBiC6LAq7lvfH0p2lNcMMPBhQavc3bhrVqfS6VyGUcqskqkE3TMgcljehp2sN7-Xt4Ali7AYsf04-6mbIMIZFm8JAnfHtIKRCGWIlQIjXyHbagzGRXEwvrSFgWeZ2qnHHDSKlaM_DyRWlUyAkQBbx0FiiIxr9d6kmVq5dX0FtlKK2P4IQcIOMdyRvil7eRC__dsg5Hrs4IWUkYGazak_uZqnJcNKmr3-GgrN2ZW6Ji94rASpIK8Fwemcexv4JaI8ZN1gu7u6Kv922GT-1-nc8buGxdqibDnjR29shU7QVvVzQNAuwEZ9uzZzXUVn4SUgVP7ms3QfZGp5Qx7rdMCFQM8sXmfm6cOp8mDFEMIuKtNSit2L0xD69zMQi80eproqk3v9Jv0GIThoZmDjx6SEysxc0EDlztqhE7YevUJF&sig=Cg0ArKJSzP0p8g7RqVpxEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 16:46:21 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2444
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 16:46:21 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
jload
pixel.adsafeprotected.com/ Frame 9095
61 KB
15 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x600&pubId=4763756135&chanId=145219968&placementId=6228309075&pubCreative=138285945346&pubOrder=3157456942&cb=712399650&adsafe_par&impId=1f8913d7-a828-11ef-905c-22f9a6b797eb&custom2=direct&custom3=home-front
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.250.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-250-208.compute-1.amazonaws.com
Software
/
Resource Hash
70ab52f209b3f36b0cb65881621d2747ba6afebc121f6b2b8af8aa858a157caa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin
pixel.adsafeprotected.com
date
Thu, 21 Nov 2024 16:46:22 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding
truncated
/ Frame 2444
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa9ae45f484302f0ef8be00fc809de6586c0b2f28418c9f48474b7fbf0ff712

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
76415821007.webvtt.m3u8
hlsmedia.gannett-cdn.com/_captions/
10 B
261 B
XHR
General
Full URL
https://hlsmedia.gannett-cdn.com/_captions/76415821007.webvtt.m3u8
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/hls/1.4.10.ST-exco/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

fastly-stats
otfp=1
x-fastly-package-error
Origin 404
x-timer
S1732207581.108396,VS0,VE1
age
270
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
10
date
Thu, 21 Nov 2024 16:46:21 GMT
content-type
text/plain; charset=utf-8
x-served-by
cache-iad-kjyo7100072-IAD, cache-yul1970043-YUL
server
otfp
x-cache-hits
119, 1
TBPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/
232 KB
73 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
795d12439d0e6f0382f8687d6599a2e72cbf51e6806e224069a77281bfd7cbe8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"68d0c40fe5d02dbd22ed13ed9a7a340d"
age
172684
x-amz-meta-gid
0
x-amz-meta-mtime
1732034788
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
yRjca1CGBmI2W-NU8MllQbqKfk-ak_taR9nknkbvJF_ipgyMntKkEw==
date
Thu, 21 Nov 2024 16:46:22 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 16:46:30 GMT
x-served-by
cache-yul1970039-YUL
x-cache-hits
27184
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1732207582.472318,VS0,VE0
via
1.1 f7a96eacae195ce7e3982601464ebc84.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
73742
x-amz-cf-pop
YUL62-C2
x-amz-meta-ctime
1732034788
server
AmazonS3
x-amz-server-side-encryption
AES256
st
ch-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=157&cisd=convusmp&cipid=66361655&crid=-1&dast=V9-3oCABYDAFrdXNRLVr2wBABa3VzUS1a9sAUAAAAABgYA9AcAJGVybHaziWEtMY1Ma9FgNlorF87FWuFyzgYj22zmco6MAEBSJsdmN5sY1hLTyLQWDWajtXLhXKwVLudsMLLNZi7nyAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDAAWaTofPda_X_X53heFw1_jdfjkAAAAAADwA_P___0MAAAAAAEQAAAAAAEgAAAAAAFAABFQA_FsACFwAAAAAAGAA_P___2sAAJhsAAg8nRwAB_S3_O2mvz8AAAAAAEAAAAAAAEgAAAQKd0sAADrCF04A_v________9jAAboM29kAP7___9vABZ6AAAefAAAHoQAAAAALoYAztqLg9fC01yIAAAEfguLABgBAAAAAAAAAAAcAUwC6ASACsCiCuD__7_fCgDgCgAAIGDyybOAMgtAd1DiLQwAAAAAYAxggR4Wv9_ssGv8bpcB_P________-bAfyfAfyjAQi54EqlAQh7cqeoAfwCAgCsAfwCAgCwAYwbAADAG0AAHEDQARC0YjBYHQBBrIbL2QEAAAAA3AH8____6wGA1HJiWoxWs8lssHLNPLbBcGRaDAcjm8M4241cFu8B2BHk9JpqJDL2AbAIy-z3HYR8t8vw8LkMMpbLZFALZCyXySBpmVyep89uEB80DMvJIJgfwIQtRqvJZLMczpaLyWA4Go5G-wMYiM1ggAAULVmslsPVbrIYbRaLyXI3HE0mCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgaLVwrCwLm1sxWQ7Wos3G4paYJp61ZuKbzSye0criG61Fr4_p5RmunKvhFgEEA1b2InlapBOFazfa-Ia7zcTiHMw2js1sthiuXK7JZjAZDWemiViiOVmkE9ll31pOTIvRajaZDVaumcc2GI5Mi-FgZHMYZ7uRy-IvrRaOlWVhcysmy8FatNlY3BLTxLPWTHyzmcUzWll8o7Xo9TG9PMOVczXcN3abyWSwW-1m-8ZuM5kMdqvdbN9hMj1Tn7NRWDyZOy6fyBY0D2umg8JlsHhXqtNKW5AcnNuLyOlTr5UFndHv9_v9fr_f7_f7DVrPwWxQ-MaFZcX2HFutOYm2IDYoPAeLQRFLBBfpROew212m08fvNjzszrfCcLiIJUrTRTrRF_1ul-Hhc_krYongdJFOhH63y6L-I8CFDAaL6Wi5Gk4Xo8lgulhNptPFcrZKAAAAAAAAAAAASwCbAAAAAACcAAYxW20Gu3UCHMRyNVysVssFAHiIktIF-PluVXgo9g3fBbBX3UXSJMxrPAaQOIfd7jKdPn634WF3vhWGw5UBAAAEPpgBNgN8BiCItVotawAAAAABbAAAAAABbgDdALwBBJ7OcYD__39_egAAAAD6fQAgJoR64UeuFH6AghgMh5P9AwAIUIi1Wq1uN9ZqtQICCGI4GU4g4P___58gAAAAAAAAQEWwIAAAAAAAAGCJFiFAYNtNCKAQYDBEy9_t8kJAh4Ac_7oJJRgj24cAAICAySfPgVE!&cmcv=&uv=3451&unm=FEED_MANAGER&cb=1732207581217&abt=adxsub-out_vA!adxsub-out_vB!tbt_loaf_fader!ufm_vE!vdprc_vD&su=6&baseReportD=taboola.com&dataCenter=ch&
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

date
Thu, 21 Nov 2024 16:46:22 GMT
server
nginx
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 9017
0
0
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8e6227c82994a1f3-YYZ
content-encoding
br
content-type
text/html
date
Thu, 21 Nov 2024 16:46:21 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P4ZQQr7p7g4fqGkrxmz%2BxqIlDtciEHU2SOyHVsSwNlAItnjHsRRR%2FuLUMvdUQHchIIZ08B6M17wkDllxOh8aKTb%2BeKfUTRsl0XALIvCajB3lA2QUKG9opEBLsCYANcmGXXIDGZp7E43YuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
st
ch-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=157&cisd=convusmp&cipid=66361655&crid=-1&dast=V9-3oCABYDAFrdXNRLVr2wBABa3VzUS1a9sAUAAAAABgYA9AcAJGVybHaziWEtMY1Ma9FgNlorF87FWuFyzgYj22zmco6MAEBSJsdmN5sY1hLTyLQWDWajtXLhXKwVLudsMLLNZi7nyAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDAAWaTofPda_X_X53heFw1_jdfjkAAAAAADwA_P___0MAAAAAAEQAAAAAAEgAAAAAAFAABFQA_FsACFwAAAAAAGAA_P___2sAAJhsAAg8nRwAB_S3_O2mvz8AAAAAAEAAAAAAAEgAAAQKd0sAADrCF04A_v________9jAAboM29kAP7___9vABZ6AAAefAAAHoQAAAAALoYAztqLg9fC01yIAAAEfguLABgBAAAAAAAAAAAcAUwC6ASACsCiCuD__7_fCgDgCgAAIGDyybOAMgtAd1DiLQwAAAAAYAxggR4Wv9_ssGv8bpcB_P________-bAfyfAfyjAQi54EqlAQh7cqeoAfwCAgCsAfwCAgCwAYwbAADAG0AAHEDQARC0YjBYHQBBrIbL2QEAAAAA3AH8____6wGA1HJiWoxWs8lssHLNPLbBcGRaDAcjm8M4241cFu8B2BHk9JpqJDL2AbAIy-z3HYR8t8vw8LkMMpbLZFALZCyXySBpmVyep89uEB80DMvJIJgfwIQtRqvJZLMczpaLyWA4Go5G-wMYiM1ggAAULVmslsPVbrIYbRaLyXI3HE0mCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgaLVwrCwLm1sxWQ7Wos3G4paYJp61ZuKbzSye0criG61Fr4_p5RmunKvhFgEEA1b2InlapBOFazfa-Ia7zcTiHMw2js1sthiuXK7JZjAZDWemiViiOVmkE9ll31pOTIvRajaZDVaumcc2GI5Mi-FgZHMYZ7uRy-IvrRaOlWVhcysmy8FatNlY3BLTxLPWTHyzmcUzWll8o7Xo9TG9PMOVczXcN3abyWSwW-1m-8ZuM5kMdqvdbN9hMj1Tn7NRWDyZOy6fyBY0D2umg8JlsHhXqtNKW5AcnNuLyOlTr5UFndHv9_v9fr_f7_f7DVrPwWxQ-MaFZcX2HFutOYm2IDYoPAeLQRFLBBfpROew212m08fvNjzszrfCcLiIJUrTRTrRF_1ul-Hhc_krYongdJFOhH63y6L-I8CFDAaL6Wi5Gk4Xo8lgulhNptPFcrZKAAAAAAAAAAAASwCbAAAAAACcAAYxW20Gu3UCHMRyNVysVssFAHiIktIF-PluVXgo9g3fBbBX3UXSJMxrPAaQOIfd7jKdPn634WF3vhWGw5UBAAAEPpgBNgN8BiCItVotawAAAAABbAAAAAABbgDdALwBBJ7OcYD__39_egAAAAD6fQAgJoR64UeuFH6AghgMh5P9AwAIUIi1Wq1uN9ZqtQICCGI4GU4g4P___58gAAAAAAAAQEWwIAAAAAAAAGCJFiFAYNtNCKAQYDBEy9_t8kJAh4Ac_7oJJRgj24cAAICAySfPgVE!&cmcv=&uv=3451&unm=FEED_MANAGER&cb=1732207581441&abt=adxsub-out_vA!adxsub-out_vB!tbt_loaf_fader!ufm_vE!vdprc_vD&su=6&baseReportD=taboola.com&dataCenter=ch&
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

date
Thu, 21 Nov 2024 16:46:22 GMT
server
nginx
content-length
0
setuid
ps.ex.co/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dtrustx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://ps.ex.co/setuid?bidder=trustx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
86 B
604 B
Image
General
Full URL
https://ps.ex.co/setuid?bidder=trustx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
34.198.236.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-236-31.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-length
86
date
Thu, 21 Nov 2024 16:46:22 GMT
pragma
no-cache
content-type
image/png
vary
Origin

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://ps.ex.co/setuid?bidder=trustx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 16:46:22 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2444
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZPMh_n_csyxMt_zyuqqQcP9SEwvgvSzRqI-ppyArsDushWzRyp9SKOmpMq_K5wu0G2SsqUFIsGhECuCApXOAY26BZOZqYTRm3wPktb791Qp_WH7WrFCQOeCSZJcAVowx_k04h3VWwq0UrsxSH2AHXOqjHRh6Ywfve3GTi3ms0x72gDp83EdTxDyI0GqZ4u7AvyaDeOrE&sig=Cg0ArKJSzOcHolwVwsSCEAE&id=lidar2&mcvt=1000&p=777,1010,1377,1310&tm=1038.900001525879&tu=39.20000076293945&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20241120&bin=7&avms=nio&bs=1600,1200&mc=0.71&vu=1&app=0&itpl=19&adk=3655393499&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2814038100&rst=1732207578134&rpt=2895&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 21 Nov 2024 16:46:22 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
setuid
www.app.com/pbd/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://www.app.com/pbd/setuid?bidder=appnexus&gdpr=&gdpr_consent=&f=i&uid=7977835346143707685
86 B
944 B
Image
General
Full URL
https://www.app.com/pbd/setuid?bidder=appnexus&gdpr=&gdpr_consent=&f=i&uid=7977835346143707685
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:22 GMT
content-type
image/png
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1732207583.621939,VS0,VE36
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1;mode=block

Redirect headers

cache-control
no-store, no-cache, private
location
https://www.app.com/pbd/setuid?bidder=appnexus&gdpr=&gdpr_consent=&f=i&uid=7977835346143707685
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
157.254.49.196; 157.254.49.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
3d294808-fc70-491c-a904-e4bc4b51db68
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 21 Nov 2024 16:46:22 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
main.19.8.553.js
static.adsafeprotected.com/ Frame 9095
240 KB
73 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.553.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:fa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6500b45201c0146d2abc484c9bf09d6dfdb8b7a396862781ad9a5dc14d930553

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
x-amz-version-id
6XBJxLF8W2lXJOh0BI1NsN1G3o14kpBc
etag
W/"193bc7f5bbf8ccd294f4a75753e909dd"
age
65382
x-cache
Hit from cloudfront
x-amz-cf-id
82y2I_-BFweJIClZhcLgWNYrmcU5-WLGOwzIT7H81Uu85Y4lZR80Ig==
date
Wed, 20 Nov 2024 22:36:41 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 21:39:57 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 4bcc80622a10d0ee4a55e5fd4f387c84.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
usersync.html
cdn.undertone.com/js/ Frame 075C
0
0
Document
General
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: exbd.ex.co
URL: https://exbd.ex.co/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:5400:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
26440
content-encoding
gzip
content-type
text/html
date
Thu, 21 Nov 2024 09:25:45 GMT
etag
W/"dfe2e64ea592e9005c09a26c7dd96a2f"
last-modified
Mon, 21 Oct 2024 15:26:25 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 4e1c4d133adc8d8214916eeaddd7af66.cloudfront.net (CloudFront)
x-amz-cf-id
SgL-iz3wSxL3vEnlVGo2_XUPCcLSqDJfn2Ou69gka2k5xLJ8HDWF3A==
x-amz-cf-pop
JFK52-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
9oeKiCAhC7EYXxf0SvtBmahBpM5vpgXU
x-cache
Hit from cloudfront
TBbeachfrontPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/
143 KB
45 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBbeachfrontPrebidHandler.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
290fc68455fa7fb89844847addc691815734b40c5d45fc84e5999c7c011d0da5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"12c4ff3a1951778248639823aa8ad80b"
age
172684
x-amz-meta-gid
0
x-amz-meta-mtime
1732034788
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
LgiQB8PGoU3HepmTz6ZhiNkqcjblYDXUg0NwZ1wtI_rhRb20ZLCTlw==
date
Thu, 21 Nov 2024 16:46:22 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 16:46:31 GMT
x-served-by
cache-yul1970039-YUL
x-cache-hits
9036
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1732207583.883965,VS0,VE0
via
1.1 8422f3871db2552d4ad0cc9f31e22c2e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
46129
x-amz-cf-pop
YUL62-C2
x-amz-meta-ctime
1732034788
server
AmazonS3
x-amz-server-side-encryption
AES256
TBpulsepointPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/
144 KB
46 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBpulsepointPrebidHandler.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0027e9c7a27f1d9739a5704475076bb2b1d102606ec7c9fa6b51a8ed22fc8ee0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"5d620d46da9fd40ba86ef7a9b8a40b22"
age
172684
x-amz-meta-gid
0
x-amz-meta-mtime
1732034788
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
DrfVqcx3c2IdePivZj1oJAe7_Sn29yQLJDvgQTxQ6tguU0iuWovfNQ==
date
Thu, 21 Nov 2024 16:46:22 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 16:46:32 GMT
x-served-by
cache-yul1970039-YUL
x-cache-hits
6873
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1732207583.883918,VS0,VE0
via
1.1 ac1cb1fdb7cf3984f94f9f190169eb3a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
46251
x-amz-cf-pop
YUL62-C2
x-amz-meta-ctime
1732034788
server
AmazonS3
x-amz-server-side-encryption
AES256
TBsonobiPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/
143 KB
45 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBsonobiPrebidHandler.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72de1758435adda74ca5c6d67dff2f7074e66eef6f6f0bce605745873243296c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"8442529c8c32b501e4df612efb87d8c7"
age
172679
x-amz-meta-gid
0
x-amz-meta-mtime
1732034792
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
HMVcSxsiHCeDiZjgc8XEOxm-N03G8ToZFB-FZyYBV5tEfhITIkU60Q==
date
Thu, 21 Nov 2024 16:46:22 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 16:46:33 GMT
x-served-by
cache-yul1970039-YUL
x-cache-hits
9883
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1732207583.883905,VS0,VE0
via
1.1 ae7bbb23871eba9dda7f1abdc6bacfa0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
45757
x-amz-cf-pop
YUL62-C2
x-amz-meta-ctime
1732034792
server
AmazonS3
x-amz-server-side-encryption
AES256
TBunrulyPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/
138 KB
43 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBunrulyPrebidHandler.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4837786f42fdd3a3eb647ac7f5062af9d15d2b84fe8e9ceab87aba5eb16f9e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"9b5c83ca2866e89ba4fb89019628c4cb"
age
172684
x-amz-meta-gid
0
x-amz-meta-mtime
1732034793
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
e9TAYp2-Y8ANDm9UVJ90S8QrZoF_YG0VDanhEuiST0mWvrO23VXUHw==
date
Thu, 21 Nov 2024 16:46:22 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 16:46:34 GMT
x-served-by
cache-yul1970039-YUL
x-cache-hits
14630
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1732207583.883886,VS0,VE0
via
1.1 9ea08c3a2524e99d2bb42ac613eb89a2.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
44241
x-amz-cf-pop
YUL62-C2
x-amz-meta-ctime
1732034793
server
AmazonS3
x-amz-server-side-encryption
AES256
TBcadent_aperture_mxPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/
141 KB
45 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBcadent_aperture_mxPrebidHandler.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
970d669b94f61dd623451a1f64ee412137c2bbc5da1a26281badbfa413b60044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"c15740facb009b3a04baff89f35728ac"
age
172684
x-amz-meta-gid
0
x-amz-meta-mtime
1732034788
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
M2v-zq4rRehVPR7HHptY0V_VBuijv8xPaf35DUTH4raPSgtxhs2Ztg==
date
Thu, 21 Nov 2024 16:46:22 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 16:46:31 GMT
x-served-by
cache-yul1970039-YUL
x-cache-hits
9283
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1732207583.883851,VS0,VE0
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
45506
x-amz-cf-pop
YUL62-C2
x-amz-meta-ctime
1732034788
server
AmazonS3
x-amz-server-side-encryption
AES256
ima_ppub_config
securepubads.g.doubleclick.net/pagead/
430 B
151 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.app.com%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc8c9614e32af4e9ddcd7c5ba1257bfe65354f3cbf995c19d023f0669fb9dba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 16:46:22 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
126
date
Thu, 21 Nov 2024 16:46:22 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 8381
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
233742
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
257602
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Nov 2024 23:50:41 GMT
expires
Tue, 18 Nov 2025 23:50:41 GMT
last-modified
Mon, 18 Nov 2024 23:48:39 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 16:46:23 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
16746
date
Thu, 21 Nov 2024 16:46:23 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 45E4
45 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
492
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 17:38:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 16:38:10 GMT
last-modified
Tue, 19 Nov 2024 15:43:57 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges
bytes
content-length
15725
x-xss-protection
0
server
sffe
envelope
lexicon.33across.com/v1/ Frame 3C71
42 B
58 B
Fetch
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003EkOH8AAN&gdpr=0&src=pbjs&ver=8.27.0&coppa=0
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.app.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Thu, 21 Nov 2024 16:46:23 GMT
content-type
application/json
vary
origin
prebid
id5-sync.com/api/config/ Frame 3C71
168 B
444 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
c4cb41273a22371997a962233faaa1c6cf3dd3959016d8c9d828e2919a71154a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:23 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
rid
match.adsrvr.org/track/ Frame 3C71
109 B
0
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=343asog&fmt=json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
bb68b6b3efed65167419d2d83d8099d4c2f5468d13915ec0f3989f13416139a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Sat, 21 Dec 2024 16:46:17 GMT
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
topicsapi.html
topics.authorizedvault.com/ Frame 1766
0
0
Document
General
Full URL
https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=604800
content-encoding
gzip
content-type
text/html
date
Thu, 21 Nov 2024 16:46:27 GMT
etag
W/"b1da2234a554ee8bc6519a75d88402d9"
expires
Tue, 15 Oct 2024 01:42:32 GMT
last-modified
Mon, 26 Jun 2023 15:39:25 GMT
server
CDN77-Turbo
vary
Accept-Encoding
via
1.1 google
x-77-age
330155
x-77-cache
HIT
x-77-nzt
EgwBT3/O6QH3qwkFAAwBnJI73wG3YoEAAA
x-77-nzt-ray
f03d061349a81e1be3633f6708518f05
x-77-pop
newyorkUSNY
x-goog-generation
1687793965818864
x-goog-hash
crc32c=LvKeBQ== md5=sdoiNKVU7ovGUZp12IQC2Q==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1404
x-guploader-uploadid
AHmUCY0wTItAtduanMKEfmuV--40XcpS4I5NGgDZMHOWIu5I3JO--ixMBVxe7QG6SzWuvhZ1VhwxDKS3JQ
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 380F
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.59.144.227 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-59-144-227.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=103249
content-encoding
gzip
content-length
859
content-type
text/html
date
Thu, 21 Nov 2024 16:46:24 GMT
expires
Fri, 22 Nov 2024 21:27:13 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame 3C71
42 B
0
Fetch
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003EkOH8AAN&gdpr=0&src=pbjs&ver=8.27.0&coppa=0
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.app.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Thu, 21 Nov 2024 16:46:23 GMT
content-type
application/json
vary
origin
prebid
id5-sync.com/api/config/ Frame 3C71
168 B
444 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
c4cb41273a22371997a962233faaa1c6cf3dd3959016d8c9d828e2919a71154a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:23 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
rid
match.adsrvr.org/track/ Frame 3C71
109 B
0
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=343asog&fmt=json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
bb68b6b3efed65167419d2d83d8099d4c2f5468d13915ec0f3989f13416139a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Sat, 21 Dec 2024 16:46:17 GMT
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:17 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
skeleton.js
static.adsafeprotected.com/ Frame 2444
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/2184108/81709832/skeleton.js?ias_advId=${ACCOUNT_ID}&ias_creativeId=0&ias_campId=9059933&ias_placementId=9160149&adsafe_par&ias_impId=540353436524277762&cus...
  • https://static.adsafeprotected.com/skeleton.js
17 B
463 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
2600:9000:247b:fa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
age
65385
x-cache
Hit from cloudfront
x-amz-cf-id
0FB-f6MbNhnHnJ9MgEt073O7deXyKHxp99hJhcmdeUTqajEuqO83gw==
date
Wed, 20 Nov 2024 22:36:41 GMT
content-type
application/javascript
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 4bcc80622a10d0ee4a55e5fd4f387c84.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
17
x-amz-cf-pop
JFK52-P2
server
AmazonS3
x-amz-server-side-encryption
AES256

Redirect headers

cache-control
no-cache
location
https://static.adsafeprotected.com/skeleton.js
content-length
0
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 21 Nov 2024 16:46:24 GMT
pragma
no-cache
server
Apache-Coyote/1.1
sca.17.6.4.js
static.adsafeprotected.com/ Frame 8DEB
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:fa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
age
65384
x-cache
Hit from cloudfront
x-amz-cf-id
vquYIYTOG1qCHDp-LkbgWNM9pawS50xMEgrriwcSkgcTDbBu35vsww==
date
Wed, 20 Nov 2024 22:36:41 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 4bcc80622a10d0ee4a55e5fd4f387c84.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
v1
pixel.quantserve.com/ias/ Frame 2444
0
102 B
Image
General
Full URL
https://pixel.quantserve.com/ias/v1?r=[cachebuster]&labels=_ias.measurable&iid=540353436524277762&a=p-y6Nyh2U0YDhwK&cid=a0377a3b-7f16-4754-abdc-417ccf458def&bid=11df195a-f80a-4d82-9c50-1ea6921c3414&gdpr=[gdpr]&gdpr_consent=[gdpr_consent]
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

date
Thu, 21 Nov 2024 16:46:24 GMT
strict-transport-security
max-age=86400
cache-control
private, no-store, proxy-revalidate
/
pixel.adsafeprotected.com/ Frame 2444
43 B
197 B
Image
General
Full URL
https://pixel.adsafeprotected.com/?anId=926884&advId=quantcast&campId=onMeasurable&impId=540353436524277762&custom=a0377a3b-7f16-4754-abdc-417ccf458def&custom2=11df195a-f80a-4d82-9c50-1ea6921c3414&custom3=p-y6Nyh2U0YDhwK
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.250.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-250-208.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 21 Nov 2024 16:46:24 GMT
pragma
no-cache
content-type
image/gif
server
Apache-Coyote/1.1
cookie_sync
ps.ex.co/ Frame 3C71
1 KB
1 KB
Fetch
General
Full URL
https://ps.ex.co/cookie_sync
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.236.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-236-31.compute-1.amazonaws.com
Software
/
Resource Hash
e54dc9a41adb4bbc18fd3b62011cf26f0c36195db74aed248d935422968f5e2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.app.com
content-length
1296
date
Thu, 21 Nov 2024 16:46:24 GMT
content-type
application/json; charset=utf-8
vary
Origin
auction
ps.ex.co/openrtb2/ Frame 3C71
285 B
518 B
Fetch
General
Full URL
https://ps.ex.co/openrtb2/auction
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.236.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-236-31.compute-1.amazonaws.com
Software
/
Resource Hash
24f63cff35e66522794330927cb0a0b3ceb2e2324a96c2dced10f589b975ce28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.app.com
content-length
285
date
Thu, 21 Nov 2024 16:46:25 GMT
x-prebid
pbs-go/v2.11.0-3-g1a1080ae
content-type
application/json
vary
Origin
prebid
prebid.media.net/rtb/ Frame 3C71
0
0

pbjs
htlb.casalemedia.com/openrtb/ Frame 3C71
0
0

setuid
www.app.com/pbd/
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D
  • https://www.app.com/pbd/setuid?bidder=sonobi&gdpr=&gdpr_consent=&f=i&uid=873c37bf-3392-4538-8a35-a37831bb8e33
86 B
1 KB
Image
General
Full URL
https://www.app.com/pbd/setuid?bidder=sonobi&gdpr=&gdpr_consent=&f=i&uid=873c37bf-3392-4538-8a35-a37831bb8e33
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:24 GMT
content-type
image/png
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1732207585.871921,VS0,VE33
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1;mode=block

Redirect headers

cache-control
no-cache, no-store, private
location
https://www.app.com/pbd/setuid?bidder=sonobi&gdpr=&gdpr_consent=&f=i&uid=873c37bf-3392-4538-8a35-a37831bb8e33
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Thu, 21 Nov 2024 16:46:24 GMT
tcn
Choice
content-type
text/plain; charset=utf8
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-iad-2-5-90
x-xss-protection
0
setuid
ps.ex.co/
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D
  • https://ps.ex.co/setuid?bidder=sonobi&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=873c37bf-3392-4538-8a35-a37831bb8e33
86 B
710 B
Image
General
Full URL
https://ps.ex.co/setuid?bidder=sonobi&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=873c37bf-3392-4538-8a35-a37831bb8e33
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
34.198.236.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-236-31.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-length
86
date
Thu, 21 Nov 2024 16:46:24 GMT
pragma
no-cache
content-type
image/png
vary
Origin

Redirect headers

cache-control
no-cache, no-store, private
location
https://ps.ex.co/setuid?bidder=sonobi&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=873c37bf-3392-4538-8a35-a37831bb8e33
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Thu, 21 Nov 2024 16:46:24 GMT
tcn
Choice
content-type
text/plain; charset=utf8
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-iad-2-5-90
x-xss-protection
0
bid.json
reachms.bfmio.com/
0
165 B
Fetch
General
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=6a3690d7-dcfd-415d-c24e-c06b020d97fc
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.203.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-203-174.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
access-control-expose-headers
location
date
Thu, 21 Nov 2024 16:46:27 GMT
vary
Origin
server
nginx/1.18.0 (Ubuntu)
access-control-allow-credentials
true
prebid
id5-sync.com/api/config/
195 B
471 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f9eb538f15ae4d2e4cb9ed5e460819a92c66466a1b3fa270a1109819f80695e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:24 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/
11 B
229 B
Fetch
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.app.com/

Response headers

cache-control
private, max-age=0, no-cache, no-store
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://www.app.com
content-length
11
date
Thu, 21 Nov 2024 16:46:29 GMT
content-type
application/json
prebid
id5-sync.com/api/config/
195 B
471 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f9eb538f15ae4d2e4cb9ed5e460819a92c66466a1b3fa270a1109819f80695e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:24 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
/
hb.emxdgt.com/
0
156 B
Fetch
General
Full URL
https://hb.emxdgt.com/?t=5000&ts=1732207585017&src=pbjs
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.213.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-213-87.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
cache-control
no-cache
date
Thu, 21 Nov 2024 16:46:28 GMT
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid
id5-sync.com/api/config/
195 B
471 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f9eb538f15ae4d2e4cb9ed5e460819a92c66466a1b3fa270a1109819f80695e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:24 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
ortb
bid.contextweb.com/header/
0
168 B
Fetch
General
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.194.131 Amsterdam, Netherlands, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-origin
https://www.app.com
x-no-bid-reason
Passback by decision
access-control-allow-credentials
true
prebid
id5-sync.com/api/config/
195 B
471 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f9eb538f15ae4d2e4cb9ed5e460819a92c66466a1b3fa270a1109819f80695e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:24 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/
0
0

collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5JJXNTWR1D&gtm=45je4bk0v887636012za200&_p=1732207576633&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1764719333.1732207575&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&uid=ad920585-7252-4835-8b8f-82040914f661&dp=%2F&dl=https%3A%2F%2Fwww.app.com%2F&dr=&sid=1732207576&sct=1&seg=0&dt=Asbury%20Park%20Press%20NJ%20%7C%20Jersey%20Shore%20%26%20New%20Jersey%20News&tfd=11997
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.app.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 16:46:25 GMT
content-type
text/plain
server
Golfe2
OpportunityServlet
ch-vid-events.taboola.com/
1 B
117 B
Ping
General
Full URL
https://ch-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_5_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
content-length
1
date
Thu, 21 Nov 2024 16:46:25 GMT
server
nginx
access-control-allow-credentials
true
dt
dt.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=2184108&asId=cee99a89-eb2a-c0e9-93fa-b59a20248664&tv=%7Bc:uGtltJ,pingTime:-2,time:4195,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2823,beZ:2833,mfA:5654,cmA:5657,inA:5658,inZ:5664,prA:5665,prZ:5731,si:5766,poA:5773,poZ:5819,cmZ:5819,mfZ:5819,loA:6730,loZ:6737,ltA:7017,ltZ:7017,mdA:2833,mdZ:4569%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D,eng:b,tss:%7Blts:2024-11-2108.46.24,tzo:480,tzn:America/Vancouver%7D,exr:%7Bexs:objectExternal%7D,mob:%7Bori:0,ges:0,tch:0%7D,prp:%7Bnot:1,csi:1,msl:0,hdl:1,aps:0,hae:1,ito:1,sec:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:600,t:2941%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:4195,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:2941,wc:1570.1170.1600.1200,ac:2580.1947.300.600,am:i,cc:2580.1947.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1358~0%5D,as:%5B1358~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:uuMutMU+11%7C12%7C13%7C14%7C151%7C152.2184108-81709832%7C1521%7C1522%7C1523%7C1611%7C16121%7C16122%7C161231%7C161232%7C161233%7C161234%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C161c%7C17%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d*.2184108-81709832%7C1d1%7C1d2%7C1d3%7C1d4%7C1e1%7C1e2%7C1f1%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1g7%7C1g8%7C1g9%7C1ga%7C1gb%7C1gc%7C1gd%7C1ge%7C1gf%7C1gg%7C1gh%7C1gi%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1d*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:2948,slid:%5Bgoogle_ads_iframe_7103/nj-asburypark-C1171/poster_front/homepage_0,google_ads_iframe_7103/nj-asburypark-C1171/poster_front/homepage_0__container__,ad-slot-7103-nj-asburypark-C1171-poster_front-homepage-2-ac1%5D,msd:0,ph:7795,sinceFw:1243,readyFired:true%7D&br=c
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f13:800:7781:65f5:c13:5e87:b5e1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 21 Nov 2024 16:46:26 GMT
content-type
image/gif
server
nginx
x-server-name
dt03.or.303net.net
sca.17.6.4.js
static.adsafeprotected.com/ Frame 9918
91 KB
0
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:fa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
age
65384
x-cache
Hit from cloudfront
x-amz-cf-id
vquYIYTOG1qCHDp-LkbgWNM9pawS50xMEgrriwcSkgcTDbBu35vsww==
date
Wed, 20 Nov 2024 22:36:41 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 4bcc80622a10d0ee4a55e5fd4f387c84.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
mon
pixel.adsafeprotected.com/
43 B
197 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=922805&campId=300x600&pubId=4763756135&chanId=145219968&placementId=6228309075&pubCreative=138285945346&pubOrder=3157456942&cb=712399650&adsafe_par&impId=1f8913d7-a828-11ef-905c-22f9a6b797eb&custom2=direct&custom3=home-front&adsafe_url=https%3A%2F%2Fwww.app.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:48dd91d6-9331-c5ed-f038-03af5f49085e,c:uGtlvn,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5c6979c97f-bdch5,rg:va,pt:1-5-15,wc:1570.1170.1600.1200,ac:2580.1947.300.600,am:i,cc:2580.1947.300.600,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:2569,mot:0,app:0,maw:0,tdt:s,fm:uuMuudl+11%7C12%7C13%7C14%7C151%7C15211%7C15212%7C1522%7C1523%7C1524%7C1611%7C16121%7C16122%7C161231%7C161232%7C161233%7C161234%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C161c%7C17%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d*.922805%7C1d11%7C1d12%7C1d2%7C1d3%7C1d4%7C1d5%7C1e1%7C1e2%7C1f1%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1g7%7C1g8%7C1g9%7C1ga%7C1gb%7C1gc%7C1gd%7C1ge%7C1gf%7C1gg%7C1gh%7C1gi%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1p2,idMap:1d*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:2659,oid:23d0a8d0-a828-11ef-8f2a-6a88b48dcae1,v:19.8.553,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.250.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-250-208.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 21 Nov 2024 16:46:25 GMT
pragma
no-cache
content-type
image/gif
server
Apache-Coyote/1.1
setuid
www.app.com/pbd/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirectUri=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://www.app.com/pbd/setuid?bidder=yieldmo&f=i&uid=VFrQE33vJQ3zQaWuay7b&gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
86 B
2 KB
Image
General
Full URL
https://www.app.com/pbd/setuid?bidder=yieldmo&f=i&uid=VFrQE33vJQ3zQaWuay7b&gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:25 GMT
content-type
image/png
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1732207586.944814,VS0,VE36
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1;mode=block

Redirect headers

location
https://www.app.com/pbd/setuid?bidder=yieldmo&f=i&uid=VFrQE33vJQ3zQaWuay7b&gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
0
date
Thu, 21 Nov 2024 16:46:25 GMT
content-type
application/json;charset=utf-8
access-control-allow-headers
Cache-Control, Pragma, *
76415821007.webvtt.m3u8
hlsmedia.gannett-cdn.com/_captions/
10 B
104 B
XHR
General
Full URL
https://hlsmedia.gannett-cdn.com/_captions/76415821007.webvtt.m3u8
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/hls/1.4.10.ST-exco/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

fastly-stats
otfp=1
x-fastly-package-error
Origin 404
x-timer
S1732207585.326268,VS0,VE0
age
274
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
10
date
Thu, 21 Nov 2024 16:46:25 GMT
content-type
text/plain; charset=utf-8
x-served-by
cache-iad-kjyo7100072-IAD, cache-yul1970043-YUL
server
otfp
x-cache-hits
119, 2
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=2184108&asId=cee99a89-eb2a-c0e9-93fa-b59a20248664&tv=%7Bc:uGtlwL,pingTime:-2.1,time:4383,type:a,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:600,t:2941%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:4383,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:2941,wc:1570.1170.1600.1200,ac:2580.1947.300.600,am:i,cc:2580.1947.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1546~0%5D,as:%5B1546~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:uuMutMU+11%7C12%7C13%7C14%7C151%7C152.2184108-81709832%7C1521%7C1522%7C1523%7C1611%7C16121%7C16122%7C161231%7C161232%7C161233%7C161234%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C161c%7C17%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d*.2184108-81709832%7C1d1%7C1d2%7C1d3%7C1d4%7C1e1%7C1e2%7C1f1%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1g7%7C1g8%7C1g9%7C1ga%7C1gb%7C1gc%7C1gd%7C1ge%7C1gf%7C1gg%7C1gh%7C1gi%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1d.48dd91d6-9331-c5ed-f038-03af5f49085e.134_922805%7C1d*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:2948,slid:%5Bgoogle_ads_iframe_7103/nj-asburypark-C1171/poster_front/homepage_0,google_ads_iframe_7103/nj-asburypark-C1171/poster_front/homepage_0__container__,ad-slot-7103-nj-asburypark-C1171-poster_front-homepage-2-ac1%5D,msd:0,ph:7795,sinceFw:1243,readyFired:true%7D&br=c
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f13:800:7781:65f5:c13:5e87:b5e1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 21 Nov 2024 16:46:26 GMT
content-type
image/gif
server
nginx
x-server-name
dt21.or.303net.net
v1
lb.eu-1-id5-sync.com/lb/ Frame 3C71
45 B
282 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
2c6ffa36d133552a1a3b117c5f340dd1d668d2d361e947780a23d23a529c2f7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:25 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=48dd91d6-9331-c5ed-f038-03af5f49085e&tv=%7Bc:uGtlx9,pingTime:-2,time:2768,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1549,beZ:1551,mfA:4118,cmA:4121,inA:4121,inZ:4128,prA:4129,prZ:4195,si:4208,poA:4210,poZ:4236,cmZ:4237,mfZ:4237,loA:4298,loZ:4309,ltA:4316,ltZ:4317,mdA:1552,mdZ:1879%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:600,t:2658%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2769,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:2658,wc:1570.1170.1600.1200,ac:2580.1947.300.600,am:i,cc:2580.1947.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B194~0%5D,as:%5B194~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uuMuudl+11%7C12%7C13%7C14%7C151%7C15211%7C15212%7C1522%7C1523%7C1524%7C1611%7C16121%7C16122%7C161231%7C161232%7C161233%7C161234%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C161c%7C17%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d*.922805%7C1d11%7C1d12%7C1d2%7C1d3%7C1d4%7C1d5%7C1e1%7C1e2%7C1f1%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1g7%7C1g8%7C1g9%7C1ga%7C1gb%7C1gc%7C1gd%7C1ge%7C1gf%7C1gg%7C1gh%7C1gi%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1p2,idMap:1d*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:2660,slid:%5Bgoogle_ads_iframe_7103/nj-asburypark-C1171/poster_front/homepage_0,google_ads_iframe_7103/nj-asburypark-C1171/poster_front/homepage_0__container__,ad-slot-7103-nj-asburypark-C1171-poster_front-homepage-2-ac1%5D,msd:0,ph:7795,sinceFw:107,readyFired:true%7D&br=c
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f13:800:7781:65f5:c13:5e87:b5e1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 21 Nov 2024 16:46:26 GMT
content-type
image/gif
server
nginx
x-server-name
dt06.or.303net.net
v1
lb.eu-1-id5-sync.com/lb/ Frame 3C71
45 B
282 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
0872a7586906caffd12f4f51844e566f28cd45b4ccc9b72a195e2e5c0da14340
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:25 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
usync.html
eus.rubiconproject.com/ Frame 3C71
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
0
0

dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=48dd91d6-9331-c5ed-f038-03af5f49085e&tv=%7Bc:uGtlyc,time:2833,type:e,sca:%7Beng:b,tss:%7Blts:2024-11-2108.46.25,tzo:480,tzn:America/Vancouver%7D,exr:%7Bexs:objectExternal%7D,mob:%7Bori:0,ges:0,tch:0%7D,prp:%7Bnot:1,csi:1,msl:0,hdl:1,aps:0,hae:1,ito:1,sec:1%7D%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2833,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:2658,wc:1570.1170.1600.1200,ac:2580.1947.300.600,am:i,cc:2580.1947.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B258~0%5D,as:%5B258~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uuMuudl+11%7C12%7C13%7C14%7C151%7C15211%7C15212%7C1522%7C1523%7C1524%7C1611%7C16121%7C16122%7C161231%7C161232%7C161233%7C161234%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C161c%7C17%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d*.922805%7C1d11%7C1d12%7C1d2%7C1d3%7C1d4%7C1d5%7C1e1%7C1e2%7C1f1%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1g7%7C1g8%7C1g9%7C1ga%7C1gb%7C1gc%7C1gd%7C1ge%7C1gf%7C1gg%7C1gh%7C1gi%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1p2,idMap:1d*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:2660,msd:0,ph:7795,sis:2792%7D&br=c
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f13:800:7781:65f5:c13:5e87:b5e1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 21 Nov 2024 16:46:26 GMT
content-type
image/gif
server
nginx
x-server-name
dt04.or.303net.net
setuid
ps.ex.co/ Frame 3C71
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D
  • https://ps.ex.co/setuid?bidder=sonobi&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=873c37bf-3392-4538-8a35-a37831bb8e33
86 B
710 B
Image
General
Full URL
https://ps.ex.co/setuid?bidder=sonobi&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=873c37bf-3392-4538-8a35-a37831bb8e33
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
34.198.236.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-236-31.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-length
86
date
Thu, 21 Nov 2024 16:46:25 GMT
pragma
no-cache
content-type
image/png
vary
Origin

Redirect headers

cache-control
no-cache, no-store, private
location
https://ps.ex.co/setuid?bidder=sonobi&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=873c37bf-3392-4538-8a35-a37831bb8e33
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Thu, 21 Nov 2024 16:46:25 GMT
tcn
Choice
content-type
text/plain; charset=utf8
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-iad-2-5-90
x-xss-protection
0
1235.json
id5-sync.com/g/v2/ Frame 3C71
665 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
86520ba486b8d9fbd35c861db4b7c2cc50ec8a45be2167dbe65de3be09ae284b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.app.com
p3p
CP="CAO PSA OUR"
date
Thu, 21 Nov 2024 16:46:25 GMT
content-type
application/json
vary
Origin
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=2184108&asId=cee99a89-eb2a-c0e9-93fa-b59a20248664&tv=%7Bc:uGtlB3,pingTime:-10,time:4649,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8NDgwfHxNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzAuMC4wLjAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1732207585604%7C%7C7e7741f2bb9c0e618f995246dfc8d488%7C%7Ce70c069864ec1ceef7523c2cc9b41fcd%7C%7Ca766a4c0151d18f6e19657b01bc7e524%7C%7Cf3f4ddeca67bc98b62f5b40ef8d78c81%7C%7Cbf903340380102f5d46021231baf6d88%7C%7C16e82b8b115d9961c39f02dab0074fd5%7C%7C67e95140b9b5a412711b86f6720ce242%7C%7C1715618633%7D
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f13:800:7781:65f5:c13:5e87:b5e1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 21 Nov 2024 16:46:26 GMT
content-type
image/gif
server
nginx
x-server-name
dt27.or.303net.net
sync
eb2.3lift.com/ Frame B32B
0
0
Document
General
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1259
content-type
text/html; charset=utf-8
date
Thu, 21 Nov 2024 16:46:26 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
1235.json
id5-sync.com/g/v2/ Frame 3C71
665 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
705b8026b7469e0c185d4b33e3f1a1222c4914bd54b80bcc5977d194d67f69a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.app.com
p3p
CP="CAO PSA OUR"
date
Thu, 21 Nov 2024 16:46:26 GMT
content-type
application/json
vary
Origin
f197e01f-a318-42a4-83ab-a4961585010c
https://www.app.com/ Frame
0
0

PrebidServer
crb.kargo.com/api/v1/dsync/
43 B
369 B
Image
General
Full URL
https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&r=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.240.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-240-128.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
43
date
Thu, 21 Nov 2024 16:46:27 GMT
content-type
image/gif
vary
Origin
x-accel-expires
0
cmAdService.js
vidstat.taboola.com/vpaid/units/34_5_1/infra/
47 KB
12 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/34_5_1/infra/cmAdService.js
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fca6f31e1377cee31da3ef34a8b95a329d7d83eaf72305d89910f29162266472

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
gzip
etag
"6edcf250af407a2e0e520ff148b79d65"
age
99159
x-amz-meta-gid
0
x-amz-meta-mtime
1732108375
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
OoMcswMuk2_ejXUJL7Bag5M0tLEy_AZ4ZHnTCmifLh4HfUTufSz3Ng==
date
Thu, 21 Nov 2024 16:46:26 GMT
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 13:12:57 GMT
x-served-by
cache-yul1970039-YUL
x-cache-hits
21136
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1732207586.252705,VS0,VE0
via
1.1 192b5dfe0d3306c6761973a7786a01d4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
11876
x-amz-cf-pop
YUL62-C2
x-amz-meta-ctime
1732108376
server
AmazonS3
x-amz-server-side-encryption
AES256
events
collector.ex.co/main/
17 B
155 B
XHR
General
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/9854d92e-e8e7-4176-9ad8-a8dc2e96a467
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.66.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-66-114.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

access-control-allow-origin
*
content-length
17
date
Thu, 21 Nov 2024 16:46:29 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-type
application/json; charset=utf-8
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=48dd91d6-9331-c5ed-f038-03af5f49085e&tv=%7Bc:uGtlLI,pingTime:-10,time:3671,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8NDgwfHxNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzAuMC4wLjAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1732207585604%7C%7C7e7741f2bb9c0e618f995246dfc8d488%7C%7Ce70c069864ec1ceef7523c2cc9b41fcd%7C%7Ca766a4c0151d18f6e19657b01bc7e524%7C%7Cf3f4ddeca67bc98b62f5b40ef8d78c81%7C%7Cbf903340380102f5d46021231baf6d88%7C%7C16e82b8b115d9961c39f02dab0074fd5%7C%7C67e95140b9b5a412711b86f6720ce242%7C%7C1715618633,sca:%7Bspg:cee99a89-eb2a-c0e9-93fa-b59a20248664%7D%7D
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f13:800:7781:65f5:c13:5e87:b5e1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Thu, 21 Nov 2024 16:46:26 GMT
content-type
image/gif
server
nginx
x-server-name
dt13.or.303net.net
v1
lb.eu-1-id5-sync.com/lb/
45 B
282 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
6debdebf7684bd58e6fb13f0d994f63c518cb861c16f3df0e68702aea3f8a877
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:26 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lb.eu-1-id5-sync.com/lb/
45 B
282 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
b5b1ea45a62b4f16d19ea14504d545a98dd4cf5a96201715926fb5661feda7c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:26 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lb.eu-1-id5-sync.com/lb/
45 B
282 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
f4a7c16692cc93bc337203649b03d6489a2e69b3ff331994e5778d568d57a542
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:27 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lb.eu-1-id5-sync.com/lb/
45 B
282 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
557a8f6cf19253dd1a61afa6dc7d4b8a5cf212d8329465f29d9cd012969c30a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.app.com
date
Thu, 21 Nov 2024 16:46:27 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
usersync.html
cdn.undertone.com/js/ Frame D3BD
0
0
Document
General
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:5400:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
26440
content-encoding
gzip
content-type
text/html
date
Thu, 21 Nov 2024 09:25:45 GMT
etag
W/"dfe2e64ea592e9005c09a26c7dd96a2f"
last-modified
Mon, 21 Oct 2024 15:26:25 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 4e1c4d133adc8d8214916eeaddd7af66.cloudfront.net (CloudFront)
x-amz-cf-id
SgL-iz3wSxL3vEnlVGo2_XUPCcLSqDJfn2Ou69gka2k5xLJ8HDWF3A==
x-amz-cf-pop
JFK52-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
9oeKiCAhC7EYXxf0SvtBmahBpM5vpgXU
x-cache
Hit from cloudfront
log
qsearch-a.akamaihd.net/ Frame 3C71
35 B
296 B
Image
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=d8f3b026-3ccb-473b-ae9e-7896b441a799&cid=8CUM5GF61&crid=652322283&adunit_count=1&dn=www.app.com&requrl=https://www.app.com/&istop=true&event=client_timeout&value=1&rd=3000
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.188 Edison, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-200-0-188.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 21 Nov 2024 16:46:28 GMT
Access-Control-Allow-Origin
*
Content-Length
35
Date
Thu, 21 Nov 2024 16:46:28 GMT
Content-Type
image/gif
events
collector-1.ex.co/main/
17 B
154 B
XHR
General
Full URL
https://collector-1.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/9854d92e-e8e7-4176-9ad8-a8dc2e96a467
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.83.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-83-189.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

access-control-allow-origin
*
content-length
17
date
Thu, 21 Nov 2024 16:46:27 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-type
application/json; charset=utf-8
setuid
www.app.com/pbd/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-gannett&redirect_domain=www.app.com&gdpr=&gdpr_consent=&us_privacy=
  • https://www.app.com/pbd/setuid?bidder=rubicon&uid=M3RJO5Q0-27-EL9C
86 B
1 KB
Image
General
Full URL
https://www.app.com/pbd/setuid?bidder=rubicon&uid=M3RJO5Q0-27-EL9C
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:28 GMT
content-type
image/png
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1732207588.978110,VS0,VE33
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1;mode=block

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://www.app.com/pbd/setuid?bidder=rubicon&uid=M3RJO5Q0-27-EL9C
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
b4dd0c0269c7ea77b4c8a6cf555d0a1d
content-length
0
Content-Type
text/html
246.json
id5-sync.com/g/v2/
632 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/246.json
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
153944c7cd42909eebfaa74a3d320806b1e4339cbb5a12bec035866da4337167
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.app.com
p3p
CP="CAO PSA OUR"
date
Thu, 21 Nov 2024 16:46:27 GMT
content-type
application/json
vary
Origin
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.app.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.app.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 21 Nov 2024 16:46:28 GMT
246.json
id5-sync.com/g/v2/
632 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/246.json
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
d03ba608f57b719c2f2c9e2e6ca5c746cea042d926790df5d86da69648d73a43
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.app.com
p3p
CP="CAO PSA OUR"
date
Thu, 21 Nov 2024 16:46:28 GMT
content-type
application/json
vary
Origin
setuid
ps.ex.co/ Frame 3C71
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fps.ex.co%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&gpp=&gpp_s...
  • https://ps.ex.co/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
86 B
923 B
Image
General
Full URL
https://ps.ex.co/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
34.198.236.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-236-31.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-length
86
date
Thu, 21 Nov 2024 16:46:28 GMT
pragma
no-cache
content-type
image/png
vary
Origin

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://ps.ex.co/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 16:46:27 GMT
246.json
id5-sync.com/g/v2/
632 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/246.json
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
b3eb4f255ae6d937022a3090f8c9308b02f4fcacf340164e328bb756d5cf8ea9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.app.com
p3p
CP="CAO PSA OUR"
date
Thu, 21 Nov 2024 16:46:28 GMT
content-type
application/json
vary
Origin
setuid
www.app.com/pbd/
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID&gdpr=&gdpr_consent=
  • https://www.app.com/pbd/setuid?bidder=smaato&gdpr=&gdpr_consent=&f=i&uid=1401b34b29
86 B
2 KB
Image
General
Full URL
https://www.app.com/pbd/setuid?bidder=smaato&gdpr=&gdpr_consent=&f=i&uid=1401b34b29
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:28 GMT
content-type
image/png
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1732207589.821508,VS0,VE32
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1;mode=block

Redirect headers

cache-control
no-cache, must-revalidate
location
https://www.app.com/pbd/setuid?bidder=smaato&gdpr=&gdpr_consent=&f=i&uid=1401b34b29
via
1.1 d3a3a5c0949462849856f4aca1fd42ac.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
aWKubz7TaKBP4ewxGPTQuf_A4nv_4hOg9TWwRnRqkyMY3l9wQpOWuA==
date
Thu, 21 Nov 2024 16:46:28 GMT
x-amz-cf-pop
JFK52-P7
server
CloudFront
246.json
id5-sync.com/g/v2/
632 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/246.json
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
9ab5aa6d94a9305a4a407e9289023f9107e8304173a8a3dea046c135e982596f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.app.com
p3p
CP="CAO PSA OUR"
date
Thu, 21 Nov 2024 16:46:28 GMT
content-type
application/json
vary
Origin
76415821007.webvtt.m3u8
hlsmedia.gannett-cdn.com/_captions/
10 B
104 B
XHR
General
Full URL
https://hlsmedia.gannett-cdn.com/_captions/76415821007.webvtt.m3u8
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/hls/1.4.10.ST-exco/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

fastly-stats
otfp=1
x-fastly-package-error
Origin 404
x-timer
S1732207589.798954,VS0,VE0
age
278
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
10
date
Thu, 21 Nov 2024 16:46:28 GMT
content-type
text/plain; charset=utf-8
x-served-by
cache-iad-kjyo7100072-IAD, cache-yul1970043-YUL
server
otfp
x-cache-hits
119, 3
720p_30fps-2.ts
hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/673bd43c322c200001df58b8/
0
0

setuid
www.app.com/pbd/
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://www.app.com/pbd/setuid?bidder=triplelift&gdpr=&gdpr_consent=&f=i&uid=4084451142370176893291
86 B
1 KB
Image
General
Full URL
https://www.app.com/pbd/setuid?bidder=triplelift&gdpr=&gdpr_consent=&f=i&uid=4084451142370176893291
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 16:46:29 GMT
content-type
image/png
x-served-by
cache-yul1970036-YUL
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1732207589.087544,VS0,VE33
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
x-xss-protection
1;mode=block

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://www.app.com/pbd/setuid?bidder=triplelift&gdpr=&gdpr_consent=&f=i&uid=4084451142370176893291
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Thu, 21 Nov 2024 16:46:28 GMT
rtset
bh.contextweb.com/
49 B
750 B
Image
General
Full URL
https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dpulsepoint%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%25%25VGUID%25%25
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.194.131 Amsterdam, Netherlands, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

cache-control
private, max-age=0, no-cache, no-store
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-9775cb85-fqcgz
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
server
Jetty(10.0.14)
usersync.html
cdn.undertone.com/js/ Frame 949D
0
0
Document
General
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.app.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/pbjsandwichdirecta9-q1a2z39bc6a581.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:5400:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
26445
content-encoding
gzip
content-type
text/html
date
Thu, 21 Nov 2024 09:25:45 GMT
etag
W/"dfe2e64ea592e9005c09a26c7dd96a2f"
last-modified
Mon, 21 Oct 2024 15:26:25 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 4e1c4d133adc8d8214916eeaddd7af66.cloudfront.net (CloudFront)
x-amz-cf-id
eJYFfOFhOK-eFP44tyoZez4CBzok7eP0LaHXKlWs_E7AS7w-Pu0OmA==
x-amz-cf-pop
JFK52-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
9oeKiCAhC7EYXxf0SvtBmahBpM5vpgXU
x-cache
Hit from cloudfront
OpportunityServlet
ch-vid-events.taboola.com/
1 B
117 B
Ping
General
Full URL
https://ch-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_5_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

access-control-allow-origin
https://www.app.com
content-length
1
date
Thu, 21 Nov 2024 16:46:29 GMT
server
nginx
access-control-allow-credentials
true
events
e.channelexco.com/
0
246 B
Ping
General
Full URL
https://e.channelexco.com/events
Requested by
Host: gannet-cdn.ex.co
URL: https://gannet-cdn.ex.co/player/ap/4.105.0-caef12f/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.161 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-request-method
GET, POST
access-control-allow-origin
*
date
Thu, 21 Nov 2024 16:46:29 GMT
server
openresty
access-control-allow-headers
*
ixmatch.html
js-sec.indexww.com/um/ Frame 2BB3
0
0
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
766
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8e622803b88dac75-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 21 Nov 2024 16:46:31 GMT
expires
Thu, 21 Nov 2024 20:46:31 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8F16
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.105.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-105-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 21 Nov 2024 16:46:30 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 06CD
0
0
Document
General
Full URL
https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
481
content-type
text/html
date
Thu, 21 Nov 2024 16:46:30 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame F72A
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.25 Edison, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-200-0-25.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 21 Nov 2024 16:46:31 GMT
ETag
"623de86a-cf34"
Expires
Fri, 22 Nov 2024 16:46:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 5762
0
0
Document
General
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/3.13.0/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:5400:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
26446
content-encoding
gzip
content-type
text/html
date
Thu, 21 Nov 2024 09:25:45 GMT
etag
W/"dfe2e64ea592e9005c09a26c7dd96a2f"
last-modified
Mon, 21 Oct 2024 15:26:25 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 4e1c4d133adc8d8214916eeaddd7af66.cloudfront.net (CloudFront)
x-amz-cf-id
d9HD-Mil1kX7HvhGNPglxVcnkqzTKP2G22bJxdHs6TIQW6yVmMlEyw==
x-amz-cf-pop
JFK52-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
9oeKiCAhC7EYXxf0SvtBmahBpM5vpgXU
x-cache
Hit from cloudfront
76099243007
api.gannett-cdn.com/argon/video/
4 KB
2 KB
Fetch
General
Full URL
https://api.gannett-cdn.com/argon/video/76099243007?apiKey=f6YYPA1hPnB9Y9chky5GOmrZKmaguLVh&site-code=PAPP&url=https://www.app.com/
Requested by
Host: www.app.com
URL: https://www.app.com/tangstatic/js/main-q1a2z3cc252fdc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2a268b43f97ddbe351c560fbfd48bfc04d70b1f5143df4b6cc44afa3b07f07d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

fam-ttl
120.000
access-control-max-age
3628800
content-encoding
gzip
age
5016
access-control-allow-methods
GET
x-cache
MISS, MISS, HIT, HIT
date
Thu, 21 Nov 2024 16:46:30 GMT
content-type
application/json; charset=utf-8
vcl_data
5jy3cmThFRbRJtLjNvaUEi.218_0-84bf330e3b77168d0b5b9c6dda112595
x-served-by
cache-iad-kiad7000133-IAD, cache-iad-kiad7000133-IAD, cache-yul1970043-YUL
x-cache-hits
0, 0, 41, 0
access-control-allow-headers
Origin, Content-Type
strict-transport-security
max-age=15724800
vary
accept-encoding,Origin, Accept-Encoding
x-timer
S1732207591.742107,VS0,VE1
via
1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
1332
p
sb.scorecardresearch.com/
43 B
298 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1732207576064&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=NaN&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=76415821007&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1732207590590&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=14525&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=news&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=app&c4=news&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Fnews%2F2024%2F11%2F18%2Fconcertgoer-captures-video-of-a-stray-dog-running-onstage-mid-song%2F76415821007%2F&c8=Concertgoer%20captures%20video%20of%20a%20stray%20dog%20running%20onstage%20mid-song&c9=
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-127.jfk52.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 15c2cf85eb6b1f3e4b8c8d0befbed77a.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
-XiTsrOX1KfWTbQsM-aX4act2Rzpjf6uOWhe2-EpajtT6_qoYqtk1w==
date
Thu, 21 Nov 2024 16:46:30 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
/
p1.parsely.com/plogger/
43 B
259 B
Image
General
Full URL
https://p1.parsely.com/plogger/?rand=1732207590612&plid=fbf1e9cf-c62d-4c28-98ba-021b6f01ece0&idsite=app.com&url=https%3A%2F%2Fwww.app.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22sevenDayReturn%22%3Afalse%2C%22userStatus%22%3A%22unauthenticated%22%2C%22userType%22%3A%22anonymous%22%7D&tagManager=gciAnalytics%3Aprod%3A0.375.0%3APAPP-TEALIUM-TANGENT&sid=1&surl=https%3A%2F%2Fwww.app.com%2F&sref=&sts=1732207575277&slts=0&date=Thu+Nov+21+2024+08%3A46%3A30+GMT-0800+(Pacific+Standard+Time)&action=videostart&metadata=%7B%22duration%22%3A39000%2C%22image_url%22%3A%22%22%2C%22pub_date_tmsp%22%3A%22%22%2C%22title%22%3A%22Concertgoer+captures+video+of+a+stray+dog+running+onstage+mid-song%22%2C%22author%22%3A%22Steve+Saldivar%22%2C%22section%22%3A%22news%22%2C%22tags%22%3A%5B%22tag%3ADogs%22%2C%22tag%3AConcerts%22%2C%22tag%3AVPC+-+Video+Analytics%22%2C%22tag%3AVideo+Syndication+-+USAT%22%2C%22tag%3ASyndication+-+Vertical+Video%22%2C%22ssts%3Anews%3A%22%5D%2C%22video_platform%22%3A%22exco%22%2C%22link%22%3A%2276415821007%22%7D&pvid=dcc85316-be75-4bbd-a6c0-ce4d27e6cd78&vsid=2c8cdf08-f69c-4be9-91da-4dec603aa28b&u=pid%3D4de8471f-9914-42f6-ba88-072ac4c3e983
Requested by
Host: www.app.com
URL: https://www.app.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

Cache-Control
no-cache
Content-Length
43
Date
Thu, 21 Nov 2024 16:46:30 GMT
Content-Type
image/gif
Last-Modified
Thursday, 21-Nov-2024 16:46:30 GMT
Server
nginx
Connection
keep-alive
sync_iframe
sync.bfmio.com/ Frame 6E9B
0
0
Document
General
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=6a3690d7-dcfd-415d-c24e-c06b020d97fc&gdpr=0&gc=&gce=1&us_privacy=&gpp=&gpp_sid=
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.250.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-250-48.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
217
Content-Type
text/html
Date
Thu, 21 Nov 2024 16:46:31 GMT
check.html
biddr.brealtime.com/ Frame 56A8
0
0
Document
General
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.21.64.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Age
4276
CF-Cache-Status
HIT
CF-RAY
8e62280c88e6ac3f-YYZ
Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
zstd
Content-Type
text/html
Date
Thu, 21 Nov 2024 16:46:32 GMT
Last-Modified
Wed, 23 Aug 2023 18:02:01 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zvqf%2BQCtd%2B4aXd1pihuf5cMb8sl65SL43tbILVr6BYUo56yBjXyYRlWAECploiYrCY0CGDvRxHZCf8BlnP5lHHnJEyo24Cyi1tDAp8snQtxAkshh0udf4RuGfnh5vIA05QnaLBWt"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 5a013b4ab55713f92a97f8f6e5bb3caa.cloudfront.net (CloudFront)
X-Amz-Cf-Id
JilLcFZse_RyBKKuwQCv3EzmIITzN92hSyLIcD-A46Brf8xpJ5-Sww==
X-Amz-Cf-Pop
YTO50-C3
X-Cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=4077&sent=4&recv=7&lost=0&retrans=0&sent_bytes=3126&recv_bytes=2404&delivery_rate=708565&cwnd=251&unsent_bytes=0&cid=049839e6ed73bc7c&ts=371&x=0"
x-amz-server-side-encryption
AES256
visitormatch
bh.contextweb.com/ Frame 8837
0
0
Document
General
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.0.3/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.194.131 Amsterdam, Netherlands, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash

Request headers

Referer
https://www.app.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
4096
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-9775cb85-fqcgz
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5JJXNTWR1D&gtm=45je4bk0v887636012za200&_p=1732207576633&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1764719333.1732207575&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&uid=ad920585-7252-4835-8b8f-82040914f661&dp=%2F&dl=https%3A%2F%2Fwww.app.com%2F&dr=&sid=1732207576&sct=1&seg=0&dt=Asbury%20Park%20Press%20NJ%20%7C%20Jersey%20Shore%20%26%20New%20Jersey%20News&tfd=22514
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.app.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 16:46:35 GMT
content-type
text/plain
server
Golfe2
areq
a.channelexco.com/
0
94 B
Image
General
Full URL
https://a.channelexco.com/areq?sid=&domain=https%3A%2F%2Fwww.app.com&se=74d115b7-9945-49d3-a3ef-93047c9731ed&pv=117.59&dd=www.app.com&gpvck=v022887012__640x360______DEF__nil__405&sa=shd&dmid1=3177225-132352426-1094243085-456669857-429715120-1030544705&dmid2=3177225-912195210&dmid3=3177225-1052213125&cb=1732207596007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.147.67 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

expires
Thu, 21 Nov 2024 16:46:35 GMT
cache-control
no-cache
date
Thu, 21 Nov 2024 16:46:36 GMT
server
openresty
events
collector.ex.co/main/
17 B
155 B
XHR
General
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/9854d92e-e8e7-4176-9ad8-a8dc2e96a467
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.66.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-66-114.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.app.com/

Response headers

access-control-allow-origin
*
content-length
17
date
Thu, 21 Nov 2024 16:46:36 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-type
application/json; charset=utf-8
st
ch-vid-events.taboola.com/
0
44 B
Image
General
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=157&cisd=convusmp&cipid=66361655&crid=-1&dast=V9-3oCABYDAFrdXNRLVr2wBABa3VzUS1a9sAUAAAAABgYA9AcAJGVybHaziWEtMY1Ma9FgNlorF87FWuFyzgYj22zmco6MAEBSJsdmN5sY1hLTyLQWDWajtXLhXKwVLudsMLLNZi7nyAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDAAWaTofPda_X_X53heFw1_jdfjkAAAAAADwA_P___0MAAAAAAEQAAAAAAEgAAAAAAFAABFQA_FsACFwAAAAAAGAA_P___2sAAJhsAAg8nRwAB_S3_O2mvz8AAAAAAEAAAAAAAEgAAAQKd0sAADrCF04A_v________9jAAboM29kAP7___9vABZ6AAAefAAAHoQAAAAALoYAztqLg9fC01yIAAAEfguLABgBAAAAAAAAAAAcAUwC6ASACsCiCuD__7_fCgDgCgAAIGDyybOAMgtAd1DiLQwAAAAAYAxggR4Wv9_ssGv8bpcB_P________-bAfyfAfyjAQi54EqlAQh7cqeoAfwCAgCsAfwCAgCwAYwbAADAG0AAHEDQARC0YjBYHQBBrIbL2QEAAAAA3AH8____6wGA1HJiWoxWs8lssHLNPLbBcGRaDAcjm8M4241cFu8B2BHk9JpqJDL2AbAIy-z3HYR8t8vw8LkMMpbLZFALZCyXySBpmVyep89uEB80DMvJIJgfwIQtRqvJZLMczpaLyWA4Go5G-wMYiM1ggAAULVmslsPVbrIYbRaLyXI3HE0mCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgaLVwrCwLm1sxWQ7Wos3G4paYJp61ZuKbzSye0criG61Fr4_p5RmunKvhFgEEA1b2InlapBOFazfa-Ia7zcTiHMw2js1sthiuXK7JZjAZDWemiViiOVmkE9ll31pOTIvRajaZDVaumcc2GI5Mi-FgZHMYZ7uRy-IvrRaOlWVhcysmy8FatNlY3BLTxLPWTHyzmcUzWll8o7Xo9TG9PMOVczXcN3abyWSwW-1m-8ZuM5kMdqvdbN9hMj1Tn7NRWDyZOy6fyBY0D2umg8JlsHhXqtNKW5AcnNuLyOlTr5UFndHv9_v9fr_f7_f7DVrPwWxQ-MaFZcX2HFutOYm2IDYoPAeLQRFLBBfpROew212m08fvNjzszrfCcLiIJUrTRTrRF_1ul-Hhc_krYongdJFOhH63y6L-I8CFDAaL6Wi5Gk4Xo8lgulhNptPFcrZKAAAAAAAAAAAASwCbAAAAAACcAAYxW20Gu3UCHMRyNVysVssFAHiIktIF-PluVXgo9g3fBbBX3UXSJMxrPAaQOIfd7jKdPn634WF3vhWGw5UBAAAEPpgBNgN8BiCItVotawAAAAABbAAAAAABbgDdALwBBJ7OcYD__39_egAAAAD6fQAgJoR64UeuFH6AghgMh5P9AwAIUIi1Wq1uN9ZqtQICCGI4GU4g4P___58gAAAAAAAAQEWwIAAAAAAAAGCJFiFAYNtNCKAQYDBEy9_t8kJAh4Ac_7oJJRgj24cAAICAySfPgVE!&cmcv=&uv=3451&unm=FEED_MANAGER&cb=1732207596780&abt=adxsub-out_vA!adxsub-out_vB!tbt_loaf_fader!ufm_vE!vdprc_vD&su=6&baseReportD=taboola.com&dataCenter=ch&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

date
Thu, 21 Nov 2024 16:46:36 GMT
server
nginx
content-length
0
st
ch-vid-events.taboola.com/
0
44 B
Image
General
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=157&cisd=convusmp&cipid=66361655&crid=-1&dast=V9-3oCABYDAFrdXNRLVr2wBABa3VzUS1a9sAUAAAAABgYA9AcAJGVybHaziWEtMY1Ma9FgNlorF87FWuFyzgYj22zmco6MAEBSJsdmN5sY1hLTyLQWDWajtXLhXKwVLudsMLLNZi7nyAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDAAWaTofPda_X_X53heFw1_jdfjkAAAAAADwA_P___0MAAAAAAEQAAAAAAEgAAAAAAFAABFQA_FsACFwAAAAAAGAA_P___2sAAJhsAAg8nRwAB_S3_O2mvz8AAAAAAEAAAAAAAEgAAAQKd0sAADrCF04A_v________9jAAboM29kAP7___9vABZ6AAAefAAAHoQAAAAALoYAztqLg9fC01yIAAAEfguLABgBAAAAAAAAAAAcAUwC6ASACsCiCuD__7_fCgDgCgAAIGDyybOAMgtAd1DiLQwAAAAAYAxggR4Wv9_ssGv8bpcB_P________-bAfyfAfyjAQi54EqlAQh7cqeoAfwCAgCsAfwCAgCwAYwbAADAG0AAHEDQARC0YjBYHQBBrIbL2QEAAAAA3AH8____6wGA1HJiWoxWs8lssHLNPLbBcGRaDAcjm8M4241cFu8B2BHk9JpqJDL2AbAIy-z3HYR8t8vw8LkMMpbLZFALZCyXySBpmVyep89uEB80DMvJIJgfwIQtRqvJZLMczpaLyWA4Go5G-wMYiM1ggAAULVmslsPVbrIYbRaLyXI3HE0mCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgaLVwrCwLm1sxWQ7Wos3G4paYJp61ZuKbzSye0criG61Fr4_p5RmunKvhFgEEA1b2InlapBOFazfa-Ia7zcTiHMw2js1sthiuXK7JZjAZDWemiViiOVmkE9ll31pOTIvRajaZDVaumcc2GI5Mi-FgZHMYZ7uRy-IvrRaOlWVhcysmy8FatNlY3BLTxLPWTHyzmcUzWll8o7Xo9TG9PMOVczXcN3abyWSwW-1m-8ZuM5kMdqvdbN9hMj1Tn7NRWDyZOy6fyBY0D2umg8JlsHhXqtNKW5AcnNuLyOlTr5UFndHv9_v9fr_f7_f7DVrPwWxQ-MaFZcX2HFutOYm2IDYoPAeLQRFLBBfpROew212m08fvNjzszrfCcLiIJUrTRTrRF_1ul-Hhc_krYongdJFOhH63y6L-I8CFDAaL6Wi5Gk4Xo8lgulhNptPFcrZKAAAAAAAAAAAASwCbAAAAAACcAAYxW20Gu3UCHMRyNVysVssFAHiIktIF-PluVXgo9g3fBbBX3UXSJMxrPAaQOIfd7jKdPn634WF3vhWGw5UBAAAEPpgBNgN8BiCItVotawAAAAABbAAAAAABbgDdALwBBJ7OcYD__39_egAAAAD6fQAgJoR64UeuFH6AghgMh5P9AwAIUIi1Wq1uN9ZqtQICCGI4GU4g4P___58gAAAAAAAAQEWwIAAAAAAAAGCJFiFAYNtNCKAQYDBEy9_t8kJAh4Ac_7oJJRgj24cAAICAySfPgVE!&cmcv=&uv=3451&unm=FEED_MANAGER&cb=1732207596793&abt=adxsub-out_vA!adxsub-out_vB!tbt_loaf_fader!ufm_vE!vdprc_vD&su=6&baseReportD=taboola.com&dataCenter=ch&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.app.com/

Response headers

date
Thu, 21 Nov 2024 16:46:36 GMT
server
nginx
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rtb.channelexco.com.com
URL
https://rtb.channelexco.com.com/cookie_sync?bid=8197&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=JtGuALZHtsTpYmeER2e_REvT
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Domain
prebid.media.net
URL
https://prebid.media.net/rtb/prebid?cid=8CUM5GF61
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1120112
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2211cac55c9ff7393%22%3A%22b8c2edf451ab8122f5d1%7C660x495%7Cf%3D0.75%2Cgpid%3Dad_unit_vpaid-player-container%2Cc%3Dv%2Cpm%3D2%2Cp%3D3%2Cpl%3D4%2C%22%7D&ref=https%3A%2F%2Fwww.app.com%2F&s=c2f90b93-665b-46fe-bb4e-2887fb19b576&pv=ec9ad428-a0ee-4463-983a-0eab32187b9e&vp=desktop&lib_name=prebid&lib_v=8.52.2&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22a9b2a05a-e3ba-45ce-8386-55bb794c02c5%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22app.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22app.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.app.com%2F%22%2C%22content%22%3A%7B%22url%22%3A%22%252F%252Fvidstatb.taboola.com%252Fvid%252FblackScreen5.mp4%22%2C%22title%22%3A%22Blank%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%2C%22bcat%22%3A%5B%22IAB11-4%22%2C%22IAB13-7%22%2C%22IAB9-7%22%2C%22IAB26-3%22%5D%2C%22badv%22%3A%5B%22betcheslovethis.com%22%2C%22funnie.st%22%2C%22foxbet.com%22%2C%22888sport.com%22%2C%22govextra.gov.il%22%2C%22splashwines.com%22%2C%22betonline.ag%22%2C%22bovada.lv%22%2C%22draftkings.com%22%2C%22intertops.eu%22%2C%22mybookie.ag%22%2C%22thescore.bet%22%2C%22boutiquesgift.com%22%2C%22sportsbetting.ag%22%2C%22royalshell.com%22%2C%22cnn.com%22%2C%22bookmaker.eu%22%2C%22yahoo.com%22%2C%22gtbets.ag%22%2C%22wynnbet.com%22%2C%22hardrockcasino.com%22%2C%22sportsretriever.com%22%2C%22hollywoodpnrc.com%22%2C%22betamerica.com%22%2C%22sports.com%22%2C%22playsugarhouse.com%22%2C%22betus.com%22%2C%22journeyfeeds.com%22%2C%22xbet.ag%22%2C%22betrivers.com%22%2C%22caesars.com%22%2C%22twinspires.com%22%2C%22betmgm.com%22%2C%22fanduel.com%22%2C%22pointsbet.com%22%2C%22foxbusiness.com%22%2C%22williamhill.com%22%2C%224minuteabs.com%22%2C%22ballys.com%22%2C%22pngaming.com%22%2C%22betnow.eu%22%2C%22unibet.com%22%2C%22bet365.com%22%5D%7D&ius=1&hfa=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&schain=%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22taboola.com%22%2C%22rid%22%3A%221763828385%22%2C%22sid%22%3A%221003858%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*71w6nsgRWxB7yra9zIV6z7BoDlz2eNez7QMH4V4Lb0_a_4I6C9lw5SSwhQoCBZUN%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%2C%22pba%22%3A%22hist7gABV8OQQpQMln5P33pHYbWjSlgb38Fz5KLKKc4%3D%22%2C%22abTestingControlGroup%22%3Afalse%7D%7D%5D%7D%5D&coppa=0
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Domain
www.app.com
URL
blob:https://www.app.com/f197e01f-a318-42a4-83ab-a4961585010c
Domain
hlsmedia.gannett-cdn.com
URL
https://hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/673bd43c322c200001df58b8/720p_30fps-2.ts

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| gnt object| g$ object| _taboola object| googletag object| __iasPET object| confiant object| pbjs object| exbd object| Criteo object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_149 object| Criteo_prebid_149 object| pbjsChunk object| _pbjsGlobals object| _newsroom object| gciAnalytics string| gciAnalyticsUAID object| ns_ object| diagPixSentCodes object| __iasAdRefreshConfig object| brandmetrics function| __assign object| ggeac object| google_tag_data object| google_js_reporting_queue object| PARSELY object| _aps boolean| apstagLOADED object| apstag object| apscustom object| __iasADX boolean| creativeVendorLibraryLoaded function| __spreadArray object| _brandmetrics function| _typeof number| newsroomStartsLoadingTime object| tbNewsroom object| expbjsChunk object| expbjs object| __EXCO string| pbPageIdentifier object| preloadImages object| google_reactive_ads_global_state function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| TRC object| webpackChunkt_recs function| _TPrmse object| taboolaEvents object| _tblConsole number| trc_debug_level object| __visibleCallbackList object| __visibleElementToIdMap object| __visibleIdToElementMap boolean| __tblTrecsInit function| __trcDebug function| __trcError function| __trcInfo function| __trcWarn string| pm_pgtp number| taboola_view_id object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE object| wpJsonpExCoStreamSdk function| setImmediate function| clearImmediate object| regeneratorRuntime object| ExCoPlayer function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam string| trc_item_url string| trc_map_url object| trc object| PublisherCommonId object| google_tag_manager object| dataLayer function| gtag number| google_unique_id object| gaGlobal string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation object| pmglb object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| dg object| image string| nam object| wpJsonpExCoAdPlayer object| CEDATO_API object| cmTag object| filledImpressions function| confiantDfpWrap object| webpackChunkadUnits object| Backbone function| startCMTagMain string| category function| Hls object| googDdmPs object| webpackJsonpCMPlayer function| OvaMediaPlayer object| _cm_wfCounters object| tbpbjs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| closure_lm_127875 object| ADAGIO object| invibes object| closure_lm_972681 object| __IntegralASExec object| tbopt

268 Cookies

Domain/Path Name / Value
.taboola.com/gannettcompany-app/ Name: taboola_session_id
Value: v2_59b41456260e5fc608d4180dfa867deb_45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958_1732207576_1732207576_CIi3jgYQ0qI9GKOH-Py0MiABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABo8a2EmsXU5ND6AXABgAEA
.3lift.com/sync Name: sync
Value: CgoIgAIQoaX4_LQyCgoIoQEQoaX4_LQyCgoIgQIQp9r4_LQyCgoI4gEQoaX4_LQyCgoI5gEQoaX4_LQyCgoIhwIQoaX4_LQyCgoI5wEQp9r4_LQyCgkISRCn2vj8tDIKCQgLEKfa-Py0MgoKCIwCEKGl-Py0MgoKCKwCEKGl-Py0MgoKCK0CEKfa-Py0MgoKCM4BEKfa-Py0MgoKCJQCEKfa-Py0MgoKCLcCEKfa-Py0MgoJCDkQp9r4_LQyCgkIOhChpfj8tDIKCQgbEKGl-Py0MgoKCN4BEKfa-Py0MgoJCF8QoaX4_LQy
.app.com/pbd/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJjb2xvc3N1cyI6eyJ1aWQiOiJlMTY3OTNmZi0yZDUyLTRhOTItYmQ3ZC1hZDJiYzBlMzA5NmIiLCJleHBpcmVzIjoiMjAyNC0xMi0wNVQxNjo0NjoxOS41NDczMTg4OThaIn0sIm1lZGlhbmV0Ijp7InVpZCI6IjM3NTIwOTE3NzgxNzk2MzYwMDBWMTAiLCJleHBpcmVzIjoiMjAyNC0xMi0wNVQxNjo0NjoxOC45OTkzMzkzNzFaIn0sIm9wZW54Ijp7InVpZCI6IjllMmViNzU0LTMxZmUtNDg0NC1iNzBlLTg5ZjJhZTQzYTQ4MyIsImV4cGlyZXMiOiIyMDI0LTEyLTA1VDE2OjQ2OjIyLjAxOTgwNDU4OVoifSwicHVibWF0aWMiOnsidWlkIjoiMjg2QzE0RUItNzlCMS00MENDLTkwOTAtMzc4NjEyMjZCODgxIiwiZXhwaXJlcyI6IjIwMjQtMTItMDVUMTY6NDY6MTkuNzUyMDYzOTc0WiJ9LCJydWJpY29uIjp7InVpZCI6Ik0zUkpPNVEwLTI3LUVMOUMiLCJleHBpcmVzIjoiMjAyNC0xMi0wNVQxNjo0NjoyNy45OTMwMDQxMTVaIn0sInNoYXJldGhyb3VnaCI6eyJ1aWQiOiI4MWYzY2ExZS1mZTc2LTRjM2YtOTBjMS01M2JkMDFmN2M1MDYiLCJleHBpcmVzIjoiMjAyNC0xMi0wNVQxNjo0NjoxNS41NjM3MjE4MjRaIn0sInNtYWF0byI6eyJ1aWQiOiIxNDAxYjM0YjI5IiwiZXhwaXJlcyI6IjIwMjQtMTItMDVUMTY6NDY6MjguODM2MzkyMjM2WiJ9LCJzb25vYmkiOnsidWlkIjoiODczYzM3YmYtMzM5Mi00NTM4LThhMzUtYTM3ODMxYmI4ZTMzIiwiZXhwaXJlcyI6IjIwMjQtMTItMDVUMTY6NDY6MjQuODg2OTE0NTYxWiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjQwODQ0NTExNDIzNzAxNzY4OTMyOTEiLCJleHBpcmVzIjoiMjAyNC0xMi0wNVQxNjo0NjoyOS4xMDI1MjU5NzFaIn0sInRydXN0eCI6eyJ1aWQiOiJmNGEwYTViNi1iYjgxLTQ1NjktYTM4Yi01NGE4YjQ2MTJiMWQiLCJleHBpcmVzIjoiMjAyNC0xMi0wNVQxNjo0NjoyMi42Mjg5NTUwNTNaIn0sInVuZGVydG9uZSI6eyJ1aWQiOiIyZTFwOHJweGk2ODRoZTNnZjk3bnkyMnFqIiwiZXhwaXJlcyI6IjIwMjQtMTItMDVUMTY6NDY6MjkuODY2MDk0OTYzWiJ9LCJ5aWVsZG1vIjp7InVpZCI6IlZGclFFMzN2SlEzelFhV3VheTdiIiwiZXhwaXJlcyI6IjIwMjQtMTItMDVUMTY6NDY6MjUuOTYwMDUwMzIyWiJ9fX0=
.smartadserver.com/api Name: pid
Value: 5727811877443088093
.app.com/ Name: gup_anonid
Value: ad920585-7252-4835-8b8f-82040914f661
.app.com/ Name: gup_clientid
Value: b558f7b0-7ba8-42e4-8594-ad502e6e6fe0
.app.com/ Name: gnt_ub
Value: 95
.app.com/ Name: gnt_sb
Value: 19
.app.com/ Name: gnt_eid
Value: AnonInfinityLow:19:out-market
.www.app.com/ Name: gnt_w
Value: 48~7-q1a2z3371d08dc~Cloudy
.app.com/ Name: gnt_i
Value: 07483534861843373259*577*CA~ON
.app.com/ Name: gnt_vp
Value: 0060_ex_B
.app.com/ Name: gup_lng
Value: %7B%22ret-usr%22%3A%20false%2C%20%22ret-sub%22%3A%20false%2C%20%22auth%22%3A%20false%2C%20%22name%22%3A%20%22%22%2C%20%22hma%22%3A%20false%2C%20%22lic%22%3A%20%22none%22%2C%20%22lpf%22%3A%20false%2C%20%22updated%22%3A%201732207574%2C%20%223PID%22%3A%20null%2C%20%22ips%22%3A%20false%7D
.app.com/ Name: gca_rs
Value: direct
.app.com/ Name: _ga
Value: GA1.1.1764719333.1732207575
.app.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.app.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1732207575277%2C%22slts%22:0}
.app.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=4de8471f-9914-42f6-ba88-072ac4c3e983%22%2C%22session_count%22:1%2C%22last_session_ts%22:1732207575277}
.criteo.com/ Name: uid
Value: d0fb1039-094a-4d81-83b7-2018c966c9aa
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.sharethrough.com/ Name: stx_user_id
Value: 81f3ca1e-fe76-4c3f-90c1-53bd01f7c506
.app.com/ Name: gca_pxi
Value: hosting:unknown
.teads.tv/ Name: tt_viewer
Value: 482adce8-ade4-46c4-92a8-1c0f6d7dd8e7
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.app.com/ Name: cto_bundle
Value: qpilvl9kV05Ua2ZoamZJZG8yYlk2dUlkYXdMUlVoZVA4c3Vxa0dmczJ5WjhTRm5rU2MwQjlMNyUyQmlhNU9SZVYwZCUyQmFzdUx5VE9nbXMzdGVQNmY4cVVicU5pU0QlMkJXRVFlUUJaa3glMkJaUlVObjdIeWlFWTJYOFFOeml4NiUyQkhVemdLb1I4Um1XRmlxJTJCajNBQnFFUUt2JTJCcHFnZVlQUSUzRCUzRA
.channelexco.com/ Name: cedsess
Value: 74ae9b49-39a6-4ed0-9e42-3fe768ed4978
www.app.com/ Name: last_front
Value: homepage
www.app.com/ Name: _lr_retry_request
Value: true
www.app.com/ Name: _lr_env_src_ats
Value: false
www.app.com/ Name: exco-uid
Value: i908u1j25y7mzejo
.criteo.com/ Name: cto_bundle
Value: 0n8Qil93TE1sY2pTWlpVOEd0UiUyRnVYMlF6Uzg3dXpsJTJCSkNVb3NVQ2xDRnRsWkQ1YVQxcUtWaHRKbEdFamwyZ3ZZaFkwY1RCNmt2c1dsV3JGMyUyRk1RZlo1SjElMkZrUEQ4aTFPbUpvSkowRkY3R1NrUnRsZkVrWlhKSCUyRkZSSXE3MUVCcVM2UUc
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 286C14EB-79B1-40CC-9090-37861226B881
.taboola.com/ Name: t_gid
Value: 45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958
.taboola.com/ Name: t_pt_gid
Value: 45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
www.app.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958
.33across.com/ Name: check
Value: true
.adsrvr.org/ Name: TDID
Value: 4d0323a1-7c5c-4ced-bd68-bccbe888f42e
www.app.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%224d0323a1-7c5c-4ced-bd68-bccbe888f42e%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-11-21T16%3A46%3A17%22%7D
www.app.com/ Name: pbjs-unifiedid_cst
Value: zix7LPQsHA%3D%3D
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: b47ddda0cb2e7e8928a0cb89f8dc5eed
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQSDIxT0lJSTRITjJKNU%2B1sDSyALEtLNMsUpJNU1NTGIAg3T75JgMCAAB93gvv"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBIt0%2B%2ByQAHABbeAeM%3D"
.app.com/ Name: panoramaId_expiry
Value: 1732293977578
.app.com/ Name: _cc_id
Value: b47ddda0cb2e7e8928a0cb89f8dc5eed
.doubleclick.net/ Name: IDE
Value: AHWqTUkZKEKHBuzHKjpDDdGuc8VAhmYXc64c3f23Z3XXZpy1Q5ZIMh5Ign18ECgAlvA
.media.net/ Name: visitor-id
Value: 3752091778179636000V10
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.amazon-adsystem.com/ Name: ad-id
Value: A-Gclkv5WUUggsMj8UoCpqw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.taboola.com/ Name: taboola_vmp
Value: temurtbnative-network
.adnxs.com/ Name: XANDR_PANID
Value: miC1KSLRwtLXCWYZclV9JY691GOt1xnvKyZSAbcuws70aMLnGubloQwXPqBeyOTgxfOadww7PtFFNTifu2KR9ZKO-8zlts5G7LYifUULSI8.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 7977835346143707685
.app.com/ Name: __qca
Value: I0-805685419-1732207578273
.colossusssp.com/ Name: gtm_usr
Value: e16793ff-2d52-4a92-bd7d-ad2bc0e3096b
.colossusssp.com/ Name: lmg_r
Value: 11
.3lift.com/ Name: tluidp
Value: 4084451142370176893291
.3lift.com/ Name: tluid
Value: 4084451142370176893291
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENz607oYjRdeZzw9kw6pT64&KRTB&16514-CAESENz607oYjRdeZzw9kw6pT64&KRTB&23025-CAESENz607oYjRdeZzw9kw6pT64&KRTB&23386-CAESENz607oYjRdeZzw9kw6pT64
.casalemedia.com/ Name: CMID
Value: Zz9j3NHM5zMAADpiAeTX2wAA
.casalemedia.com/ Name: CMPS
Value: 1360
.casalemedia.com/ Name: CMPRO
Value: 1360
.minutemedia-prebid.com/ Name: wrvUserID
Value: -kWD5S49kp_mm
.ex.co/ Name: exco-uid
Value: 2e3138392e393439
.postrelease.com/ Name: visitor
Value: eeb24751-5359-4bbf-bc03-fbad7f5556b9
.postrelease.com/ Name: status
Value: 0
.quantserve.com/ Name: mc
Value: 673f63dc-25422-3b65b-40f56
.contextweb.com/ Name: V
Value: rTgxfvCLmpBF
.contextweb.com/ Name: VP
Value: part_rTgxfvCLmpBF
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b037abc65980bf17
.yahoo.com/ Name: A3
Value: d=AQABBNxjP2cCEIcWNevZVUXDjku0cvPOZWgFEgEBAQG1QGdJZyXaxyMA_eMAAA&S=AQAAAvgBEpvOj8Z0n2wagr-Btuo
.ads.stickyadstv.com/ Name: UID
Value: 6819bca2fff5ea7cc1e23ab3935ccf0
.adform.net/ Name: C
Value: 1
.linkedin.com/ Name: li_sugr
Value: 2ddbe50a-b7bc-482f-9593-232169c54e03
.linkedin.com/ Name: bcookie
Value: "v=2&faf668ac-f0f9-42d6-89ef-40c32c13976c"
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3494:u=1:x=1:i=1732207580:t=1732293980:v=2:sig=AQFkT8XeZ5fWTdIxhe3016bhBR2RecqU"
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-231cbbb7-060f-527e-56b8-bd7d879ae328.69qsagGXTtcJInvOTOYG09ff4JQxes4Jnaq8o8Nzcnc
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-231cbbb7-060f-527e-56b8-bd7d879ae328.69qsagGXTtcJInvOTOYG09ff4JQxes4Jnaq8o8Nzcnc
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AIxy7twYPUn5WuL19h5rjKJ3-McQ.HP6vJcMR8kB2ztOCa9MfyQpWXad2vLfDXQQVzWOq8wk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AIxy7twYPUn5WuL19h5rjKJ3-McQ.HP6vJcMR8kB2ztOCa9MfyQpWXad2vLfDXQQVzWOq8wk
.adform.net/ Name: uid
Value: 8739844621069717167
.bing.com/ Name: MUID
Value: 396F48F4D86865A326115DCAD96964BC
.c.bing.com/ Name: MR
Value: 0
.openx.net/ Name: i
Value: 745c07c2-21e6-445a-8654-810f4b3f55f3|1732207581
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMxL1flgELdaCjpLANRn8Nx_ZxpVbMv5z78wpDMpdo6KEAMYAyDdx_25BjABOgRntaa9QgRXytEG.DUxLqZvNvrxteu6gC3JAHHwBbj516VPOnomHvWCR9fQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMxL1flgELdaCjpLANRn8Nx_ZxpVbMv5z78wpDMpdo6KEAMYAyDdx_25BjABOgRntaa9QgRXytEG.DUxLqZvNvrxteu6gC3JAHHwBbj516VPOnomHvWCR9fQ
.33across.com/ Name: 33x_ps
Value: u%3D212671707206025%3As1%3D1732207581631%3Ats%3D1732207581631
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: ea085522-2c69-5346-8f09-ecc0e8368f1d
.betweendigital.com/ Name: ss
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi7NMcxlmfIyqDnP9ssLwgOGsze0-KFkZQmTYFRJ-29wvp5HLg
.zemanta.com/ Name: zuid
Value: CqWoVb1yVi4uy6hjHHQG
.admanmedia.com/ Name: admtr
Value: 855825ff-17bd-4bde-a347-e0bb67d42cc2
.yieldmo.com/ Name: yieldmo_id
Value: VFrQE33vJQ3zQaWuay7b%7C1732147200000%7C0
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrI0V7IyNDc2NjE0N7Qw1FEyQuWaGKNJQ5QbWRgaGYP4lijqawGHmRAQ
.lijit.com/ Name: ljt_reader
Value: JtGuALZHtsTpYmeER2e_REvT
.onetag-sys.com/ Name: OTP
Value: jjmnMn6M7pfDgOyv1Hu6wyBJ6SMa3dI5YrYmSydYup0
.betweendigital.com/ Name: ut
Value: Zz9j3QAO2Mgx_eZseR-nDDE_LK-hbY_ePBHwrw==
.illumin.com/ Name: vdz_sync
Value: d25f862d-d682-3796-1245-5a37acf5417d
.adgrx.com/ Name: ADGRX_UID
Value: 238ad09c-a828-11ef-8ab7-6a1d93fb447d
.blismedia.com/ Name: b
Value: 673F63DDA96E2B53E335004E_
.sitescout.com/ Name: ssi
Value: e68b043b-6715-4a07-b5a4-9ac6d4e42694#1732207581975
.bidswitch.net/ Name: tuuid
Value: f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
.bidswitch.net/ Name: c
Value: 1732207582
.bidswitch.net/ Name: tuuid_lu
Value: 1732207582
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.admanmedia.com/ Name: ac_r
Value: CS112|CS155
.lijit.com/ Name: _ljtrtb_97
Value: OPTOUT
.bidr.io/ Name: bitoIsSecure
Value: ok
.lijit.com/ Name: _ljtrtb_43
Value: fCqw73wu5-pnL7a9eC-uuigrtutnKbPvfyvdtDcN
.lijit.com/ Name: _ljtrtb_27
Value: 4d0323a1-7c5c-4ced-bd68-bccbe888f42e
.bidr.io/ Name: bito
Value: AAJWEk7OfsgAABVQLP1fog
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-liAK6ZYkXeyNJQy7kiUUvMIhDO2NIwnplSHVfdH-&KRTB&22979-liAK6ZYkXeyNJQy7kiUUvMIhDO2NIwnplSHVfdH-&KRTB&23462-liAK6ZYkXeyNJQy7kiUUvMIhDO2NIwnplSHVfdH-
.csync.loopme.me/ Name: viewer_token
Value: 8ed59b4a-2cd5-4a64-897f-1069824d1a16
.simpli.fi/ Name: suid
Value: 6372EB3DFB4748B7937815CBB1B64031
.semasio.net/ Name: SEUNCY
Value: A1074CB85A1EBA54
.company-target.com/ Name: tuuid
Value: a3655149-d0c0-4772-8618-fda67a65e599
.company-target.com/ Name: tuuid_lu
Value: 1732207583|ix:0
.lijit.com/ Name: ljtrtb
Value: eJyrVjIyV7JSMkkxMDYyTjTUNU82TdY1SU5N0U1KMbPQTUpOTkq1sLBIMzFKVdJRsgSp9Q8I8Q8NAfJMjIG8NOfCcnPj8lJT3YI8H%2FNEy1Rn3dLSzPSiktKSPO%2BkgLK0yrKUEpdkP6VaABf1H5s%3D
.lijit.com/ Name: _ljtrtb_2
Value: 2386667B07E84142B4DAE506AFB20054
.deepintent.com/ Name: CDIUSER
Value: di_a540587fe61a4561819c2
.creativecdn.com/ Name: g
Value: SWIuz9y4O13HHNbezPmY_1732207583544
.creativecdn.com/ Name: ts
Value: 1732207583
.go.sonobi.com/ Name: __uis
Value: 873c37bf-3392-4538-8a35-a37831bb8e33
.ipredictive.com/ Name: cu
Value: 05cf2b97-5130-402a-bf04-33889ca799cc|1732207583738
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2tjQ0NjIztjA3NhHiM9Q1cvEtscj2dQn2iUgDAEbmTVAlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2tjQ0NjIztjA3NhHiM9Q1cvEtscj2dQn2iUgDAEbmTVAlAAAA
.admanmedia.com/ Name: lluid
Value: ef36f315-2289-b615-43b7-c7bde4f10d59
.w55c.net/ Name: wfivefivec
Value: 9iicVHV41TeajZ5
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:6372EB3DFB4748B7937815CBB1B64031&KRTB&23486-uid:6372EB3DFB4748B7937815CBB1B64031&KRTB&23489-uid:6372EB3DFB4748B7937815CBB1B64031&KRTB&23539-uid:6372EB3DFB4748B7937815CBB1B64031
.mathtag.com/ Name: uuid
Value: 2d69673f-63df-4500-aa35-237506cfaad4
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-238ad09c-a828-11ef-8ab7-6a1d93fb447d&KRTB&23275-238ad09c-a828-11ef-8ab7-6a1d93fb447d
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-Ixy7twYPUn5WuL19h5rjKJ3-McQ&KRTB&23334-Ixy7twYPUn5WuL19h5rjKJ3-McQ&KRTB&23417-Ixy7twYPUn5WuL19h5rjKJ3-McQ&KRTB&23426-Ixy7twYPUn5WuL19h5rjKJ3-McQ
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-4d0323a1-7c5c-4ced-bd68-bccbe888f42e&KRTB&22918-4d0323a1-7c5c-4ced-bd68-bccbe888f42e&KRTB&22926-4d0323a1-7c5c-4ced-bd68-bccbe888f42e&KRTB&23031-4d0323a1-7c5c-4ced-bd68-bccbe888f42e
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.turn.com/ Name: uid
Value: 3195252445352175990
.omnitagjs.com/ Name: ayl_visitor
Value: 106d3913f3953ec0f638f2094bfba33e
.mfadsrvr.com/ Name: tuuid
Value: 0a22e914-7b87-45b2-9ef3-3bf20e6f58f0
.mfadsrvr.com/ Name: c
Value: 1732207583
.mfadsrvr.com/ Name: tuuid_lu
Value: 1732207583
.dotomi.com/ Name: DotomiTest
Value: 254f18fa56a117e
.w55c.net/ Name: matchcasale
Value: 5
.w55c.net/ Name: matchpubmatic
Value: 5
.onaudience.com/ Name: cookie
Value: d9e00848ce86b53f
.onaudience.com/ Name: done_redirects109
Value: 1
.pubmatic.com/ Name: DPSync4
Value: 1732233600%3A248%7C1732752000%3A164_265_252%7C1733356800%3A219_226_228_197_245
.pubmatic.com/ Name: SyncRTB4
Value: 1733356800%3A81_7_165_104_166_240_56_5_201_21_267_231_71_46_178_264_266_8_54_220_233_22_55_234_249_96_271_3_99_238_176_13_250_48_214%7C1732752000%3A15_223_2%7C1734739200%3A224%7C1732579200%3A216%7C1733011200%3A63%7C1733443200%3A35_268%7C1737331200%3A69
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1783777339132638734&KRTB&23628-1783777339132638734
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-05cf2b97-5130-402a-bf04-33889ca799cc&KRTB&23011-05cf2b97-5130-402a-bf04-33889ca799cc&KRTB&23355-05cf2b97-5130-402a-bf04-33889ca799cc
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-7a26637f-6d10-4be3-b12b-c9158022cc3b&KRTB&23340-7a26637f-6d10-4be3-b12b-c9158022cc3b&KRTB&23498-7a26637f-6d10-4be3-b12b-c9158022cc3b
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:2d69673f-63df-4500-aa35-237506cfaad4
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:9iicVHV41TeajZ5&KRTB&23421-uid:9iicVHV41TeajZ5
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8739844621069717167&KRTB&23231-8739844621069717167&KRTB&23263-8739844621069717167&KRTB&23481-8739844621069717167
beacon.lynx.cognitivlabs.com/ Name: UID
Value: e23a6b08-6e8a-483b-b548-3886abe31773
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-e68b043b-6715-4a07-b5a4-9ac6d4e42694-673f63dd-5553&KRTB&23418-e68b043b-6715-4a07-b5a4-9ac6d4e42694-673f63dd-5553&KRTB&23634-e68b043b-6715-4a07-b5a4-9ac6d4e42694-673f63dd-5553
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQAGOOwH9kVu7wItE0_xAQEBAQEBAQCSTp8jqQEBAJJOnyOp&KRTB&22715-AQAGOOwH9kVu7wItE0_xAQEBAQEBAQCSTp8jqQEBAJJOnyOp&KRTB&23519-AQAGOOwH9kVu7wItE0_xAQEBAQEBAQCSTp8jqQEBAJJOnyOp&KRTB&23632-AQAGOOwH9kVu7wItE0_xAQEBAQEBAQCSTp8jqQEBAJJOnyOp
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3195252445352175990&KRTB&23150-3195252445352175990&KRTB&23527-3195252445352175990&KRTB&23629-3195252445352175990
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-JVgxD10TWeNFFbBo3OHNCwtuoFOVY3Hm5zQbp7HOe-Q&KRTB&23047-JVgxD10TWeNFFbBo3OHNCwtuoFOVY3Hm5zQbp7HOe-Q&KRTB&23234-JVgxD10TWeNFFbBo3OHNCwtuoFOVY3Hm5zQbp7HOe-Q&KRTB&23361-JVgxD10TWeNFFbBo3OHNCwtuoFOVY3Hm5zQbp7HOe-Q
.smartadserver.com/ Name: pid
Value: 4850528901308493488
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAJWEk7OfsgAABVQLP1fog
.cootlogix.com/ Name: vdz_sync
Value: 425a9190-3b96-9905-141c-ac71d0507d2d
pool.admedo.com/ Name: tuuid
Value: 6524e387-4332-4314-a337-83df36652fb1
pool.admedo.com/ Name: c
Value: 1732207584
pool.admedo.com/ Name: tuuid_lu
Value: 1732207584
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAJWEk7OfsgAABVQLP1fog&KRTB&23649-AAJWEk7OfsgAABVQLP1fog
.adsby.bidtheatre.com/ Name: __kuid
Value: 2128484d-2d22-44cc-974e-971bb0e29022.501421584
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-f4a0a5b6-bb81-4569-a38b-54a8b4612b1d&KRTB&23280-f4a0a5b6-bb81-4569-a38b-54a8b4612b1d
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2lyg:18z8~2lyg:19cx~2lyg:1969~2lyg"
.go.sonobi.com/ Name: HAPLB8G
Value: s8590|Zz9j5
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1732229186097
.mxptint.net/ Name: mxpim
Value: R33645_11F5A2C2E_559F6872.1.0000000000000000673F63E2
.visiblemeasures.com/ Name: vm_usr
Value: 35ce72ed-3519-4373-91b1-39a56d52a245
.visiblemeasures.com/ Name: vm_r
Value: 74
.rubiconproject.com/ Name: khaos
Value: M3RJO5Q0-27-EL9C
.rubiconproject.com/ Name: khaos_p
Value: M3RJO5Q0-27-EL9C
.pippio.com/ Name: did
Value: 6Q3B2lu39EWW_hYo
.pippio.com/ Name: didts
Value: 1732207586
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33645_11F5A2C2E_559F6872&KRTB&23092-R33645_11F5A2C2E_559F6872
.admanmedia.com/ Name: llum
Value: eyJwaW4iOnsiNSI6MTczMjIwNzU4MzcyNiwiNyI6MTczMjIwNzU4NjUyNX19
.tapad.com/ Name: TapAd_TS
Value: 1732207586241
.tapad.com/ Name: TapAd_DID
Value: f9740f9d-4828-46c2-be84-ca6494f97b3e
.w55c.net/ Name: matchtriplelift
Value: 5
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7840
.primis.tech/ Name: csuuid
Value: 673f63e2b9040
.undertone.com/ Name: UID_EXT_53
Value: 286C14EB-79B1-40CC-9090-37861226B881
.undertone.com/ Name: UID_EXT_56
Value: y-PQy8f.1E2uE3N3Pl1JREenZFWFpukz3_V4S2aEY-~A
.undertone.com/ Name: UID_EXT_54
Value: e68b043b-6715-4a07-b5a4-9ac6d4e42694-673f63dd-5553
.undertone.com/ Name: UID_EXT_46
Value: 4d0323a1-7c5c-4ced-bd68-bccbe888f42e
.undertone.com/ Name: UTID
Value: 285f958c2f7146a8a923522c0b16485b
.undertone.com/ Name: UTID_ENC
Value: 2e1p8rpxi684he3gf97ny22qj
.undertone.com/ Name: UID_EXT_39
Value: ec9d5fbc-88ce-47ce-b607-5620d8b4465c
.agkn.com/ Name: ab
Value: 0001%3AzJ8uxAf7ZtYXtHEmeUpVDunLyAv7KYJb
beacon.lynx.cognitivlabs.com/ Name: ss
Value: QHPJaVHvr0UUxeitTwN%2FDIeEE5wHyhsFFagMLbxC5f7SuXhKJFzdXlurZ45XcTjKpDNJ85GMeXbm5gYkRx9YLwK%2BTkbrD0ihkfCXKUcTi%2Fw%3D
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
prebid.media.net/ Name: receive-cookie-deprecation
Value: 1
.resetdigital.co/ Name: ckbk
Value: 000001676E040573
.360yield.com/ Name: tuuid
Value: f29d1a61-6e8b-4111-b576-7664fb408429
.360yield.com/ Name: tuuid_lu
Value: 1732207587
.kargo.com/ Name: ktcid
Value: 165f0201-153d-0122-5b89-632e8dff8c36
.undertone.com/ Name: UID_EXT_47
Value: M3RJO5Q0-27-EL9C
.adx.opera.com/ Name: UID
Value: OPU566bde0f168c4d32927d09885ee231df
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23168-000001676E040573&KRTB&23175-000001676E040573
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU08eb92eb47954e119c6ecfddb8d3f4e5&KRTB&23485-OPU08eb92eb47954e119c6ecfddb8d3f4e5&KRTB&23524-OPU08eb92eb47954e119c6ecfddb8d3f4e5&KRTB&23575-OPU08eb92eb47954e119c6ecfddb8d3f4e5
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-3LvSJQIiCTCADZ8342M_Zw&KRTB&23557-3LvSJQIiCTCADZ8342M_Zw&KRTB&23586-3LvSJQIiCTCADZ8342M_Zw
ps.ex.co/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI3OTc3ODM1MzQ2MTQzNzA3Njg1IiwiZXhwaXJlcyI6IjIwMjQtMTItMDVUMTY6NDY6MTkuNjE4NjA2Nzg0WiJ9LCJncmlkIjp7InVpZCI6ImY0YTBhNWI2LWJiODEtNDU2OS1hMzhiLTU0YThiNDYxMmIxZCIsImV4cGlyZXMiOiIyMDI0LTEyLTA1VDE2OjQ2OjI4LjEyNjIyMDA3M1oifSwib3BlbngiOnsidWlkIjoiMjc2MWUxODQtNTZhYy0wMjY0LTEzNDktMDk0OGIxN2I1YWQzIiwiZXhwaXJlcyI6IjIwMjQtMTItMDVUMTY6NDY6MjEuNjUyNjk2MTkzWiJ9LCJzb25vYmkiOnsidWlkIjoiODczYzM3YmYtMzM5Mi00NTM4LThhMzUtYTM3ODMxYmI4ZTMzIiwiZXhwaXJlcyI6IjIwMjQtMTItMDVUMTY6NDY6MjUuNzQ0MDA1ODU1WiJ9LCJ0cnVzdHgiOnsidWlkIjoiZjRhMGE1YjYtYmI4MS00NTY5LWEzOGItNTRhOGI0NjEyYjFkIiwiZXhwaXJlcyI6IjIwMjQtMTItMDVUMTY6NDY6MjIuNjA3NDg2NzZaIn0sInVuZGVydG9uZSI6eyJ1aWQiOiIyZTFwOHJweGk2ODRoZTNnZjk3bnkyMnFqIiwiZXhwaXJlcyI6IjIwMjQtMTItMDVUMTY6NDY6MjcuODk3NDE3NjI4WiJ9fX0=
.id5-sync.com/ Name: id5
Value: 819d3e4a-f657-7c49-9c08-0077c7776e38#1732207581792#5
.smaato.net/ Name: SCM
Value: 1401b34b29
.smaato.net/ Name: SCMp
Value: 1401b34b29
.sundaysky.com/ Name: sskyu
Value: d6.053925372c644774b088fe5b59ea97a2
.sundaysky.com/ Name: sskyCreationTime
Value: 1732207589843
.sundaysky.com/ Name: sskya
Value: e2V4Y286e3RzOiI0bjI5OWgiLHQ6Im5pIn19
.demdex.net/ Name: demdex
Value: 32137496553934854262945225505649319598
.openx.net/ Name: pd
Value: v2|1732207581.9|iKvPvMgakWgy.mmbwuYhEg2f8
.app.com/ Name: gca_lcu
Value: https://www.app.com/
.app.com/ Name: _ga_5JJXNTWR1D
Value: GS1.1.1732207576.1.0.1732207590.46.0.0
.dpm.demdex.net/ Name: dpm
Value: 32137496553934854262945225505649319598
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTczMjIwNzU4Mzg3NywiMjYiOjE3MzIyMDc1ODY3MTgsIjI3IjoxNzMyMjA3NTgyMzYwLCIzOSI6MTczMjIwNzU4MjM2MCwiNyI6MTczMjIwNzU4MjM2MCwiODAiOjE3MzIyMDc1OTA2NDd9
.rlcdn.com/ Name: pxrc
Value: CN/H/bkGEgUI6AcQABIFCOhHEAASBgi66gEQBxIGCMLqARAHEgYIuOsBEAY=
.rlcdn.com/ Name: rlas3
Value: i2z2HiID0qwPhvcItiiILNR5TGppeAFg9hR77lCZSqk=
.ads.yieldmo.com/ Name: ptrpp
Value: rTgxfvCLmpBF
.connatix.com/ Name: cnx_userId
Value: 2aa7a6b0fa5d4f639d878a96e85f9985
.pubmatic.com/ Name: KRTBCOOKIE_1030
Value: 23330-rTgxfvCLmpBF&KRTB&23333-rTgxfvCLmpBF
.pubmatic.com/ Name: PugT
Value: 1732207592
.360yield.com/ Name: um
Value: !191,.bLSsWZthnXFc-rK0lw8enzQj2Rnmvj-nFFL7tu-RDetXzQylf.ZfBEF2sPUQ5RCcRw,1739983592
.360yield.com/ Name: umeh
Value: !191,0,1794415592,-1
.bfmio.com/ Name: __io_cid
Value: a801d544966dffcc29108a0d8a01c7332b3f5596
.pubmatic.com/ Name: SPugT
Value: 1732207592
.tribalfusion.com/ Name: ANON_ID
Value: aensXDu4YUdmqcn62woCWThmOllNfBiMsQi4tWY5Mlwcr1SAmerDq2tu8cYUvaVZauuQdSRGauQZdhD1PB
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI3PfG68GVxT0QBRIWCgdzdng5dDUwEgsIhsCu7sGVxT0QBRIVCgZjYXNhbGUSCwje6v_0wZXFPRAFEhYKB3J1Ymljb24SCwiE0p-QwpXFPRAFEhQKBXRhcGFkEgsIir3TrMKVxT0QBRIXCghsaXZlcmFtcBILCKLMg9XClcU9EAUYASABKAIyCwiQy6-Q2ZXFPRAFOAFaB3J3dXE5bnlgAg..
biddr.brealtime.com/ Name: dt
Value: 2024-11-21T16:46:32.470Z
.media.net/ Name: data-p
Value: rTgxfvCLmpBF~~3
.aniview.com/ Name: 1_C_10
Value: rTgxfvCLmpBF
sync.aniview.com/ Name: 1_C_10
Value: rTgxfvCLmpBF
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987Fnp3_AHZz9AQ8CJy_5CHQ4nXEzILuKOUNqCPPDrPnMY5vQ5YmsJGr2izYitJQC4TM1
.lunamedia.live/ Name: xeluid
Value: 612178.8ef7b340-caba-4d70-ad81-11537c324c18
.lunamedia.live/ Name: xeluid_251
Value: %25USER_ID%25
.lunamedia.live/ Name: 255_wm
Value: 1732207592591
.lunamedia.live/ Name: xeluid_251_hp
Value: 1
.mookie1.com/ Name: id
Value: 10598869887078820044
.mookie1.com/ Name: mdata
Value: 1|10598869887078820044|1732207592565
.mookie1.com/ Name: ov
Value: fb8e1a9bbba9394dc1a338e4828298a3
.mediago.io/ Name: __mguid_
Value: 9e90f00bec46032a219c7r00m3rjockf
.yellowblue.io/ Name: wrvUserID
Value: rgVY5Z49kj_s
.emxdgt.com/ Name: ps
Value: d91,d89,d59,d52,d48,d46,d38,d35,d32,d62,d53,d21,d25,d20,d16,d8,d1,d92
.emxdgt.com/ Name: uid
Value: 35911732207592816250aa
.emxdgt.com/ Name: dt
Value: 326
.emxdgt.com/ Name: fr
Value: synced
.quantserve.com/ Name: sp
Value: CggIiQ0SAxD5DQoJCLmKAxIDEPkNCgkIhf8CEgMQ-Q0KCQi_gQMSAxD5DQoJCKKjBhIDEPkN
.smaato.net/ Name: SCMrise
Value: 1401b34b29
.ex.co/ Name: exco-uids
Value: {"freewheel":{"UID":"6819bca2fff5ea7cc1e23ab3935ccf0","Expire":"2024-11-28T16:46:28.936803922Z"},"ix":{"UID":"Zz9j3NHM5zMAADpiAeTX2wAA\u00261360","Expire":"2024-11-28T16:46:22.466898232Z"},"openx":{"UID":"e756e7ea-e75b-4209-af46-8f0dc7292599","Expire":"2024-11-28T16:46:31.850764733Z"},"pubmatic":{"UID":"286C14EB-79B1-40CC-9090-37861226B881","Expire":"2024-11-28T16:46:28.114507651Z"},"rise":{"UID":"rgVY5Z49kj_s","Expire":"2024-11-28T16:46:32.91867358Z"},"rubicon":{"UID":"M3RJO5Q0-27-EL9C","Expire":"2024-11-28T16:46:27.875410382Z"},"sharethrough":{"UID":"81f3ca1e-fe76-4c3f-90c1-53bd01f7c506","Expire":"2024-11-28T16:46:31.608981418Z"},"smartadserver":{"UID":"4850528901308493488","Expire":"2024-11-28T16:46:30.712559387Z"},"sovrn":{"UID":"JtGuALZHN0svLsnfTnqiXGSS","Expire":"2024-11-28T16:46:21.811424353Z"},"sundaysky":{"UID":"d6.053925372c644774b088fe5b59ea97a2","Expire":"2024-11-28T16:46:30.187759303Z"}}
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmxkZGBuamFsbmyyiBfOtzSyNLQEAJacUJIgAAAA
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220241121%22%2C%22151%22%3A%2220241121%22%7D
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1uwb|8kt.0.1|7Bj.0.CAESEMJhPryKmR5QsS0YUr_9la8|6zB.0.f4a0a5b6-bb81-4569-a38b-54a8b4612b1d|4is.0.CAESEPhyxDNkL3ywRW2iyR7QFi8|8rx.0.M3RJO5Q0-27-EL9C|2N.0.AQANlKHvcYRD6wJJI-mdAQEBAQEBAQCSTp8d6wEBAJJOnx3r|3oy.0.e68b043b-6715-4a07-b5a4-9ac6d4e42694-673f63dd-5553|8vg.0.1|8tI.0.1|7dN.0.AAJWEk7OfsgAABVQLP1fog|8i8.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1uwb|8kt.0.1|7Bj.0.CAESEMJhPryKmR5QsS0YUr_9la8|6zB.0.f4a0a5b6-bb81-4569-a38b-54a8b4612b1d|4is.0.CAESEPhyxDNkL3ywRW2iyR7QFi8|8rx.0.M3RJO5Q0-27-EL9C|2N.0.AQANlKHvcYRD6wJJI-mdAQEBAQEBAQCSTp8d6wEBAJJOnx3r|3oy.0.e68b043b-6715-4a07-b5a4-9ac6d4e42694-673f63dd-5553|8vg.0.1|8tI.0.1|7dN.0.AAJWEk7OfsgAABVQLP1fog|8i8.0.1
.ctnsnet.com/ Name: cid
Value: 9bf18553df534f3090a2564829769f69
.mfadsrvr.com/ Name: ssh
Value: !emx=1732207592
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 13
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%23PMUID^0^0
.pubmatic.com/ Name: pi
Value: 159706:3
.rubiconproject.com/ Name: audit_p
Value: 1|epJ3RkfVkMoj6/0kJ4UvWa/IYL5lCX9XdHI0+lOSvH3BFzuYkfpEI9F64/EywGb/x+a2sv5NUx4wHTRO1/p4iJhTlEWkyb93z+BTw9+h9R+M07NhaKWlpS2PwEAY7J5vzeSHK+uKTBmXk2LdEA3JNrx57HN8NS6ImdkfG07Cn46qvw/KCuiB5pesag6S6+0jTc5gaaihuXs=
.rubiconproject.com/ Name: audit
Value: 1|epJ3RkfVkMoj6/0kJ4UvWa/IYL5lCX9XdHI0+lOSvH3BFzuYkfpEI9F64/EywGb/x+a2sv5NUx4wHTRO1/p4iJhTlEWkyb93z+BTw9+h9R+M07NhaKWlpS2PwEAY7J5vzeSHK+uKTBmXk2LdEA3JNrx57HN8NS6ImdkfG07Cn46qvw/KCuiB5pesag6S6+0jTc5gaaihuXs=

10 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: camera, display-capture, geolocation, microphone, payment, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
network error URL: https://hlsmedia.gannett-cdn.com/_captions/76415821007.webvtt.m3u8
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13963
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://www.app.com/tangstatic/js/main-q1a2z3cc252fdc.min.js(Line 40)
Message:
Unrecognized feature: 'document-domain'.
network error URL: https://z.moatads.com/quantcastv2691176990399/moatad.js#moatClientLevel1=p-y6Nyh2U0YDhwK&moatClientLevel2=qfm&moatClientLevel3=11df195a-f80a-4d82-9c50-1ea6921c3414&moatClientLevel4=a0377a3b-7f16-4754-abdc-417ccf458def&uid=FfUnZGb3VhJ791kWb-hVGGTwTBgU9VkMF4NSGWHyIhlm_FYQFNGPQok=
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network error URL: https://rtb.channelexco.com.com/cookie_sync?bid=8197&srv=channelexco.com&cuid=74ae9b49-39a6-4ed0-9e42-3fe768ed4978&uid=JtGuALZHtsTpYmeER2e_REvT
Message:
Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
network error URL: https://hlsmedia.gannett-cdn.com/_captions/76415821007.webvtt.m3u8
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hlsmedia.gannett-cdn.com/_captions/76415821007.webvtt.m3u8
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hlsmedia.gannett-cdn.com/_captions/76415821007.webvtt.m3u8
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2211cac55c9ff7393%22%3A%22b8c2edf451ab8122f5d1%7C660x495%7Cf%3D0.75%2Cgpid%3Dad_unit_vpaid-player-container%2Cc%3Dv%2Cpm%3D2%2Cp%3D3%2Cpl%3D4%2C%22%7D&ref=https%3A%2F%2Fwww.app.com%2F&s=c2f90b93-665b-46fe-bb4e-2887fb19b576&pv=ec9ad428-a0ee-4463-983a-0eab32187b9e&vp=desktop&lib_name=prebid&lib_v=8.52.2&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22a9b2a05a-e3ba-45ce-8386-55bb794c02c5%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22app.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22app.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.app.com%2F%22%2C%22content%22%3A%7B%22url%22%3A%22%252F%252Fvidstatb.taboola.com%252Fvid%252FblackScreen5.mp4%22%2C%22title%22%3A%22Blank%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%2C%22bcat%22%3A%5B%22IAB11-4%22%2C%22IAB13-7%22%2C%22IAB9-7%22%2C%22IAB26-3%22%5D%2C%22badv%22%3A%5B%22betcheslovethis.com%22%2C%22funnie.st%22%2C%22foxbet.com%22%2C%22888sport.com%22%2C%22govextra.gov.il%22%2C%22splashwines.com%22%2C%22betonline.ag%22%2C%22bovada.lv%22%2C%22draftkings.com%22%2C%22intertops.eu%22%2C%22mybookie.ag%22%2C%22thescore.bet%22%2C%22boutiquesgift.com%22%2C%22sportsbetting.ag%22%2C%22royalshell.com%22%2C%22cnn.com%22%2C%22bookmaker.eu%22%2C%22yahoo.com%22%2C%22gtbets.ag%22%2C%22wynnbet.com%22%2C%22hardrockcasino.com%22%2C%22sportsretriever.com%22%2C%22hollywoodpnrc.com%22%2C%22betamerica.com%22%2C%22sports.com%22%2C%22playsugarhouse.com%22%2C%22betus.com%22%2C%22journeyfeeds.com%22%2C%22xbet.ag%22%2C%22betrivers.com%22%2C%22caesars.com%22%2C%22twinspires.com%22%2C%22betmgm.com%22%2C%22fanduel.com%22%2C%22pointsbet.com%22%2C%22foxbusiness.com%22%2C%22williamhill.com%22%2C%224minuteabs.com%22%2C%22ballys.com%22%2C%22pngaming.com%22%2C%22betnow.eu%22%2C%22unibet.com%22%2C%22bet365.com%22%5D%7D&ius=1&hfa=45a1e2af-1290-43cb-b4b3-3b76fb34eb74-tucte38e958&schain=%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22taboola.com%22%2C%22rid%22%3A%221763828385%22%2C%22sid%22%3A%221003858%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*71w6nsgRWxB7yra9zIV6z7BoDlz2eNez7QMH4V4Lb0_a_4I6C9lw5SSwhQoCBZUN%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%2C%22pba%22%3A%22hist7gABV8OQQpQMln5P33pHYbWjSlgb38Fz5KLKKc4%3D%22%2C%22abTestingControlGroup%22%3Afalse%7D%7D%5D%7D%5D&coppa=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.channelexco.com
a.teads.tv
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
apex.go.sonobi.com
api.gannett-cdn.com
api.rlcdn.com
beacon.taboola.com
bfbe0faf6068975b8fa4dcc6a6141780.safeframe.googlesyndication.com
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
biddr.brealtime.com
c.amazon-adsystem.com
c2.taboola.com
cdn.brandmetrics.com
cdn.confiant-integrations.net
cdn.ex.co
cdn.taboola.com
cdn.undertone.com
cds.taboola.com
ch-match.taboola.com
ch-trc-events.taboola.com
ch-vid-events.taboola.com
cm.app.com
cm.g.doubleclick.net
collector-1.ex.co
collector.brandmetrics.com
collector.ex.co
config.aps.amazon-adsystem.com
content.quantcount.com
coupang.app.com
crb.kargo.com
display.bidder.taboola.com
dt.adsafeprotected.com
e.channelexco.com
eb2.3lift.com
eus.rubiconproject.com
exbd.ex.co
exch.quantcount.com
gannet-cdn.ex.co
gannet-player.ex.co
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbx.media.net
hlsmedia.gannett-cdn.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprchmp.taboola.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.sharethrough.com
mcd-playlist.ex.co
nr-events.taboola.com
p.channelexco.com
p1.parsely.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-ssn.quantcount.com
pixel.adsafeprotected.com
pixel.quantcount.com
pixel.quantserve.com
pixel.rubiconproject.com
player.ex.co
pm-widget.taboola.com
prebid.media.net
protected-by.clarium.io
ps.ex.co
qsearch-a.akamaihd.net
reachms.bfmio.com
region1.analytics.google.com
reporting-api.gannettinnovation.com
rtb.channelexco.com
rtb.channelexco.com.com
rtb.ex.co
rtb.openx.net
rumcdn.geoedge.be
s-06.channelexco.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
st.pubmatic.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.bfmio.com
sync.colossusssp.com
sync.ex.co
sync.go.sonobi.com
sync.taboola.com
targeting.unrulymedia.com
topics.authorizedvault.com
traxex.gannettdigital.com
trc.taboola.com
u.openx.net
user.app.com
vidstat.taboola.com
vidstatb.taboola.com
www.app.com
www.gannett-cdn.com
www.google.com.mt
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.temu.com
www.usatodaynetworkservice.com
x.bidswitch.net
z.moatads.com
apex.go.sonobi.com
eus.rubiconproject.com
hlsmedia.gannett-cdn.com
htlb.casalemedia.com
prebid.media.net
rtb.channelexco.com.com
www.app.com
104.18.24.18
104.18.27.193
104.21.64.98
108.138.112.90
108.59.7.241
108.59.7.249
141.226.124.48
141.226.224.32
141.226.224.48
142.250.65.198
142.251.41.2
151.101.1.44
151.101.193.44
151.101.194.62
151.101.65.44
151.101.66.132
151.101.66.189
151.101.66.62
162.19.138.116
162.19.138.118
172.240.155.108
18.173.132.105
18.173.140.223
18.214.213.87
18.238.49.48
192.184.68.228
199.232.193.91
199.232.197.91
20.33.67.17
20.40.202.2
2001:4860:4802:34::36
207.65.32.83
209.58.147.67
23.105.12.116
23.200.0.188
23.200.0.25
23.203.105.107
23.203.105.149
23.203.179.38
23.205.2.235
23.58.90.38
23.59.144.227
23.59.145.189
23.82.15.161
2600:1f13:800:7781:65f5:c13:5e87:b5e1
2600:9000:247b:fa00:8:48e:53c0:93a1
2600:9000:2511:6400:4:b37b:9440:93a1
2600:9000:261f:5400:1f:2473:9080:93a1
2600:9000:2840:200:1b:5138:8a40:93a1
2606:4700:20::681a:5a
2606:4700:4400::ac40:90a6
2607:f350:3:2569:0:10:0:200c
2607:f8b0:4004:c09::9d
2607:f8b0:4006:80d::2006
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2001
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2008
2620:100:a00b::12
2620:100:a00b::30
2620:116:800b:21:b08a:1dc5:659b:4055
2620:116:800b:21:c1e8:5385:5098:6bf0
2a02:6ea0:c400::54
2a04:4e42:600::300
3.168.102.127
3.208.203.174
3.224.66.114
3.33.220.150
34.107.165.188
34.149.193.192
34.198.236.31
34.98.64.218
35.211.202.130
35.227.252.103
35.244.193.51
44.214.221.11
52.0.178.58
52.200.250.208
52.205.167.202
52.223.22.214
52.45.244.46
52.72.153.112
52.72.250.48
54.224.103.108
54.84.83.189
54.88.240.128
63.251.28.231
68.67.160.186
69.173.146.5
69.194.240.11
74.214.194.131
8.28.7.82
8.28.7.83
98.82.156.107
0027e9c7a27f1d9739a5704475076bb2b1d102606ec7c9fa6b51a8ed22fc8ee0
040460aab8afc61d37689a26a944e5e0519c9230b3c1ee51e323a5e4bf8b703d
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0872a7586906caffd12f4f51844e566f28cd45b4ccc9b72a195e2e5c0da14340
08e490a8a1d1f4d2d8cce23bfe17c66f92c0c9479d3e6adc875936010a29e344
09ff51e8da83c9e21d60dfe0362dd8ba6757e563659f1ab043779e1dd5118b4b
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0ec01b064473a67133f2dd843cb09a72f820c1e76d7830f4530a002ac0552813
11525efb02094ebc00fce553967f57983411eb1dbc30204e6b08a0e6fe9c115f
116530ea020565447a171be5f36baf41673b2021b6ee402dfbae53dbaceb6c03
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b
153944c7cd42909eebfaa74a3d320806b1e4339cbb5a12bec035866da4337167
1cdc2274e5eaf0d4d1c18e0651e0f8e75abc2a1f2b1d4295c3a01cf94c6fff16
1cfba83f4873569e304e35fb2946ca5db4443a2c3fab559bf872051feae39d91
21d9a7dc3edd4fcc04c12f9c6fa2e80d3d6bb76892926a5d5ce644ff11274fd5
2452d296244679df05abfe540f6c8cabcad97defbe9a055ced27a78616bd5642
24f63cff35e66522794330927cb0a0b3ceb2e2324a96c2dced10f589b975ce28
290fc68455fa7fb89844847addc691815734b40c5d45fc84e5999c7c011d0da5
2a2982d1f827e63af430413250f64336eb291d3c88c91533ea3c4a556e3107b9
2b2ec58a81201c3f51829c123f469a07aa5054111e1fd02606e7c9db9531d0b5
2c6ffa36d133552a1a3b117c5f340dd1d668d2d361e947780a23d23a529c2f7b
2d033dee4eb850e52337cf5ecfdfcbdf3b2c507b734156d38811036ecafc7d22
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e79d484a403cce56d6efdce4a215adf6dc9bc2b4bebc720283cb1f7f8c34814
34cf3d36da914a3f9c4b5a1bb214c391d5d5b8168a911ed2d39d4bbd538b4294
373b29782690d4b0bb83cf9c4b1323a4900833daf920cc0514bea7023ffcb725
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
3b050bdfe319eb40e7ea55dfb25f5c4df807342910483c56acdfd4b9a1286422
3b5a66c6c562473f3d5e87ea3e9bf271552c9e15e51380d9b48bf714f8e8e815
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e4425fd2ceb01a41d3602024cb2e9a76ec239149cab94755a7ab8f8357b73c5
4e574ecc224ea84750dc4af2e9f2532cf3dc4e326cd0bada0b9aa6c3197a9965
5103b3263b3d17ff428f1f65f12173688ea2ffe97ebe97396edb03c2f9d236cc
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
557a8f6cf19253dd1a61afa6dc7d4b8a5cf212d8329465f29d9cd012969c30a5
59c1cb71989ee3651305fc721e45525a161bed9f64e0e8cb8d0ad2f7afaa512e
5a21e88ae16a60054e122df28a9518dfce9619f51caba062973e6f0793c4a96e
5adbe30d65ea687c54a62dff06df8949960520b18a43a90a56c80a841bc49635
5bfba1a773428ab790799f96951926050b764f7c46af9b633183987458ca5604
5e0f3e088896d15c5b2d1a0396fe84159eeee608a535c6f4e62992c927e8434f
5e6b8bed905b3e3d971145ea3c117824f232e749e2b14e09885061b202688ad2
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
62da423b6725cef7408576625a446da5e52883bdf8348014a56b44e940ede980
645036bb15fef1d1e241628b7eea269a074b2b4a81ec68e48bbf8cb400c19352
646de26aca05b66f1af42326f476fa9e9fd0fe1ae0e6b84c8df43a371fff71ab
6500b45201c0146d2abc484c9bf09d6dfdb8b7a396862781ad9a5dc14d930553
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b352d8e12f630f1d8ad487dcc7d40b3dc5a7c10e907527243cd2048ed0d488e
6bd218778c47ed6738fa1b77fe7cf43768570eab99f575f1c671209ae2a2d86d
6d820a5264dfff129308165d185e4ac3a5f9e2a5d28a6391831b27935fbfd080
6debdebf7684bd58e6fb13f0d994f63c518cb861c16f3df0e68702aea3f8a877
705b8026b7469e0c185d4b33e3f1a1222c4914bd54b80bcc5977d194d67f69a1
70ab52f209b3f36b0cb65881621d2747ba6afebc121f6b2b8af8aa858a157caa
72a9917e00b5dc4dbf2230fd30528c1e2bfffe070a8a7607b65d0c7a81bfd298
72de1758435adda74ca5c6d67dff2f7074e66eef6f6f0bce605745873243296c
731085c22bf66b70f7ada1d3f757d3b326516ed60a58912da851ec85d877a6c4
7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6
7751496c5744ddd6ff9cd1bdfbd22afa36801cdff6f5c3b8cb86fe410bced3ec
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
795d12439d0e6f0382f8687d6599a2e72cbf51e6806e224069a77281bfd7cbe8
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
796ef0ab667574002aea17b14012128df73c7359f36bfc7bbe780775a2837612
7b4b4d272c69c9ec049592526a53794b8dff4372e521d64603822d00dd23a93d
7ce36607a7e8bdbef7c76398954c71ff65e90da33b2ee49df9c6766f583974fe
8065b7df2963238e83bb9613a83a56e3b411798d45a53810eaaa3874b58d72ac
80677a4b5c39b39809f96e0ccdfed9384336c12ffa40d1f1d553e77901b17028
8296451fb9812759da5b17aabf641439bb89b12d19cf56e6a7b4f61b8383d6fb
83d748c25d26625b315cdea321942227ca15d89b0cee7fecd4db51dc30e07a96
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
86520ba486b8d9fbd35c861db4b7c2cc50ec8a45be2167dbe65de3be09ae284b
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
93f32a02c00467cf4033b24e211df51fee6bcf9bf1ffecb025d997165672bb47
9471fa57cc6a8968ee49095dc1df6ca897ae455c568ca19b882b883ed8255694
970d669b94f61dd623451a1f64ee412137c2bbc5da1a26281badbfa413b60044
977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149
9823d0872c81c8e82c90402e16618a0cdf9e457822bae78a0692de1b6bafc2bf
9a681b8103a31cb35f29d0d70b81bfb12ec717801f366e1263624a8bbab8b94b
9ab5aa6d94a9305a4a407e9289023f9107e8304173a8a3dea046c135e982596f
9c7f6fd0022b86aa7d247519268380f93934600930f517737ac55284b4ed8df1
a0d0a4f6b15f5ed7dfd9932442a3f07bf7ef6e348fce922d533245734a1b5702
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d634597e0d4565374226635016a842ab907f12fc89accb3c27655dc03841a1
a4269c83d8810a9675434dd70f496d5d9937a00fe8cee2503121e30b8fea4673
a5a31827c71d815b998de4e3c711f7f3766b9c36d4591497aa6e15201242d923
a74d9724ae67f74751f2e4cce56f6d6e500233aef75597aaed1a501921b0099e
a8141250dcf0391a87693799e12e993288e0a90133be06f9bed2dc3a316778ef
a8754d0d56b047609230516dcc57dacd00eb24e2fc5bd2afb88409520539fc6f
aad5319fa68d4ffea7c51f2994cd36ba8a8fb9a460f3a9f54e49efa059e47d3b
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
af9e2a83c2bc6cccaa29c0ad55d30708ea9cc921faf02e106bfbda33cc0f6b1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b0ccb1e7ffe9e5c75b246d4db65e7f31e85ebc77c311c3189f3595df5c0fa0
b3eb4f255ae6d937022a3090f8c9308b02f4fcacf340164e328bb756d5cf8ea9
b5b1ea45a62b4f16d19ea14504d545a98dd4cf5a96201715926fb5661feda7c8
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07
b80e0a9102663e7bdec1f8dc01741171d9e8b40603550b6adbdef141e65fc811
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
bb68b6b3efed65167419d2d83d8099d4c2f5468d13915ec0f3989f13416139a9
bc341ab6cbb870eec55e773b796511beef7d0b6ade65eae2311d7b8060474b63
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be79db2764fbc076a383e533a982573f4ed7d644e5e8eeb09628dfd0038f3e71
bfb59705829eff9d0ad56239809e368dee43985d2ac9b6cb22aa00d82b51775a
c0c9fe56108491de6d1887d3266581dcf1c38336e7bd5b682120da8203b6ca80
c176d10ab744408c11b6c27e9812693aa1ad3052b21fff915ee1ea4413baf945
c20e6200f71d128e8a1feff9bbf8aee67e26da41044e47a6af6314eeeb643f23
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4cb41273a22371997a962233faaa1c6cf3dd3959016d8c9d828e2919a71154a
c8d78ea42c6a2dcb9066ebaa8a8d6a56a108e3e3e89308ac2c7f8f865b35df16
c938254f7334b5356b837bf6d9881faed749498e00dd528cf4db66ba0938591a
ca1516faacb3dc8defcc099069bd409f4088449411445e1d5881e3e452aca05d
caa9ae45f484302f0ef8be00fc809de6586c0b2f28418c9f48474b7fbf0ff712
cc8c9614e32af4e9ddcd7c5ba1257bfe65354f3cbf995c19d023f0669fb9dba8
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e
ceed49a2835d38dc0b35580057e55d09dd7c8e7ea950fc04a492f386aef5e7f5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03ba608f57b719c2f2c9e2e6ca5c746cea042d926790df5d86da69648d73a43
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12a93038272c3b3c33b4b0062c16d362da00bf9aac59af68adb2d849bbd19a8
d2a268b43f97ddbe351c560fbfd48bfc04d70b1f5143df4b6cc44afa3b07f07d
d45327febb4848caf1bbe3fb0558e42c948c224d4ed96c6f19c168824ffd8ca9
d4e8cfde282fd024d54edff75ca3608cc1f2ed38c56b2ee3829257df1b58e70a
d525d90d883cad220e87a6b6605213652228c26e2702e743f7301040f9c6e8f8
d845f4e8d32f7ab2594a47560a708475fddc0c6c048f0fcddbfe4a94a02bba50
daf26826ec2a81be4a6467c1dd9d62b00e6c0b27c7852946a0b278b605262827
de5180d113fe0ee8b97c7b5a6f987b440709caf5f538b62f40bbbfd5086b562a
e30254e255422accd9499d4ebe8306d4a293fe5f10c53719b299fd70a1a0b77b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4837786f42fdd3a3eb647ac7f5062af9d15d2b84fe8e9ceab87aba5eb16f9e6
e54dc9a41adb4bbc18fd3b62011cf26f0c36195db74aed248d935422968f5e2f
e9e22c90f4d3a638dd09a6064a8f838d69839068e056ea5ea8634cb59f8539f5
ed2a473cfa3c4774bf40ecd7bf40b712194e6fb12bfe8da6be047d867a7baa61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f056270405dbdb369c4b2eb52059bcda66aa4e280ab4d5a1788402e3ed60b651
f0a0fa9cc56b102d1cf9b68c3aa8ab928d3e0d1aedec7c0b6b20c428dd5f827a
f0f7932c11059707e73d8ef0f91e70e0cf7a7faf2f18fccffbdad0a6f2e1f8eb
f3e3353bd01e767ff59da7875dc275115913898a536f5542349fcce15b66a48b
f3e52476edf8c00b6ac58abc2d151dd03723be2e7b958d46d728bf9d4a2a86bf
f4a7c16692cc93bc337203649b03d6489a2e69b3ff331994e5778d568d57a542
f5d54d9a4d92439573737d236717f4cc3d0f21bc75de2ba49d06964d4f7d1b61
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9eb538f15ae4d2e4cb9ed5e460819a92c66466a1b3fa270a1109819f80695e5
f9f1752e77cfe685b15ce30b4337cecc4804a1e6561c498b0722e4059e395f5a
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc86394ee449afbb0d3c4892216a2090b882e8cbf13951b2075b2dc10836eab2
fca6f31e1377cee31da3ef34a8b95a329d7d83eaf72305d89910f29162266472