urlscan.io logo urlscan.io
SecurityTrails logo

www.telegraphherald.com Open in urlscan Pro
192.104.183.109  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Submission: On January 06 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 121 IPs in 9 countries across 126 domains to perform 466 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is www.telegraphherald.com.
TLS certificate: Issued by GTS CA 1P5 on November 25th 2023. Valid for: 3 months.
This is the only time www.telegraphherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 192.104.183.109 10668 (LEE-ASN)
10 2606:4700::68... 13335 (CLOUDFLAR...)
58 104.16.132.24 13335 (CLOUDFLAR...)
3 54.230.163.106 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
4 50.17.111.65 14618 (AMAZON-AES)
1 18.165.83.70 16509 (AMAZON-02)
2 54.197.229.45 14618 (AMAZON-AES)
1 6 108.138.106.50 16509 (AMAZON-02)
5 13.224.214.108 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
6 18.238.8.230 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2600:9000:25c... 16509 (AMAZON-02)
2 13.224.214.41 16509 (AMAZON-02)
6 52.217.124.97 16509 (AMAZON-02)
1 7 3.130.26.161 16509 (AMAZON-02)
3 104.254.130.154 29802 (HVC-AS)
2 23.61.22.89 16625 (AKAMAI-AS)
2 108.138.128.34 16509 (AMAZON-02)
4 104.18.35.167 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
13 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:251... 16509 (AMAZON-02)
1 2620:100:a001::4 19750 (AS-CRITEO)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 5 35.244.193.51 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
3 23.196.3.202 20940 (AKAMAI-ASN1)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.231.140.88 16509 (AMAZON-02)
1 4 34.197.228.249 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
4 13.224.207.4 16509 (AMAZON-02)
8 11 162.19.138.116 16276 (OVH)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
3 2607:f8b0:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
2 18.238.4.3 16509 (AMAZON-02)
1 74.119.119.139 19750 (AS-CRITEO)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 10 2606:4700:10:... 13335 (CLOUDFLAR...)
10 10 68.67.160.186 29990 (ASN-APPNEX)
10 11 3.33.220.150 16509 (AMAZON-02)
11 12 8.28.7.83 62713 (AS-PUBMATIC)
13 22 8.43.72.98 26667 (RUBICONPR...)
7 10 34.111.113.62 396982 (GOOGLE-CL...)
15 21 142.251.35.162 15169 (GOOGLE)
5 13 35.244.159.8 15169 (GOOGLE)
1 1 172.240.155.116 7979 (SERVERS-COM)
3 3 34.199.75.211 14618 (AMAZON-AES)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
2 28 52.46.143.56 16509 (AMAZON-02)
4 23.37.113.15 16625 (AKAMAI-AS)
1 52.85.61.19 16509 (AMAZON-02)
1 141.95.33.120 16276 (OVH)
2 2 52.0.156.250 14618 (AMAZON-AES)
2 2 3.233.22.19 14618 (AMAZON-AES)
4 5 34.200.65.202 14618 (AMAZON-AES)
1 2 34.117.77.79 396982 (GOOGLE-CL...)
4 5 35.244.154.8 396982 (GOOGLE-CL...)
1 172.64.149.180 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
13 52.85.151.96 16509 (AMAZON-02)
3 184.73.232.225 14618 (AMAZON-AES)
12 3.223.131.63 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
2 34.236.138.205 14618 (AMAZON-AES)
2 23.47.169.117 16625 (AKAMAI-AS)
1 34.206.99.162 14618 (AMAZON-AES)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 54.203.25.147 16509 (AMAZON-02)
2 108.138.106.16 16509 (AMAZON-02)
1 104.18.13.242 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
2 8 63.251.114.136 32475 (SINGLEHOP...)
1 3 3.219.2.103 14618 (AMAZON-AES)
10 10 52.86.139.62 14618 (AMAZON-AES)
2 2 2607:f350:3:2... 27630 (AS-XFERNET)
4 4 52.7.115.38 14618 (AMAZON-AES)
16 27 8.28.7.82 62713 (AS-PUBMATIC)
2 4 8.28.7.84 62713 (AS-PUBMATIC)
12 12 35.211.178.172 19527 (GOOGLE-2)
1 1 35.211.118.13 19527 (GOOGLE-2)
3 3 35.207.24.140 15169 (GOOGLE)
1 104.18.9.110 13335 (CLOUDFLAR...)
1 23.37.113.154 16625 (AKAMAI-AS)
2 96.6.1.46 16625 (AKAMAI-AS)
1 13.225.63.13 16509 (AMAZON-02)
12 13.224.214.83 16509 (AMAZON-02)
1 18.238.12.225 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2 34.170.123.2 396982 (GOOGLE-CL...)
1 1 35.208.249.213 19527 (GOOGLE-2)
4 10 104.18.36.155 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 1 23.105.12.158 30633 (LEASEWEB-...)
8 8 2606:ae80:145... 25751 (VALUECLICK)
1 5 107.20.39.164 14618 (AMAZON-AES)
6 23.195.94.138 16625 (AKAMAI-AS)
4 7 198.148.27.131 19189 (PULSEPOINT)
4 4 63.251.86.49 32475 (SINGLEHOP...)
14 54.87.127.173 14618 (AMAZON-AES)
2 3 18.215.90.210 14618 (AMAZON-AES)
2 2 54.196.247.2 14618 (AMAZON-AES)
1 2 8.18.47.7 398989 (DEEPINTENT)
4 4 70.42.32.159 22075 (AS-OUTBRAIN)
2 2 216.22.16.68 30633 (LEASEWEB-...)
3 3 185.167.164.39 198622 (ADFORM)
1 1 124.146.153.162 2514 (INFOSPHER...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 2 23.1.200.83 16625 (AKAMAI-AS)
1 2 107.178.254.65 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
4 4 2620:112:f002... 6336 (TURN-US-ASN)
2 3 151.101.2.49 54113 (FASTLY)
3 104.36.115.113 62713 (AS-PUBMATIC)
3 3 54.243.132.7 14618 (AMAZON-AES)
2 2 108.138.106.17 16509 (AMAZON-02)
2 2 199.38.167.131 54312 (ROCKETFUEL)
3 3 54.209.20.238 14618 (AMAZON-AES)
2 52.203.70.213 14618 (AMAZON-AES)
1 1 44.215.45.69 14618 (AMAZON-AES)
1 1 8.2.110.134 46636 (NATCOWEB)
1 80.77.85.115 46636 (NATCOWEB)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 2 2620:116:800b... 14618 (AMAZON-AES)
8 8 69.194.240.13 26120 (RHYTHMONE)
16 18 162.248.18.37 62713 (AS-PUBMATIC)
1 1 131.153.148.28 19437 (SS-ASH)
22 3.211.158.177 14618 (AMAZON-AES)
1 1 35.214.204.214 15169 (GOOGLE)
1 1 67.202.105.24 32748 (STEADFAST)
1 1 195.244.31.10 63140 (IGUANA-WO...)
1 1 80.77.87.166 46636 (NATCOWEB)
3 4 52.223.22.214 16509 (AMAZON-02)
1 1 54.209.245.194 14618 (AMAZON-AES)
3 3 174.129.115.222 14618 (AMAZON-AES)
7 8 147.28.129.140 54825 (PACKET)
1 1 131.153.242.59 19437 (SS-ASH)
1 1 35.227.252.103 396982 (GOOGLE-CL...)
1 1 37.157.2.230 198622 (ADFORM)
1 1 63.251.28.133 26558 (FREEWHEEL)
1 2 38.68.201.140 174 (COGENT-174)
2 2 96.46.186.63 7979 (SERVERS-COM)
1 51.222.39.186 16276 (OVH)
2 2 34.208.28.93 16509 (AMAZON-02)
1 40.76.134.238 8075 (MICROSOFT...)
2 2 69.173.151.100 26667 (RUBICONPR...)
1 52.95.122.74 16509 (AMAZON-02)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 1 2600:9000:266... 16509 (AMAZON-02)
1 1 2600:9000:20e... 16509 (AMAZON-02)
1 13.224.214.10 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 23.105.12.121 30633 (LEASEWEB-...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
4 4 188.166.17.21 14061 (DIGITALOC...)
2 2 173.231.178.77 32475 (SINGLEHOP...)
1 1 52.0.205.209 14618 (AMAZON-AES)
1 2 34.202.106.150 14618 (AMAZON-AES)
1 54.198.106.196 14618 (AMAZON-AES)
1 52.73.1.8 14618 (AMAZON-AES)
2 2 207.198.113.89 13768 (COGECO-PEER1)
1 1 74.119.119.150 19750 (AS-CRITEO)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.238.55.15 16509 (AMAZON-02)
466 121
13    192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com
www.telegraphherald.com
10    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
58    104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.newyork1.vip.townnews.com
3    54.230.163.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-106.ewr53.r.cloudfront.net
tagan.adlightning.com
3    2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    50.17.111.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-111-65.compute-1.amazonaws.com
widget.fotomoto.com
www.fotomoto.com
1    18.165.83.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-70.iad55.r.cloudfront.net
platform-api.sharethis.com
2    54.197.229.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-229-45.compute-1.amazonaws.com
embed.secondstreetapp.com
api.secondstreetapp.com
6    108.138.106.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-50.jfk50.r.cloudfront.net
embed.sendtonews.com
embedcdn.sendtonews.com
5    13.224.214.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-108.phl50.r.cloudfront.net
assets.revcontent.com
8    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    18.238.8.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-8-230.phl51.r.cloudfront.net
c.amazon-adsystem.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2600:9000:25c8:2000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
2    13.224.214.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-41.phl50.r.cloudfront.net
config.aps.amazon-adsystem.com
6    52.217.124.97 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
static-fotomoto-com.s3.amazonaws.com
7    3.130.26.161 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-26-161.us-east-2.compute.amazonaws.com
l.sharethis.com
sync.sharethis.com
3    104.254.130.154 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: 104-254-130-154.static.hvvc.us
ads.empowerlocal.co
2    23.61.22.89 (Chicago, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-61-22-89.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    108.138.128.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net
tags.crwdcntrl.net
4    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
13    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2511:c600:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
4    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    23.196.3.202 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-196-3-202.deploy.static.akamaitechnologies.com
t.sharethis.com
5    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
pixels.ad.gt
1    54.231.140.88 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    34.197.228.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-228-249.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
4    13.224.207.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-207-4.phl50.r.cloudfront.net
cdn.segment.com
11    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
3    2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    18.238.4.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-3.phl51.r.cloudfront.net
assets.publicgood.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
p.ad.gt
10    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
ids.ad.gt
10    68.67.160.186 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
11    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
12    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
22    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
10    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
21    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
cm.g.doubleclick.net
13    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
google-bidout-d.openx.net
us-u.openx.net
1    172.240.155.116 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
3    34.199.75.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-75-211.compute-1.amazonaws.com
ad.360yield.com
4    2600:1f18:4e9:5a01:75af:f069:585e:f21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
28    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    23.37.113.15 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-113-15.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    52.85.61.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-19.ewr53.r.cloudfront.net
advice.pgs.io
1    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
lb.eu-1-id5-sync.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadus.exelator.com
2    3.233.22.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-22-19.compute-1.amazonaws.com
ps.eyeota.net
5    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
2    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
5    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
1    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
13    52.85.151.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-96.iad89.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
3    184.73.232.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-232-225.compute-1.amazonaws.com
s2l.sendtonews.com
12    3.223.131.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-131-63.compute-1.amazonaws.com
trends.revcontent.com
yeet.revcontent.com
2    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    34.236.138.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-138-205.compute-1.amazonaws.com
count.api.pgs.io
2    23.47.169.117 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-169-117.deploy.static.akamaitechnologies.com
a.teads.tv
1    34.206.99.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-99-162.compute-1.amazonaws.com
id.sv.rkdms.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    54.203.25.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-25-147.us-west-2.compute.amazonaws.com
api.segment.io
2    108.138.106.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-16.jfk50.r.cloudfront.net
player.sendtonews.com
1    104.18.13.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
1    2607:f8b0:4006:81d::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    63.251.114.136 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    3.219.2.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-2-103.compute-1.amazonaws.com
rtb.gumgum.com
10    52.86.139.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-139-62.compute-1.amazonaws.com
match.prod.bidr.io
2    2607:f350:3:2569:0:10:0:200c (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    52.7.115.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-115-38.compute-1.amazonaws.com
sync.ipredictive.com
27    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
12    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    35.211.118.13 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    104.18.9.110 (None, )

ASN13335 (CLOUDFLARENET, US)
ds.reson8.com
1    23.37.113.154 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-113-154.deploy.static.akamaitechnologies.com
sync.teads.tv
2    96.6.1.46 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-6-1-46.deploy.static.akamaitechnologies.com
t.teads.tv
1    13.225.63.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-13.ewr53.r.cloudfront.net
img.revcontent.com
12    13.224.214.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-83.phl50.r.cloudfront.net
images.revcontent.com
1    18.238.12.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-12-225.phl51.r.cloudfront.net
aax.amazon-adsystem.com
1    2607:f8b0:4006:824::2001 (United States)

ASN15169 (GOOGLE, US)
90cb115e82623b375d8d3ff0d604a8ec.safeframe.googlesyndication.com
2    34.170.123.2 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 2.123.170.34.bc.googleusercontent.com
um.simpli.fi
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
10    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
1    2600:9000:20ed:6c00:17:c484:6380:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-tam.minutemedia-prebid.com
1    23.105.12.158 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
8    2606:ae80:1451:20::1720 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
pubmatic-match.dotomi.com
5    107.20.39.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-39-164.compute-1.amazonaws.com
match.sharethrough.com
6    23.195.94.138 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-94-138.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    63.251.86.49 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
14    54.87.127.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-127-173.compute-1.amazonaws.com
usersync.gumgum.com
3    18.215.90.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-90-210.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    54.196.247.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-247-2.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    216.22.16.68 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
3    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    124.146.153.162 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    23.1.200.83 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    54.243.132.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-132-7.compute-1.amazonaws.com
i.liadm.com
2    108.138.106.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-17.jfk50.r.cloudfront.net
live.rezync.com
2    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    54.209.20.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-20-238.compute-1.amazonaws.com
pm.w55c.net
2    52.203.70.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-70-213.compute-1.amazonaws.com
rtb.adentifi.com
1    44.215.45.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-45-69.compute-1.amazonaws.com
um4.eqads.com
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
1    80.77.85.115 (Clifton, United States)

ASN46636 (NATCOWEB, US)
us2.shb-sync.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
8    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
18    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    131.153.148.28 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
22    3.211.158.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-158-177.compute-1.amazonaws.com
cs.minutemedia-prebid.com
1    35.214.204.214 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 214.204.214.35.bc.googleusercontent.com
csync.loopme.me
1    67.202.105.24 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
1    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
4    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    54.209.245.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-245-194.compute-1.amazonaws.com
ads.yieldmo.com
3    174.129.115.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-115-222.compute-1.amazonaws.com
ssp.disqus.com
8    147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    131.153.242.59 (United States)

ASN19437 (SS-ASH, US)
id.a-mx.com
1    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    37.157.2.230 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    63.251.28.133 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
2    96.46.186.63 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
2    34.208.28.93 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-28-93.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    2600:9000:266a:5c00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:20ed:ca00:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    13.224.214.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-10.phl50.r.cloudfront.net
sync1.intentiq.com
3    2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    23.105.12.121 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
4    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    173.231.178.77 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    52.0.205.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-205-209.compute-1.amazonaws.com
rtb.adstanding.com
2    34.202.106.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-106-150.compute-1.amazonaws.com
thrtle.com
1    54.198.106.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-106-196.compute-1.amazonaws.com
crb.kargo.com
1    52.73.1.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-1-8.compute-1.amazonaws.com
sync.bfmio.com
2    207.198.113.89 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    18.238.55.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-15.jfk52.r.cloudfront.net
synchroscript.deliveryengine.adswizz.com
Apex Domain
Subdomains		 Transfer
68 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1555
ads.pubmatic.com — Cisco Umbrella Rank: 811
image8.pubmatic.com — Cisco Umbrella Rank: 1098
image4.pubmatic.com — Cisco Umbrella Rank: 2201
image6.pubmatic.com — Cisco Umbrella Rank: 1215
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
simage4.pubmatic.com — Cisco Umbrella Rank: 1864
117 KB
58 townnews.com
bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 27551
502 KB
38 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923
175 KB
32 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 744
eus.rubiconproject.com — Cisco Umbrella Rank: 951
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 2017
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
62 KB
30 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 11092
trends.revcontent.com — Cisco Umbrella Rank: 3703
img.revcontent.com — Cisco Umbrella Rank: 15811
images.revcontent.com — Cisco Umbrella Rank: 13473
yeet.revcontent.com — Cisco Umbrella Rank: 13092
306 KB
27 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
170 KB
23 minutemedia-prebid.com
cs-tam.minutemedia-prebid.com — Cisco Umbrella Rank: 12982
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 3088
12 KB
17 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 2293
usersync.gumgum.com — Cisco Umbrella Rank: 3044
5 KB
16 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2214
u.openx.net — Cisco Umbrella Rank: 1108
google-bidout-d.openx.net — Cisco Umbrella Rank: 2217
us-u.openx.net — Cisco Umbrella Rank: 930
rtb.openx.net — Cisco Umbrella Rank: 1007
4 KB
16 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2163
a.ad.gt — Cisco Umbrella Rank: 2414
p.ad.gt — Cisco Umbrella Rank: 2978
ids.ad.gt — Cisco Umbrella Rank: 2233
pixels.ad.gt — Cisco Umbrella Rank: 2669
20 KB
13 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
r.bidswitch.net — Cisco Umbrella Rank: 15630
6 KB
13 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
727 KB
13 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
64 KB
13 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1218
id5-sync.com — Cisco Umbrella Rank: 658
79 KB
13 telegraphherald.com
www.telegraphherald.com
198 KB
12 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1432
ap.lijit.com — Cisco Umbrella Rank: 998
12 KB
12 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5889
buttons-config.sharethis.com — Cisco Umbrella Rank: 6580
l.sharethis.com — Cisco Umbrella Rank: 6152
t.sharethis.com — Cisco Umbrella Rank: 7726
sync.sharethis.com — Cisco Umbrella Rank: 4415
64 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
5 KB
11 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 19273
embedcdn.sendtonews.com — Cisco Umbrella Rank: 22328
s2l.sendtonews.com — Cisco Umbrella Rank: 19393
player.sendtonews.com — Cisco Umbrella Rank: 24073
402 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
ssum.casalemedia.com — Cisco Umbrella Rank: 2058
7 KB
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
5 KB
10 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
2 KB
10 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 793
ib.adnxs.com — Cisco Umbrella Rank: 356
9 KB
10 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1919
lexicon.33across.com — Cisco Umbrella Rank: 2501
ssc-cms.33across.com — Cisco Umbrella Rank: 1511
18 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 625
153 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
90cb115e82623b375d8d3ff0d604a8ec.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
56 KB
9 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
4 KB
8 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1119
4 KB
8 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 10805
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 15267
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5770
3 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
588 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 881
6 KB
7 amazonaws.com
static-fotomoto-com.s3.amazonaws.com — Cisco Umbrella Rank: 199279
s3.amazonaws.com
330 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
3 KB
6 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 764
api.rlcdn.com — Cisco Umbrella Rank: 1474
id.rlcdn.com — Cisco Umbrella Rank: 1360
2 KB
6 google.com
ampcid.google.com — Cisco Umbrella Rank: 3299
analytics.google.com — Cisco Umbrella Rank: 266
www.google.com — Cisco Umbrella Rank: 6
2 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
imasdk.googleapis.com — Cisco Umbrella Rank: 639
371 KB
6 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
25 KB
5 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
2 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1674
sync.teads.tv — Cisco Umbrella Rank: 2019
t.teads.tv — Cisco Umbrella Rank: 3253
135 KB
4 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3435
2 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 731
1 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1449
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
cm.adform.net — Cisco Umbrella Rank: 1664
2 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
2 KB
4 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 13277
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
1 KB
4 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1536
2 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
dis.criteo.com — Cisco Umbrella Rank: 943
8 KB
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2979
36 KB
4 fotomoto.com
widget.fotomoto.com — Cisco Umbrella Rank: 186357
www.fotomoto.com — Cisco Umbrella Rank: 265944
24 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2608
1021 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
2 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
878 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
1 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2881
1 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1932
1 KB
3 pgs.io
advice.pgs.io — Cisco Umbrella Rank: 55471
count.api.pgs.io — Cisco Umbrella Rank: 55272
1 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 995
914 B
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 3020
creativecdn.com — Cisco Umbrella Rank: 809
2 KB
3 empowerlocal.co
ads.empowerlocal.co — Cisco Umbrella Rank: 104986
15 KB
3 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 3891
89 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321
938 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2386
684 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2472
1011 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1479
sync1.intentiq.com — Cisco Umbrella Rank: 2959
2 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1732
534 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2456
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 10897
967 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399
919 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1348
1003 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 7847
741 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 2030
69 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1485
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2302
2 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1480
825 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1629
729 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
1 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1696
1 KB
2 segment.io
api.segment.io — Cisco Umbrella Rank: 1619
359 B
2 gstatic.com
fonts.gstatic.com
144 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
25 KB
2 ml314.com
ml314.com — Cisco Umbrella Rank: 3210
556 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1645
1 KB
2 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 2319
2 KB
2 publicgood.com
assets.publicgood.com — Cisco Umbrella Rank: 53108
14 KB
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2313
19 KB
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623
34 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 950
550 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
91 KB
2 secondstreetapp.com
embed.secondstreetapp.com — Cisco Umbrella Rank: 108802
api.secondstreetapp.com — Cisco Umbrella Rank: 88197
54 KB
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 5299
201 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 3080
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1708
359 B
1 adstanding.com
rtb.adstanding.com — Cisco Umbrella Rank: 17843
358 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 3411
4 KB
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2303
555 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 9298
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
864 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
523 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2556
937 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1057
526 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1665
563 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1124
350 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1467
262 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 7994
614 B
1 shb-sync.com
us2.shb-sync.com — Cisco Umbrella Rank: 22850
532 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 4580
642 B
1 eqads.com
um4.eqads.com — Cisco Umbrella Rank: 4643
271 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2129
831 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1925
361 B
1 reson8.com
ds.reson8.com — Cisco Umbrella Rank: 6308
356 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
17 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 21734
47 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 8684
278 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1067
12 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
283 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 2493
675 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
902 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2532
8 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
13 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3276
3 KB
0 ib-ibi.com Failed
global.ib-ibi.com Failed
466 126
Domain Requested by
58 bloximages.newyork1.vip.townnews.com www.telegraphherald.com
28 s.amazon-adsystem.com 2 redirects google-bidout-d.openx.net
tagan.adlightning.com
s.amazon-adsystem.com
rtb.gumgum.com
u.openx.net
ssum-sec.casalemedia.com
bh.contextweb.com
ce.lijit.com
match.sharethrough.com
cs-tam.minutemedia-prebid.com
ads.pubmatic.com
27 image8.pubmatic.com 16 redirects ads.pubmatic.com
22 cs.minutemedia-prebid.com cs-tam.minutemedia-prebid.com
s.amazon-adsystem.com
21 cm.g.doubleclick.net 15 redirects www.telegraphherald.com
google-bidout-d.openx.net
rtb.gumgum.com
ce.lijit.com
s.amazon-adsystem.com
18 simage2.pubmatic.com 16 redirects match.sharethrough.com
ads.pubmatic.com
14 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
13 pixel.rubiconproject.com 8 redirects s.amazon-adsystem.com
13 d29xw9s9x32j3w.cloudfront.net www.telegraphherald.com
embed.sendtonews.com
13 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.fotomoto.com
www.telegraphherald.com
13 www.telegraphherald.com www.telegraphherald.com
bloximages.newyork1.vip.townnews.com
12 images.revcontent.com www.telegraphherald.com
12 x.bidswitch.net 12 redirects
12 image2.pubmatic.com 11 redirects
11 match.adsrvr.org 10 redirects js-sec.indexww.com
11 id5-sync.com 8 redirects cdn.id5-sync.com
www.telegraphherald.com
10 match.prod.bidr.io 10 redirects
10 pixel.tapad.com 7 redirects s.amazon-adsystem.com
10 ids.ad.gt 1 redirects www.telegraphherald.com
10 cdn.cookielaw.org www.telegraphherald.com
cdn.cookielaw.org
tagan.adlightning.com
9 us-u.openx.net 3 redirects google-bidout-d.openx.net
u.openx.net
9 token.rubiconproject.com 5 redirects www.telegraphherald.com
eus.rubiconproject.com
8 prebid.a-mo.net 7 redirects s.amazon-adsystem.com
8 ce.lijit.com 2 redirects s.amazon-adsystem.com
ce.lijit.com
cs-tam.minutemedia-prebid.com
8 trends.revcontent.com assets.revcontent.com
www.telegraphherald.com
8 www.googletagmanager.com www.telegraphherald.com
www.googletagmanager.com
www.google-analytics.com
7 bh.contextweb.com 4 redirects s.amazon-adsystem.com
bh.contextweb.com
6 sync.1rx.io 6 redirects
6 eus.rubiconproject.com s.amazon-adsystem.com
rtb.gumgum.com
eus.rubiconproject.com
cs-tam.minutemedia-prebid.com
6 static-fotomoto-com.s3.amazonaws.com tagan.adlightning.com
www.telegraphherald.com
6 c.amazon-adsystem.com www.telegraphherald.com
c.amazon-adsystem.com
embed.sendtonews.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 match.sharethrough.com 1 redirects s.amazon-adsystem.com
match.sharethrough.com
5 ib.adnxs.com 5 redirects
5 pagead2.googlesyndication.com imasdk.googleapis.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 sync.sharethis.com www.telegraphherald.com
5 secure.adnxs.com 5 redirects
5 lexicon.33across.com 1 redirects www.telegraphherald.com
cdn-ima.33across.com
5 assets.revcontent.com www.telegraphherald.com
tagan.adlightning.com
5 embed.sendtonews.com 1 redirects www.telegraphherald.com
embed.sendtonews.com
4 match.adsby.bidtheatre.com 4 redirects
4 eb2.3lift.com 3 redirects s.amazon-adsystem.com
4 pubmatic-match.dotomi.com 4 redirects
4 ad.turn.com 4 redirects
4 b1sync.zemanta.com 4 redirects
4 ap.lijit.com 4 redirects
4 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
4 yeet.revcontent.com assets.revcontent.com
4 sync.ipredictive.com 4 redirects
4 idsync.rlcdn.com 3 redirects
4 ups.analytics.yahoo.com 3 redirects u.openx.net
4 ads.pubmatic.com tagan.adlightning.com
s.amazon-adsystem.com
rtb.gumgum.com
4 pr-bh.ybp.yahoo.com 2 redirects google-bidout-d.openx.net
s.amazon-adsystem.com
4 analytics.google.com www.googletagmanager.com
4 cdn.segment.com www.telegraphherald.com
cdn.segment.com
tagan.adlightning.com
4 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
4 fonts.googleapis.com embed.secondstreetapp.com
embed.sendtonews.com
client
4 cdn-ima.33across.com tagan.adlightning.com
www.telegraphherald.com
3 tpc.googlesyndication.com tagan.adlightning.com
3 ssp.disqus.com 3 redirects
3 pm.w55c.net 3 redirects
3 i.liadm.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 px.ads.linkedin.com 1 redirects u.openx.net
s.amazon-adsystem.com
3 c1.adform.net 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 rtb.mfadsrvr.com 3 redirects
3 image4.pubmatic.com 2 redirects s.amazon-adsystem.com
3 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
rtb.gumgum.com
3 s2l.sendtonews.com embed.sendtonews.com
3 ad.360yield.com 3 redirects
3 u.openx.net 2 redirects s.amazon-adsystem.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 t.sharethis.com platform-api.sharethis.com
t.sharethis.com
3 ads.empowerlocal.co www.telegraphherald.com
ads.empowerlocal.co
3 widget.fotomoto.com www.telegraphherald.com
tagan.adlightning.com
static-fotomoto-com.s3.amazonaws.com
3 securepubads.g.doubleclick.net www.telegraphherald.com
tagan.adlightning.com
securepubads.g.doubleclick.net
3 tagan.adlightning.com www.telegraphherald.com
tagan.adlightning.com
2 pixel-sync.sitescout.com 2 redirects
2 thrtle.com 1 redirects
2 cm.adgrx.com 2 redirects
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 dpm.demdex.net 2 redirects
2 ads.betweendigital.com 2 redirects
2 pmp.mxptint.net 1 redirects cs-tam.minutemedia-prebid.com
2 sync.targeting.unrulymedia.com 2 redirects
2 cms.quantserve.com 2 redirects
2 pool.admedo.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 rtb.adentifi.com ssum-sec.casalemedia.com
s.amazon-adsystem.com
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 pippio.com 1 redirects ssum-sec.casalemedia.com
2 secure-assets.rubiconproject.com 2 redirects
2 creativecdn.com 2 redirects
2 ssbsync.smartadserver.com 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync.srv.stackadapt.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 t.teads.tv www.telegraphherald.com
2 sync.go.sonobi.com 2 redirects
2 player.sendtonews.com embed.sendtonews.com
2 api.segment.io cdn.segment.com
2 a.teads.tv www.telegraphherald.com
tagan.adlightning.com
2 count.api.pgs.io assets.publicgood.com
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com tagan.adlightning.com
2 cdnjs.cloudflare.com tagan.adlightning.com
embed.sendtonews.com
2 ml314.com 1 redirects www.telegraphherald.com
2 ps.eyeota.net 2 redirects
2 loadus.exelator.com 2 redirects
2 assets.publicgood.com ads.empowerlocal.co
assets.publicgood.com
2 a.ad.gt tagan.adlightning.com
p.ad.gt
2 gum.criteo.com 1 redirects tagan.adlightning.com
2 oajs.openx.net 1 redirects www.telegraphherald.com
2 id.hadron.ad.gt cdn.hadronid.net
2 cdn.id5-sync.com tagan.adlightning.com
2 cdn.hadronid.net www.telegraphherald.com
2 tags.crwdcntrl.net tagan.adlightning.com
2 secure.cdn.fastclick.net tagan.adlightning.com
www.telegraphherald.com
2 l.sharethis.com 1 redirects www.telegraphherald.com
2 config.aps.amazon-adsystem.com tagan.adlightning.com
c.amazon-adsystem.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 connect.facebook.net www.telegraphherald.com
connect.facebook.net
1 synchroscript.deliveryengine.adswizz.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 dis.criteo.com 1 redirects
1 sync.bfmio.com
1 crb.kargo.com
1 rtb.adstanding.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 www.google.com tagan.adlightning.com
1 sync1.intentiq.com s.amazon-adsystem.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 onetag-sys.com cs-tam.minutemedia-prebid.com
1 ads.stickyadstv.com 1 redirects
1 cm.adform.net 1 redirects
1 rtb.openx.net 1 redirects
1 id.a-mx.com 1 redirects
1 ssum.casalemedia.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 ssc-cms.33across.com 1 redirects
1 csync.loopme.me 1 redirects
1 server.cpmstar.com 1 redirects
1 us2.shb-sync.com ce.lijit.com
1 cs.krushmedia.com 1 redirects
1 um4.eqads.com 1 redirects
1 id.rlcdn.com 1 redirects
1 tg.socdm.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 cs-tam.minutemedia-prebid.com s.amazon-adsystem.com
1 trace.mediago.io 1 redirects
1 90cb115e82623b375d8d3ff0d604a8ec.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 img.revcontent.com www.telegraphherald.com
1 sync.teads.tv tagan.adlightning.com
1 ds.reson8.com cdn.resonate.com
1 r.bidswitch.net 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 cdn.resonate.com embed.sendtonews.com
1 api.rlcdn.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 js-sec.indexww.com tagan.adlightning.com
1 pixels.ad.gt tagan.adlightning.com
1 cms.analytics.yahoo.com 1 redirects
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 advice.pgs.io assets.publicgood.com
1 www.fotomoto.com tagan.adlightning.com
1 google-bidout-d.openx.net tagan.adlightning.com
1 sync.colossusssp.com 1 redirects
1 p.ad.gt a.ad.gt
1 mug.criteo.com www.telegraphherald.com
1 ampcid.google.com www.google-analytics.com
1 s3.amazonaws.com www.telegraphherald.com
1 www.facebook.com www.telegraphherald.com
1 cdn.jsdelivr.net tagan.adlightning.com
1 invstatic101.creativecdn.com tagan.adlightning.com
1 oa.openxcdn.net tagan.adlightning.com
1 static.criteo.net tagan.adlightning.com
1 cdn.prod.uidapi.com tagan.adlightning.com
1 api.secondstreetapp.com tagan.adlightning.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 embedcdn.sendtonews.com www.telegraphherald.com
1 embed.secondstreetapp.com www.telegraphherald.com
1 platform-api.sharethis.com www.telegraphherald.com
0 global.ib-ibi.com Failed cs-tam.minutemedia-prebid.com
466 197
Subject Issuer Validity Valid
telegraphherald.com
GTS CA 1P5		 2023-11-25 -
2024-02-23		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1		 2023-03-13 -
2024-04-12		 a year crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
fotomoto.com
Amazon RSA 2048 M02		 2023-06-08 -
2024-07-06		 a year crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
*.secondstreetapp.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-19 -
2024-07-21		 a year crt.sh
revcontent.com
Amazon RSA 2048 M02		 2023-05-18 -
2024-06-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-15 -
2024-01-13		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
servedbyadbutler.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-20 -
2025-01-18		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cert1-prod.aut.a24365.net
R3		 2024-01-04 -
2024-04-03		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
a.ad.gt
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
publicgood.com
Amazon RSA 2048 M03		 2023-10-13 -
2024-11-09		 a year crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
sendtonews.com
Amazon RSA 2048 M02		 2023-10-22 -
2024-11-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.pgs.io
Amazon RSA 2048 M03		 2023-11-21 -
2024-12-19		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.sendtonews.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.api.pgs.io
Amazon RSA 2048 M03		 2023-12-19 -
2025-01-15		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
rkdms.com
Amazon RSA 2048 M03		 2023-10-04 -
2024-11-01		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh

This page contains 56 frames:

Primary Page: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Frame ID: 5264E14555B2F201A505CFFC0D3AF51D
Requests: 269 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: 8C3E9427BC67A43C505EFE7140A6AD42
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.telegraphherald.com&us_privacy=1YNN
Frame ID: 2290D3AE0CE279B13434988D59151470
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23373&cid=c010&cls=B
Frame ID: 7A0061BE51DDFDBD423CE0783F6BC598
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 16C475578637E079D7BD678D3570418F
Requests: 6 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23373/a/US/t_.js?cid=c010&cls=B
Frame ID: 0161A3D6CB5EB319DD748F0311BAE222
Requests: 7 HTTP requests in this frame

Frame: https://www.fotomoto.com/analytics/toolbar.html
Frame ID: BA06E340705B333EEEB81A5606709556
Requests: 2 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 0C475253F32D32CF7B501F496D8630B1
Requests: 13 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: A4DBF152A5C72C4A78F094EB8B5B650E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6FFF9A3BCE7F103BAC95C8E61D0EAF27
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 9987B9E4DE227F965858795EFEFAB2AA
Requests: 1 HTTP requests in this frame

Frame: https://90cb115e82623b375d8d3ff0d604a8ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6898F354D49267224B48E21E0A0968D2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn
Frame ID: C78E84261BB10C3B6B8E07D34CAB0E2C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: C61E95DAE7B67644A6CABCC98965C8AC
Requests: 6 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 029C525DB5FBD7EDF17D27A838246838
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 8B1635E1D44A9F7D6A902ECD0076245A
Requests: 9 HTTP requests in this frame

Frame: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Frame ID: CCDF86E611B7BF4861060927512D882B
Requests: 24 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 85EEC148D4E3DB36F159E09A92A1842D
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5888498526697502103&gdpr=0&gdpr_consent=
Frame ID: D5350DF009F3152557C05BE7B342EE40
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHQb1-37Ya2QNrpt1fAAAAAAA&expiration=1704600311&is_secure=true
Frame ID: C844525B5B2D61992B0394332C66549E
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: AF3317AA3B6900BB5E81BBA0CB771EBD
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 47C2124FFA85665936F54ED103279081
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: CC2B755CD13ED9295EF69B21238B3ED6
Requests: 20 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: 224FC3C84484EBD2F1EE44FECD4C2EEA
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mS25DaEFSRTJ1TFd2eVlrTU5iZ2RSXzZEdm81LkMubn5B
Frame ID: 6EED8FF17D714D5F4CA61789DBD7CA4E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6275356792805496052&ex=appnexus.com
Frame ID: 406A86F5B987B9C2B8FE34469668231E
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: A79F3F9EF33F65E327BC3EC2A95D55D9
Requests: 7 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=3039340663876897512&gdpr=&gdpr_consent=
Frame ID: F7990C5C943EC1D2711157E87CFB62BC
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9lMjQ3N2ZjMC1mYzM4LTQ5MmQtOTJkYy03Y2U1NjU4ZWJmMDY=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: B16F47B7CC651D650CEAE3A8542B46C9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 8AC5786011A66764C4D80EA1499B2AF0
Requests: 8 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=756a3773-39ba-456b-9c41-5435aa35d5ec
Frame ID: 9C197119F0CE13194A1D9C61DD31C6EA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZZjRd8Co8YEAAIJ0fssAAAAA
Frame ID: 11E0D412724BBE2666387BF141D249A1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=ROPjEdTDvG-gaZ19khcPcdkVq4jP6gqo12IEbvzFvss&pi=gumgum&tc=1
Frame ID: F2E329BEAEA9B7FB718E211C9887AC1C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 918A93BF4E30AB13B93E37C690C67CF7
Requests: 4 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=cdca3095-0577-42e9-9d87-4288e2b0da63&expiration=1712376311
Frame ID: 15AC3221DD29F85DF0F52E8AE0A20ADE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: C00D9DDCD59D6478F6B09813161A3440
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: DEC19888D0674ED48E0DC3BDD4B3BD0E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=348B24C7-EE14-49B3-B3EA-5C947351BE80&redir=true&gdpr=0&gdpr_consent=
Frame ID: 7FD314147C744C9BFB58C3C5A838EBE6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID348B24C7-EE14-49B3-B3EA-5C947351BE80
Frame ID: 8ADBBC757EE46C3037A678A76165604C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F808F96D1DF76905481BE1B308317484
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FA5235827D48A557529454A6DE44291A
Requests: 2 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 16CF14A3165BE083BF5E36224586A576
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 5C03F7F8AD531BA822A52D4B8C3BA7CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=cb3d4284-ac48-11ee-8f2b-b787a7328fd9
Frame ID: 7EB6181C010F4E98A040FAE412DA49C3
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 299B519B28FB578C32A80A456FFA3386
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: B2DE0436EA467CFA37713D1DFF4346E3
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: F9FE440B8A263BDDC0533F32918ED6BD
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: EF3C6939F816341DDDF894E56AC2D879
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 10C52C05D13A7FBFF0A991A90CE2A756
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=348B24C7-EE14-49B3-B3EA-5C947351BE80
Frame ID: 0EBB9B5DE9C797D97DCA8ABA58F85E43
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: A972E256094B7C0132B85EBA63A2A878
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=348B24C7-EE14-49B3-B3EA-5C947351BE80
Frame ID: 42D3CCA04EDFAC30D82E28718B8DBE56
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 48654D9CBA4E206DE8A3AF4E1E0A2EA1
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 55C7F4119D4D6EFD27A4749633685E89
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 643D0832EF5594E3B217380D0FFBFF73
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID348B24C7-EE14-49B3-B3EA-5C947351BE80
Frame ID: DF195CD34ABD48835EB9D71F86EDE6C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

'Crisis throughout the state': Local Medicaid recipients struggle to find dental care | Tri-state News | telegraphherald.comPrintsFine Art PrintsMetalPrintsCanvasFramed PrintsWall PeelsCardseCardDownloadsImage WrapChange crop orientationGreeting CardInvitation CardPostcardSquare CardMini CardPhoto cardShare via EmailFotomoto logoShare on FacebookShare on Twitterfotomoto-arrow-left_1fotomoto-arrow-right_1Accepted Credit Cardscreditard-logosBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

466
Requests

76 %
HTTPS

23 %
IPv6

126
Domains

197
Subdomains

121
IPs

9
Countries

5225 kB
Transfer

14188 kB
Size

256
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://embed.sendtonews.com/player2/embedcode.php?fk=dtKKcuXb&cid=13403 HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.29.3-U/embed.js
Request Chain 87
  • https://l.sharethis.com/pview?event=pview&hostname=www.telegraphherald.com&location=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&product=inline-share-buttons&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&cms=unknown&publisher=5cd2f43a3f59c700126bad43&sop=true&version=st_sop.js&lang=en&description=When%20a%20second%20dentist%20joined%20Valerie%20Peckosh%E2%80%99s%20Dubuque%20pediatric%20dentistry%20practice%20in%20July%2C%20the%20floodgates%20opened.&ua=&ua_mobile=false&ua_full_version_list=&uuid=dbc5d818-27f1-449b-9118-b01b5967557a HTTP 301
  • https://l.sharethis.com/sc?event=pview&hostname=www.telegraphherald.com&location=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&product=inline-share-buttons&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&cms=unknown&publisher=5cd2f43a3f59c700126bad43&sop=true&version=st_sop.js&lang=en&description=When%20a%20second%20dentist%20joined%20Valerie%20Peckosh%E2%80%99s%20Dubuque%20pediatric%20dentistry%20practice%20in%20July%2C%20the%20floodgates%20opened.&ua=&ua_mobile=false&ua_full_version_list=&uuid=dbc5d818-27f1-449b-9118-b01b5967557a&samesite=None
Request Chain 111
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=aps&ver=1.3.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=aps&ver=1.3.0&b=1&g=w%2BuIldmMtjh7YH%2FpDmjyGD%2FA%2FQKrt%2B78WbIDkcb5duQ%3D
Request Chain 129
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&rid=esp&cc=1
Request Chain 140
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=telegraphherald.com&sn=ChromeSyncframe&so=0&topUrl=www.telegraphherald.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=oXgodXxHRUxmYkhINE8xUGYxQWhLMmRZcG8rL2lFd2ZtdHBiOFdrdGlLMlp5VUF5R2toclUvUGlibm1vNE1ab0VIVDFGSU15Qjh5cFcyOGllVkdZM2FLVVdHR1FiT3VjU3ZxblVNKzMwUWt3TDExTjNmRkdtblVucFczYTJPMk1EVFZLNEdMZWpTVEs5OG9sV2FUVHNxRUdRaUdYdmliWHgzMGZwUXJ6WWhta3hZaGNsTGZyQ1lUSi96UURYTmFmSXo3dUJTaVkxQmpLZXZzd1lIMlJ6ai96RmxjY3JTeVRFSnVwR0RoaW5uVkVJclpzVUd4K3NBWkM1Sy9DVnJQWm80TnFySHUwWW9vOEVVZU93QVZHU1puUzNjYm4rUFBvY1YxRkNPS2R0NllxNU9Gdz18&cppv=2
Request Chain 145
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001704513907-TUF07WT0-4LZ0%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&adnxs_id=6275356792805496052&gdpr=0
Request Chain 146
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704513907-TUF07WT0-4LZ0&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704513907-TUF07WT0-4LZ0&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=756a3773-39ba-456b-9c41-5435aa35d5ec&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
Request Chain 147
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704513907-TUF07WT0-4LZ0 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704513907-TUF07WT0-4LZ0 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=348B24C7-EE14-49B3-B3EA-5C947351BE80&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
Request Chain 149
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001704513907-TUF07WT0-4LZ0&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704513907-TUF07WT0-4LZ0%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001704513907-TUF07WT0-4LZ0&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704513907-TUF07WT0-4LZ0%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=35ad9ecb-865b-4122-8512-db436c0940f1%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001704513907-TUF07WT0-4LZ0%252526tapad_id%25253D35ad9ecb-865b-4122-8512-db436c0940f1%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=756a3773-39ba-456b-9c41-5435aa35d5ec&ttd_puid=35ad9ecb-865b-4122-8512-db436c0940f1%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001704513907-TUF07WT0-4LZ0%2526tapad_id%253D35ad9ecb-865b-4122-8512-db436c0940f1%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&tapad_id=35ad9ecb-865b-4122-8512-db436c0940f1
Request Chain 150
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001704513907-TUF07WT0-4LZ0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001704513907-TUF07WT0-4LZ0&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&google_gid=CAESEJSVchjOqRgnwCwXhC8PlV4&google_cver=1&google_ula=450542624,0
Request Chain 151
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001704513907-TUF07WT0-4LZ0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDUxMzkwNy1UVUYwN1dUMC00TFow
Request Chain 152
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001704513907-TUF07WT0-4LZ0%26auid%3DAU1D-0100-001704513907-TUF07WT0-4LZ0 HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=9ff7714f-cb01-44f9-8824-182bfcf3eb84&id=AU1D-0100-001704513907-TUF07WT0-4LZ0&auid=AU1D-0100-001704513907-TUF07WT0-4LZ0
Request Chain 153
  • https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001704513907-TUF07WT0-4LZ0&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001704513907-TUF07WT0-4LZ0 HTTP 302
  • https://ids.ad.gt/api/v1/colossus?cls_id=19c8176a-c99a-43f8-b392-7e8ff4477e20&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
Request Chain 154
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001704513907-TUF07WT0-4LZ0%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001704513907-TUF07WT0-4LZ0%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&impr_uid=d38cfde5-5637-41e3-9daa-5e30cff1fa5d
Request Chain 166
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ee611457-5e27-c0ff-1bd1-8eec83bfef60 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ee611457-5e27-c0ff-1bd1-8eec83bfef60&dcc=t
Request Chain 167
  • https://match.adsrvr.org/track/cmf/openx?oxid=b6b7682a-428d-7b05-dbdf-0c7beb8c2480&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=756a3773-39ba-456b-9c41-5435aa35d5ec&ttd_puid=b6b7682a-428d-7b05-dbdf-0c7beb8c2480&gdpr=0&gdpr_consent=
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECL5Tvl0w_t_Fq8jWysoAPY&google_cver=1
Request Chain 190
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
  • https://sync.sharethis.com/nlsn?uid=08d2b02a64f0acd0b30173278bba27d6
Request Chain 191
  • https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZGKAAGWY0XIAAAAILiBuAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.sharethis.com/int/lotame?uid=97669bd320c42c98f1a40c7ac5db4d1c&gdpr=0&gdpr_consent=
Request Chain 192
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2Dp91ypblk680X86DvE_y8Qrbdb4aBa4PutEVsJVQ_vk&gdpr=0&gdpr_consent=
Request Chain 193
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=
Request Chain 194
  • https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
  • https://sync.sharethis.com/yahoo?uid=y-TVOnYuRE2oMUrnKZm6osdTccIJvL8CBpxXo-~A&gdpr=0
Request Chain 195
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGKAAGWY0XIAAAAILiBuAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3641151808727416859 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MTE1MTgwODcyNzQxNjg1ORAAGg0I9KLjrAYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=0e4504b85bb29b35adb8983b51e159438cff8a05cc74f6d2b83c47d61089b213f4cb09cee1a4f8eb&person_id=3641151808727416859&eid=50082
Request Chain 250
  • https://id5-sync.com/i/914/8.gif?id5id=ID5*WJlgUXdpkFsSL-8HE0kKIKagusxfdhkKd3zVISTiG0p6fNshoHVcY74G5tCcyVSuen0VxehHDxMO5qflxle4Fg&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/914/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/914/2/7/2.gif?puid=6275356792805496052&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=6275356792805496052&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F1246%2F6%2F3.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=6275356792805496052&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F1246%2F6%2F3.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5&dnr=1 HTTP 302
  • https://id5-sync.com/c/914/1246/6/3.gif?puid=H8a1dRZHPQrV2rfKTzKlkjn0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F441%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/914/441/5/4.gif?puid=u_e2477fc0-fc38-492d-92dc-7ce5658ebf06&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAFtzE7LMaMAABbHcpkjgA&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/914/434/3/6.gif?puid=37a04d73-eea2-445a-958b-2cad8d91478a&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F796%2F2%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/914/796/2/7.gif?puid=25b650c7-f2d2-4411-ba54-29a42be8e0f5&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F108%2F1%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/914/108/1/8.gif?puid=35ad9ecb-865b-4122-8512-db436c0940f1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=756a3773-39ba-456b-9c41-5435aa35d5ec&ttl=%%TTL%%
Request Chain 253
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160835&gdpr=0&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160835%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Ftrends.revcontent.com%252Fcm%252Fpixel_sync%253Fexchange_uid%253Deafb16e4278043879dc81042f32043dd_2%2526bidder%253D169%2526bidder_uid%253D%2523PMUID%2526callback%253DdspCMCallback&us_privacy=1YNN&rev_dt=1704513909276 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzQ4QjI0QzctRUUxNC00OUIzLUIzRUEtNUM5NDczNTFCRTgw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEHWrhUtraBvURqdNA3BRXAA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=PM_CONSENT&p=160835&pmc=1&pr=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3Deafb16e4278043879dc81042f32043dd_2%26bidder%3D159%26bidder_uid%3D348B24C7-EE14-49B3-B3EA-5C947351BE80%26callback%3DdspCMCallback&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=eafb16e4278043879dc81042f32043dd_2&bidder=159&bidder_uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&callback=dspCMCallback
Request Chain 254
  • https://x.bidswitch.net/sync?ssp=revcontent&us_privacy=1YNN&rev_dt=1704513909277 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&us_privacy=1YNN&rev_dt=1704513909277 HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=revcontent&bsw_custom_parameter=95f301e9-3dcc-400c-8987-bcc136cff5d7 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=95f301e9-3dcc-400c-8987-bcc136cff5d7&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Drevcontent%26bsw_param%3D95f301e9-3dcc-400c-8987-bcc136cff5d7 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D35ad9ecb-865b-4122-8512-db436c0940f1%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Drevcontent%252526bsw_param%25253D95f301e9-3dcc-400c-8987-bcc136cff5d7%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6275356792805496052&pt=35ad9ecb-865b-4122-8512-db436c0940f1%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Drevcontent%2526bsw_param%253D95f301e9-3dcc-400c-8987-bcc136cff5d7%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=revcontent&bsw_param=95f301e9-3dcc-400c-8987-bcc136cff5d7 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=95f301e9-3dcc-400c-8987-bcc136cff5d7&callback=dspCMCallback
Request Chain 255
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160835&gdpr=0&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160835%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Ftrends.revcontent.com%252Fcm%252Fpixel_sync%253Fexchange_uid%253Deafb16e4278043879dc81042f32043dd_2%2526bidder%253D159%2526bidder_uid%253D%2523PMUID%2526callback%253DdspCMCallback&us_privacy=1YNN&rev_dt=1704513909277 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzQ4QjI0QzctRUUxNC00OUIzLUIzRUEtNUM5NDczNTFCRTgw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEHWrhUtraBvURqdNA3BRXAA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=PM_CONSENT&p=160835&pmc=1&pr=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3Deafb16e4278043879dc81042f32043dd_2%26bidder%3D159%26bidder_uid%3D348B24C7-EE14-49B3-B3EA-5C947351BE80%26callback%3DdspCMCallback&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=eafb16e4278043879dc81042f32043dd_2&bidder=159&bidder_uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&callback=dspCMCallback
Request Chain 256
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=eafb16e4278043879dc81042f32043dd&us_privacy=1YNN&rev_dt=1704513909277 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=eafb16e4278043879dc81042f32043dd&us_privacy=1YNN&rev_dt=1704513909277 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=eafb16e4278043879dc81042f32043dd&bidder=154&bidder_uid=27ffab6f-94b0-42d5-8aaf-a11c789c2338&callback=dspCMCallback
Request Chain 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=95f301e9-3dcc-400c-8987-bcc136cff5d7
Request Chain 303
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=d38cfde5-5637-41e3-9daa-5e30cff1fa5d
Request Chain 304
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAFtzE7LMaMAABbHcpkjgA&ex=beeswax.com
Request Chain 305
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=200B2E0CB8414762BA8761BD47B84685&ex=simpli.fi&status=ok
Request Chain 306
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded2231a6268927omfk00lr1jkn49
Request Chain 308
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 311
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5888498526697502103&gdpr=0&gdpr_consent=
Request Chain 312
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=189dbddfc73b1404&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHQb1-37Ya2QNrpt1fAAAAAAA&expiration=1704600311&is_secure=true
Request Chain 316
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 317
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mS25DaEFSRTJ1TFd2eVlrTU5iZ2RSXzZEdm81LkMubn5B
Request Chain 318
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6275356792805496052&ex=appnexus.com
Request Chain 319
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Request Chain 320
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6275356792805496052
Request Chain 321
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_e2477fc0-fc38-492d-92dc-7ce5658ebf06&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=95f301e9-3dcc-400c-8987-bcc136cff5d7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=326e3936-28b2-4dda-98e0-db998f56f572&ssp=gumgum2&bsw_param=95f301e9-3dcc-400c-8987-bcc136cff5d7 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=95f301e9-3dcc-400c-8987-bcc136cff5d7&gdpr=&gdpr_consent=&us_privacy=
Request Chain 322
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=418acc5a-6a98-4353-bca4-1c9623dc25c6
Request Chain 323
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-e2894fce-c1ed-5d59-67cb-02b220d95487$ip$96.9.246.196
Request Chain 324
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-GvQTkThE2pciFZL1rTfxwhpaa0_BApP2zSp0~A
Request Chain 325
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=159c90d9-9aff-49b9-a802-d9cf630f16a4
Request Chain 327
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_e2477fc0-fc38-492d-92dc-7ce5658ebf06&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=u_e2477fc0-fc38-492d-92dc-7ce5658ebf06&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=3VfD4bsxSztVr9Ck4xFV
Request Chain 328
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=iOoH03D3US82&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 329
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4810022746794177802
Request Chain 331
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=3039340663876897512&gdpr=&gdpr_consent=
Request Chain 334
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=756a3773-39ba-456b-9c41-5435aa35d5ec
Request Chain 335
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZjRd8Co8YEAAIJ0fssAAAAA
Request Chain 336
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=ROPjEdTDvG-gaZ19khcPcdkVq4jP6gqo12IEbvzFvss&pi=gumgum&tc=1
Request Chain 337
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 340
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=e371174c-8fca-4d65-84a6-8c88d2174558 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0e602d286a22a5b7d5c50d32c1fe3c70198ed9e3e87a5cd04fa1798fc2570812791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0e602d286a22a5b7d5c50d32c1fe3c70198ed9e3e87a5cd04fa1798fc2570812791426b5417dce21&rand=06721825 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0e602d286a22a5b7d5c50d32c1fe3c70198ed9e3e87a5cd04fa1798fc2570812791426b5417dce21&rand=06721825&expected_cookie=ffab8fbc-3208-4379-8810-622a5707421c
Request Chain 341
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6275356792805496052
Request Chain 342
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8826346638743762313&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 343
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZZjRdwAMaNY9yABd HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZjRdwAMaNY9yABd&_test=ZZjRdwAMaNY9yABd
Request Chain 345
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZjRdzUh5G.Pa.K62WwKmQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFDe5IcOr279_-DRX0eOn5g&google_cver=1&google_hm=2
Request Chain 346
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZjRdzUh5G.Pa.K62WwKmQAA%26997&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZjRdzUh5G.Pa.K62WwKmQAA%26997&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=897ec219bc3042369a2d6c8e882b010c HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=897ec219-bc30-4236-9a2d-6c8e882b010c HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=e0e70242-e7fb-4d35-80e1-470268c0b506%3A1704513911.5290954&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3De0e70242-e7fb-4d35-80e1-470268c0b506%253A1704513911.5290954%26pid%3D500040%26it%3D1%26iv%3De0e70242-e7fb-4d35-80e1-470268c0b506%253A1704513911.5290954%26_%3D1704513911.5310578&cb=1704513911.5310988 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155610672804&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3De0e70242-e7fb-4d35-80e1-470268c0b506%253A1704513911.5290954%26pid%3D500040%26it%3D1%26iv%3De0e70242-e7fb-4d35-80e1-470268c0b506%253A1704513911.5290954%26_%3D1704513911.5310578 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=e0e70242-e7fb-4d35-80e1-470268c0b506%3A1704513911.5290954&pid=500040&it=1&iv=e0e70242-e7fb-4d35-80e1-470268c0b506%3A1704513911.5290954&_=1704513911.5310578 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704513911.5310578&iv=e0e70242-e7fb-4d35-80e1-470268c0b506:1704513911.5290954
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZjRdzUh5G-Pa-K62WwKmQAAA-UAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMzCSwHfgd80fGeFhjrFk3k&google_cver=1
Request Chain 349
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFtzE7LMaMAABbHcpkjgA&expiration=1705723511
Request Chain 350
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=t0lKuhBW1RlXVR5
Request Chain 353
  • https://um4.eqads.com/um/cs HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=cdca3095-0577-42e9-9d87-4288e2b0da63&expiration=1712376311
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=c2JGZlJsMURNVkJVakxnbnV2RHBlUQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEO5aMkEb5BYuNqFFW66Eof0&google_cver=1
Request Chain 356
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=1b26782669fb146d&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF5TgQu5o8JQNQRq40AAAAAAA&expiration=1704600311&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 359
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://us2.shb-sync.com/aae7bfe1-d93c-4404-adc3-8a36b9f7a821.gif?puid=31dd3e50-6558-503b-90b6-df2a2d4829a3&redir=[RED]&gdpr=0&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Request Chain 360
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=95f301e9-3dcc-400c-8987-bcc136cff5d7 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=95f301e9-3dcc-400c-8987-bcc136cff5d7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a6d47c8d-a05a-47fe-b092-6f6dc52e52ab&user_group=1&ssp=fmx&bsw_param=95f301e9-3dcc-400c-8987-bcc136cff5d7 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=95f301e9-3dcc-400c-8987-bcc136cff5d7&gdpr=&gdpr_consent=&us_privacy=
Request Chain 361
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDhhMWRSWkhQUXJWMnJmS1R6S2xram4w&gdpr=0
Request Chain 362
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=dkU67yRBNOBtRGblc0cu4HIVN-JtFTS2JRW4TiRt
Request Chain 363
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1704513911313 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7256306851 HTTP 302
  • https://sync.1rx.io/usersync/turn/8826346638743762313?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005
Request Chain 365
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YjllZDQyMGItZDM3MC00M2UzLTk5MjgtYjVmYzM0Mjg5MzE2 HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 367
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7cc7f35bff31404&is_secure=true&networkId=17100&version=1&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHHG_NH9QroQNJPL6FAAAAAAA&expiration=1704600311&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 368
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=b9ed420b-d370-43e3-9928-b5fc34289316&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=95f301e9-3dcc-400c-8987-bcc136cff5d7&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dsharethrough%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=sharethrough&user_id=LvvcVAPxcBFbtOxpsgdc0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=95f301e9-3dcc-400c-8987-bcc136cff5d7&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 369
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=4810022746794177802&gdpr=0&gdpr_consent=
Request Chain 370
  • https://csync.loopme.me/?pubid=11555&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21511&id=8f06ada0-1f4a-4926-90d1-3a7551a95bba&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Request Chain 371
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=95f301e9-3dcc-400c-8987-bcc136cff5d7&ssp=minutemedia&gdpr=0&gdpr_consent= HTTP 302
  • https://global.ib-ibi.com/image.sbmx?go=298769&pid=541&xid=10599292096464791424&ssp=minutemedia&gdpr=0&gdpr_consent=
Request Chain 372
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212409987125821
Request Chain 373
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=2fee8a2e-3d1f-4451-a347-158cab8fae65
Request Chain 374
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZZjRdzUh5G.Pa.K62WwKmQAA%26997
Request Chain 375
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=f0aa40034ebb4ae56492bf9b19a6570a
Request Chain 376
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=37a04d73-eea2-445a-958b-2cad8d91478a
Request Chain 377
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=78bc7582-4aff-4291-8237-21782e61496c
Request Chain 378
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=27ffab6f-94b0-42d5-8aaf-a11c789c2338
Request Chain 379
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=iOoH03D3US82&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Request Chain 380
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=1578769649556390020185
Request Chain 381
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&zcc=1&cb=1704513911312 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5046860981 HTTP 302
  • https://sync.1rx.io/usersync/turn/8826346638743762313?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005
Request Chain 382
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=VEhZQll55Zll1DlKhYW9&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 383
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://b1sync.zemanta.com/usersync/disqus?puid=ua-51a3a1c2-1931-3cc9-9e34-baf81c870a7f&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D33%26buyeruid%3D__ZUID__%26r%3DCid1YS01MWEzYTFjMi0xOTMxLTNjYzktOWUzNC1iYWY4MWM4NzBhN2YQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS01MWEzYTFjMi0xOTMxLTNjYzktOWUzNC1iYWY4MWM4NzBhN2YyAiEGOAE= HTTP 302
  • https://ssp.disqus.com/match?bidder=33&buyeruid=3VfD4bsxSztVr9Ck4xFV&r=Cid1YS01MWEzYTFjMi0xOTMxLTNjYzktOWUzNC1iYWY4MWM4NzBhN2YQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS01MWEzYTFjMi0xOTMxLTNjYzktOWUzNC1iYWY4MWM4NzBhN2YyAiEGOAE= HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS01MWEzYTFjMi0xOTMxLTNjYzktOWUzNC1iYWY4MWM4NzBhN2YQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS01MWEzYTFjMi0xOTMxLTNjYzktOWUzNC1iYWY4MWM4NzBhN2YyAiEGOAI=%26buyeruid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F17285%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D8047baa0-cde4-4736-a6fc-1f5761b53376%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAxTVdFellURmpNaTB4T1RNeExUTmpZemt0T1dVek5DMWlZV1k0TVdNNE56QmhOMllRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwMU1XRXpZVEZqTWkweE9UTXhMVE5qWXprdE9XVXpOQzFpWVdZNE1XTTROekJoTjJZeUFpRUdPQUk9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/17285?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=8047baa0-cde4-4736-a6fc-1f5761b53376&bidder=appnexus&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAxTVdFellURmpNaTB4T1RNeExUTmpZemt0T1dVek5DMWlZV1k0TVdNNE56QmhOMllRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwMU1XRXpZVEZqTWkweE9UTXhMVE5qWXprdE9XVXpOQzFpWVdZNE1XTTROekJoTjJZeUFpRUdPQUk9JmJ1eWVydWlkPQ%3D%3D&uid=6275356792805496052 HTTP 302
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F17285%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D8047baa0-cde4-4736-a6fc-1f5761b53376%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAxTVdFellURmpNaTB4T1RNeExUTmpZemt0T1dVek5DMWlZV1k0TVdNNE56QmhOMllRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwMU1XRXpZVEZqTWkweE9UTXhMVE5qWXprdE9XVXpOQzFpWVdZNE1XTTROekJoTjJZeUFpRUdPQUk9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/3/17285?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=8047baa0-cde4-4736-a6fc-1f5761b53376&bidder=sovrn&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAxTVdFellURmpNaTB4T1RNeExUTmpZemt0T1dVek5DMWlZV1k0TVdNNE56QmhOMllRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwMU1XRXpZVEZqTWkweE9UTXhMVE5qWXprdE9XVXpOQzFpWVdZNE1XTTROekJoTjJZeUFpRUdPQUk9JmJ1eWVydWlkPQ==&uid=H8a1dRZHPQrV2rfKTzKlkjn0 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F17285%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D8047baa0-cde4-4736-a6fc-1f5761b53376%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAxTVdFellURmpNaTB4T1RNeExUTmpZemt0T1dVek5DMWlZV1k0TVdNNE56QmhOMllRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwMU1XRXpZVEZqTWkweE9UTXhMVE5qWXprdE9XVXpOQzFpWVdZNE1XTTROekJoTjJZeUFpRUdPQUk9JmJ1eWVydWlkPQ%253D%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/4/17285?us_privacy=1---&gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=8047baa0-cde4-4736-a6fc-1f5761b53376&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAxTVdFellURmpNaTB4T1RNeExUTmpZemt0T1dVek5DMWlZV1k0TVdNNE56QmhOMllRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwMU1XRXpZVEZqTWkweE9UTXhMVE5qWXprdE9XVXpOQzFpWVdZNE1XTTROekJoTjJZeUFpRUdPQUk9JmJ1eWVydWlkPQ%3D%3D&uid=ZZjRdzUh5G.Pa.K62WwKmQAA%26997 HTTP 302
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F17285%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D8047baa0-cde4-4736-a6fc-1f5761b53376%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAxTVdFellURmpNaTB4T1RNeExUTmpZemt0T1dVek5DMWlZV1k0TVdNNE56QmhOMllRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwMU1XRXpZVEZqTWkweE9UTXhMVE5qWXprdE9XVXpOQzFpWVdZNE1XTTROekJoTjJZeUFpRUdPQUk9JmJ1eWVydWlkPQ%253D%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/5/17285?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=8047baa0-cde4-4736-a6fc-1f5761b53376&bidder=amx_com&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAxTVdFellURmpNaTB4T1RNeExUTmpZemt0T1dVek5DMWlZV1k0TVdNNE56QmhOMllRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwMU1XRXpZVEZqTWkweE9UTXhMVE5qWXprdE9XVXpOQzFpWVdZNE1XTTROekJoTjJZeUFpRUdPQUk9JmJ1eWVydWlkPQ%3D%3D&uid=8047baa0-cde4-4736-a6fc-1f5761b53376 HTTP 302
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F17285%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D8047baa0-cde4-4736-a6fc-1f5761b53376%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAxTVdFellURmpNaTB4T1RNeExUTmpZemt0T1dVek5DMWlZV1k0TVdNNE56QmhOMllRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwMU1XRXpZVEZqTWkweE9UTXhMVE5qWXprdE9XVXpOQzFpWVdZNE1XTTROekJoTjJZeUFpRUdPQUk9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/cchain/6/17285?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=8047baa0-cde4-4736-a6fc-1f5761b53376&bidder=openx&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAxTVdFellURmpNaTB4T1RNeExUTmpZemt0T1dVek5DMWlZV1k0TVdNNE56QmhOMllRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwMU1XRXpZVEZqTWkweE9UTXhMVE5qWXprdE9XVXpOQzFpWVdZNE1XTTROekJoTjJZeUFpRUdPQUk9JmJ1eWVydWlkPQ%3D%3D&uid=8f69e7e5-fb12-48ec-b053-cc6e6ad7e60d HTTP 302
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F17285%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D8047baa0-cde4-4736-a6fc-1f5761b53376%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAxTVdFellURmpNaTB4T1RNeExUTmpZemt0T1dVek5DMWlZV1k0TVdNNE56QmhOMllRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwMU1XRXpZVEZqTWkweE9UTXhMVE5qWXprdE9XVXpOQzFpWVdZNE1XTTROekJoTjJZeUFpRUdPQUk9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/7/17285?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=8047baa0-cde4-4736-a6fc-1f5761b53376&bidder=adform&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAxTVdFellURmpNaTB4T1RNeExUTmpZemt0T1dVek5DMWlZV1k0TVdNNE56QmhOMllRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwMU1XRXpZVEZqTWkweE9UTXhMVE5qWXprdE9XVXpOQzFpWVdZNE1XTTROekJoTjJZeUFpRUdPQUk9JmJ1eWVydWlkPQ%3D%3D&uid=3039340663876897512 HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS01MWEzYTFjMi0xOTMxLTNjYzktOWUzNC1iYWY4MWM4NzBhN2YQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS01MWEzYTFjMi0xOTMxLTNjYzktOWUzNC1iYWY4MWM4NzBhN2YyAiEGOAI=&buyeruid=8047baa0-cde4-4736-a6fc-1f5761b53376 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-51a3a1c2-1931-3cc9-9e34-baf81c870a7f
Request Chain 384
  • https://ads.stickyadstv.com/user-matching?id=3686&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21517&id=d1318d810f1f85ba93697617a26cc52&gdpr_consent=&gdpr=0
Request Chain 385
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=b9ed420b-d370-43e3-9928-b5fc34289316&gdpr=0
Request Chain 386
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=e058962e0a5146d&is_secure=true&networkId=17100&version=1&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHQb1-37Ya4gN8xc6nAAAAAAA&expiration=1704600311&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_10ED87404_A5FCC5B3&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 387
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__ HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=3VfD4bsxSztVr9Ck4xFV
Request Chain 388
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=6275356792805496052
Request Chain 389
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=H8a1dRZHPQrV2rfKTzKlkjn0
Request Chain 390
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1&rts=-928482247952724185 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=44ae8766-9d2d-5306-8099-fc5ae5012d2d
Request Chain 392
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NIskx-4USbOz6lyUc1G-gA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 397
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=348B24C7-EE14-49B3-B3EA-5C947351BE80 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=35ad9ecb-865b-4122-8512-db436c0940f1&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D35ad9ecb-865b-4122-8512-db436c0940f1%252C%252C HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=35ad9ecb-865b-4122-8512-db436c0940f1&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D35ad9ecb-865b-4122-8512-db436c0940f1%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=46953725378786933631167846734667393259&pt=35ad9ecb-865b-4122-8512-db436c0940f1%2C%2C
Request Chain 399
  • https://eb2.3lift.com/xuid?mid=7976&xuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 400
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:200B2E0CB8414762BA8761BD47B84685 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Request Chain 401
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=348B24C7-EE14-49B3-B3EA-5C947351BE80
Request Chain 403
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LcGsmBJE2uUxWtNbpUaZxssDup1ciQ8-~A&gdpr=0
Request Chain 404
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=25b650c7-f2d2-4411-ba54-29a42be8e0f5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=348B24C7-EE14-49B3-B3EA-5C947351BE80
Request Chain 407
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1YNN&khaos=LR1JKKMD-1X-4SS HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR1JKKMD-1X-4SS&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
Request Chain 409
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1YNN&khaos=LR1JKKMD-1X-4SS HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LR1JKKMD-1X-4SS&us_privacy=1YNN
Request Chain 412
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rvODd7PdRHuS21xzisbjxQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rvODd7PdRHuS21xzisbjxQ
Request Chain 413
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1YNN HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR1JKKMD-1X-4SS&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
Request Chain 414
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjE5M2U1YmU0Y2U4YjcxYjA0Y2NiNDUwOGVkMjQ0YmZlNjFmZjEyMw&us_privacy=1YNN
Request Chain 415
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFIxSktLTUQtMVgtNFNT&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI-bezIjD3s9cxPDYo0b1cM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFIxSktLTUQtMVgtNFNT&google_push=
Request Chain 416
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNN HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/KcQlkUI1irWf1KI9vRiFJw?csrc=&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WJ.FUqdE2oLiGmC8O_Qq8VAk_F8J.Ph18xojTQ--~A
Request Chain 417
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1YNN HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR1JKKMD-1X-4SS&us_privacy=1YNN
Request Chain 418
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=&expires=30
Request Chain 419
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELsdqxs3CywlVzEyPP9NQsU&google_cver=1
Request Chain 420
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1YNN HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFtzE7LMaMAABbHcpkjgA&expires=30
Request Chain 421
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=25b650c7-f2d2-4411-ba54-29a42be8e0f5&expires=30&us_privacy=1YNN
Request Chain 422
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1YNN HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LR1JKKMD-1X-4SS&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNN HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LR1JKKMD-1X-4SS&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNN&final=true
Request Chain 423
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&us_privacy=1YNN HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LR1JKKMD-1X-4SS&us_privacy=1YNN
Request Chain 424
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1YNN HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR1JKKMD-1X-4SS&us_privacy=1YNN
Request Chain 425
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1YNN HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LR1JKKMD-1X-4SS&us_privacy=1YNN
Request Chain 426
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1YNN HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LR1JKKMD-1X-4SS&us_privacy=1YNN HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR1JKKMD-1X-4SS HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR1JKKMD-1X-4SS&ckls=true&ci=c6b05UMwiz&nc=false&trid=609699267
Request Chain 428
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&us_privacy=1YNN&khaos=LR1JKKMD-1X-4SS HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LR1JKKMD-1X-4SS&us_privacy=1YNN
Request Chain 443
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGdHpFN0xNYU1BQUJiSGNwa2pnQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFtzE7LMaMAABbHcpkjgA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4810022746794177802&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAFtzE7LMaMAABbHcpkjgA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4810022746794177802%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4810022746794177802&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFtzE7LMaMAABbHcpkjgA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4810022746794177802%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4810022746794177802&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAFtzE7LMaMAABbHcpkjgA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFtzE7LMaMAABbHcpkjgA&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 444
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_fab86b7dab964e369f481 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2bffa213-22ee-467c-b66a-0397c7196786&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 445
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=cb3d4284-ac48-11ee-8f2b-b787a7328fd9
Request Chain 446
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6275356792805496052&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:48df0004-5357-4d05-becb-15f44f279d60&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 448
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4Tyrp7M4paj6Pfet5D6_qOVspqr6bKX-smw7PZcL HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:35745b27-0367-47e4-8e8d-a0cc77fdd8c4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 449
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=pubmatic&bidswitch_custom_parameter=95f301e9-3dcc-400c-8987-bcc136cff5d7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=5fd74a47ad1d3d10d89006154d048d0f&expires=30&ssp=pubmatic&bsw_param=95f301e9-3dcc-400c-8987-bcc136cff5d7 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=95f301e9-3dcc-400c-8987-bcc136cff5d7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 450
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:t0lKuhBW1RlXVR5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:021635af-0068-4456-855d-423e26b673be&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 452
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=348B24C7-EE14-49B3-B3EA-5C947351BE80&vxii_pid=12&vxii_pid1=10067&vxii_rcid=7f3fe104-c97d-47d3-840f-7d8e2b9e407f
Request Chain 456
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=114d99f0-9108-41f4-9e61-4cbfc9f230d0-6598d17a-5553&gdpr=0&gdpr_consent=
Request Chain 457
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8826346638743762313&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 459
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4olPzsHtXVlnywKyINlUh2AJ9sQ&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 460
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=326e3936-28b2-4dda-98e0-db998f56f572&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=348B24C7-EE14-49B3-B3EA-5C947351BE80
Request Chain 461
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377155610672804 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 462
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 463
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 466
  • https://idsync.rlcdn.com/712188.gif?partner_uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e371174c-8fca-4d65-84a6-8c88d2174558
Request Chain 469
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3039340663876897512 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

466 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
www.telegraphherald.com/news/tri-state/ 		614 KB
147 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
d64ea5e6641af452874ed7b43dd988e1e3d0ebb113e6f4dde1598f2c1b506705
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
917
cache-control
public, max-age=10
content-encoding
gzip
content-length
148207
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 03:49:48 GMT
etag
W/84e8bdff7688710a476ebb9938ae15d9
last-modified
Fri, 05 Jan 2024 21:48:36 GMT
link
<https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://cdn.cookielaw.org/scripttemplates/otSDKStub.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.72.4; app1; 0.3s; 5.7M
x-tncms-bot-tier
1
x-ua-compatible
IE=edge
x-vcache
HIT
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 04:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FWT01iLvZ++xUAz3aesSug==
age
71001
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:06:28 GMT
server
cloudflare
etag
0x8DC0D69051ECA4A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cdf020d4-701e-0068-5a84-3f5f13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
841114a5ad424bd2-BUF
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3085992
cross-origin-resource-policy
cross-origin
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e609f2-1882c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5febd36a2-YYZ
expires
Sat, 30 Nov 2024 07:07:26 GMT
user.js
www.telegraphherald.com/shared-content/art/tncms/user/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegraphherald.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:01:54 GMT
content-encoding
gzip
last-modified
Thu, 04 Jan 2024 18:51:17 GMT
x-vcache
HIT
age
191
etag
W/"6596fe25-c46"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1437
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1248809
cross-origin-resource-policy
cross-origin
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5feb536a2-YYZ
expires
Sat, 30 Nov 2024 11:45:06 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3182710
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:39 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da3-841f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5feb736a2-YYZ
expires
Fri, 08 Nov 2024 06:09:51 GMT
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
28504
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284d-2d77"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5feb636a2-YYZ
expires
Sat, 30 Nov 2024 07:17:26 GMT
application.3c64d611e594b45dd35b935162e79d85.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
28504
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:13 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a921-1102"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5febe36a2-YYZ
expires
Thu, 28 Nov 2024 07:05:04 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3333085
cross-origin-resource-policy
cross-origin
last-modified
Fri, 13 Oct 2023 13:11:31 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65294203-9b8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5ee9c36a2-YYZ
expires
Wed, 30 Oct 2024 08:41:49 GMT
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1318685
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:04 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284c-1ac2e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5ee9a36a2-YYZ
expires
Fri, 29 Nov 2024 00:08:10 GMT
layout.9509b461cedc7767649ee83a5b35c177.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		154 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd2c680964b28dc283f3518e21720cd2f886e7bdb8d2f5b47809ef836c337d52
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3085992
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:16 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a924-26683"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5ee9536a2-YYZ
expires
Wed, 27 Nov 2024 20:01:20 GMT
theme-basic.a7351649a9c39f0af7c6d288a87ef140.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.a7351649a9c39f0af7c6d288a87ef140.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20cb7e97cdd2bd5b3175038e3c8730a3d639c7b951f803d1cd215e662eea50f8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
28504
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:09 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65662851-a317"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5ee9636a2-YYZ
expires
Fri, 29 Nov 2024 08:27:25 GMT
tnt.access.offers.f146ff1379aa6e1c8836b27c60c574bb.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/tnt.access.offers.f146ff1379aa6e1c8836b27c60c574bb.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b73c21de842ec4bbd1b8f2766c4b6d664e246de974333bcac518b1d5e7240339
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1334835
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:56 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf4-5369"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5ee9836a2-YYZ
expires
Wed, 27 Nov 2024 09:02:36 GMT
datepicker3.9f2593097fc3849b80bb9d187a12b345.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 		31 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/datepicker3.9f2593097fc3849b80bb9d187a12b345.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71850ae0bf8353e8cfad7f285270c0b527a3499a815b13f79665d7952d920678
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
915300
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:56 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf4-7b17"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5de9036a2-YYZ
expires
Wed, 27 Nov 2024 09:02:36 GMT
flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		928 B
487 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a69ce83f86f2e80772d4e867c6d46d9aac905c7554a9300222eefa80e34c24bf
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3183365
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:55 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf3-3a0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5de9136a2-YYZ
expires
Wed, 27 Nov 2024 06:42:06 GMT
flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		1 KB
774 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b0256741fe94eceb488a73ce12f09f7e7ed179ecefbaeae216bf56e6a6511af
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3265770
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:55 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf3-4a3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5ee9336a2-YYZ
expires
Wed, 27 Nov 2024 07:25:24 GMT
access.d7adebba498598b0ec2c.js
www.telegraphherald.com/shared-content/art/tncms/api/ 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegraphherald.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

Referer
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:00:38 GMT
content-encoding
gzip
last-modified
Wed, 06 Dec 2023 17:55:11 GMT
x-vcache
HIT
age
266
etag
W/"6570b57f-1164b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
29242
service-worker-allowed
/
bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c756dd78f3fe8604ffdb519ffce264517c5e4b02ced287d9279be254d872ae8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3349765
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf1-6976"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5febc36a2-YYZ
expires
Sat, 09 Nov 2024 10:38:14 GMT
jquery.mask.84bef41f682a27dac3fd6e812c06365d.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.mask.84bef41f682a27dac3fd6e812c06365d.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd4ad2e7d257986d3a0c3877268db59347197d1c90fa6a3af56542c6ec61f38a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3262984
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf1-c0d"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5febb36a2-YYZ
expires
Wed, 27 Nov 2024 13:40:40 GMT
tnt.access.log.dee85050c2180b99486e8fc7305c44d7.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.dee85050c2180b99486e8fc7305c44d7.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c92caa165f3ed1505fd12b3f52ee2b05c08c99e93d7a967bc3d922b9b54897
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
142723
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284d-288c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5feba36a2-YYZ
expires
Sat, 30 Nov 2024 12:23:00 GMT
tnt.access.status.828de94349981272665c0fb0107f3e49.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		928 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.status.828de94349981272665c0fb0107f3e49.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16a1f54128050a2c4334fe3155151163bc9165334fb0c5f97af87c405a982a8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3085992
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-3a0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5feb936a2-YYZ
expires
Wed, 27 Nov 2024 09:12:13 GMT
user-controls.578df3df79d812af55ab13bae47f9857.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		533 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3262985
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-215"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbe436a2-YYZ
expires
Tue, 19 Nov 2024 23:51:36 GMT
sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		1 KB
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f04e44a6efb67304eaccf40f84d4991481660f4124eb9d5f5e115ea54fcfce4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
28505
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf1-5d4"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbe636a2-YYZ
expires
Tue, 12 Nov 2024 14:58:04 GMT
tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7136c66ee0037c19d886ae33c804a00e61ea5f4a8850cff98c88c54e4263fa51
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3177503
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-6d1"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbe836a2-YYZ
expires
Wed, 27 Nov 2024 10:08:56 GMT
op.js
tagan.adlightning.com/townnews/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/townnews/op.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-106.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89a2c18a9c0051a71dd486033b913d41a16aca4d404cd156c5af17918ec1da78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:34:17 GMT
content-encoding
gzip
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-version-id
Bbsgup8_07tNR97XF0qtH6KYWJMDP1os
x-amz-cf-pop
EWR53-C3
age
1849
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
19234
x-amz-meta-git_commit
e09f10f
last-modified
Sat, 06 Jan 2024 03:32:00 GMT
server
AmazonS3
etag
"d9d7ebefde42a9ce47a91369a01dea43"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
UvZKoKoQcWsRbZkKzN-zpYzDzmY4eBt5Hz2oEu1bGQQ4WacyRD7Kdg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbbab7d0fd6218e4604d656040aa6c3ca65da1a18bd1c340f4ca808c394146c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29341
x-xss-protection
0
server
cafe
etag
825 / 19728 / m202401020101 / config-hash: 2026918608723226553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 04:05:06 GMT
fb1ed006ae07fb6a6a1b19eaa310a86a622141f1.js
widget.fotomoto.com/stores/script/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.fotomoto.com/stores/script/fb1ed006ae07fb6a6a1b19eaa310a86a622141f1.js?api=true
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.111.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-111-65.compute-1.amazonaws.com
Software
nginx/1.0.10 + Phusion Passenger 3.0.11 (mod_rails/mod_rack) / Phusion Passenger (mod_rails/mod_rack) 3.0.11
Resource Hash
375815b98f2ff61d408f4b92475b7ae40940b4555adfcfa3414d17771542b19f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.107484
date
Sat, 06 Jan 2024 04:05:06 GMT
server
nginx/1.0.10 + Phusion Passenger 3.0.11 (mod_rails/mod_rack)
x-powered-by
Phusion Passenger (mod_rails/mod_rack) 3.0.11
etag
"e79d062dc6d469a88ccfe5ab43d55cb4"
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=0, private, must-revalidate
x-rack-cache
miss
x-request-id
711c25809a41d1d9ca3b0fc4c05ee542
tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3895ebeedf32ed25a1fb2328a2a9d936e2ab4721a487f26598d9b627bd81071c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
922324
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:16 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a924-1140"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbea36a2-YYZ
expires
Thu, 28 Nov 2024 07:05:05 GMT
tnt.followed.notifications.5c3f8754f8cc2a7e270984c98de1d1c9.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/tnt.followed.notifications.5c3f8754f8cc2a7e270984c98de1d1c9.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23db6143ec1303cb65608357c6a00e3ca02e89522b016e35e19f5e88096f9431
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3035
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:06 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284e-d40"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbed36a2-YYZ
expires
Fri, 29 Nov 2024 10:44:15 GMT
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		207 B
282 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1408208
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:40 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da4-cf"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a5feb836a2-YYZ
expires
Thu, 07 Nov 2024 09:50:08 GMT
tracking.js
www.telegraphherald.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegraphherald.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:02:02 GMT
content-encoding
gzip
last-modified
Thu, 04 Jan 2024 18:51:17 GMT
x-vcache
HIT
age
183
etag
W/"6596fe25-a3a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1157
service-worker-allowed
/
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
70865
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c19e7251-301e-0069-5d8f-1300cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
841114a8bf5f4bd2-BUF
fontawesome.568f3d1ab17b33ce05854081baadadac.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		268 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3085992
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:14 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a922-43130"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbee36a2-YYZ
expires
Thu, 28 Nov 2024 07:10:25 GMT
sharethis.js
platform-api.sharethis.com/js/ 		205 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-70.iad55.r.cloudfront.net
Software
/
Resource Hash
e1e04b876d769e39d9b54e88e20e60a1258ec858473a8f216c76ce19daba9ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:55:08 GMT
content-encoding
gzip
via
1.1 4ae0902ea4e10dc74700d1753a74440a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
IAD55-P3
age
598
etag
W/"332a8-To97sGKRp5b4v/9hI/vRCFXWuNg"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
mEXqZEvF89PV3gnR8CttvnY4SSm324n3jldlxv9HKR-RY8-F0_se1w==
tracker.js
www.telegraphherald.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegraphherald.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:00:38 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 14:44:35 GMT
x-vcache
HIT
age
266
etag
W/"64b94853-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
3224
service-worker-allowed
/
f4444c72-43dc-11eb-b69b-e72b84364643.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/f4444c72-43dc-11eb-b69b-e72b84364643.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
870028f088733265a28509511a09579ac83710b15ab1141ac8a58fe625cb2eb8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
223228
cf-polished
qual=85, origFmt=jpeg, origSize=37309
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="f4444c72-43dc-11eb-b69b-e72b84364643.webp"
content-length
17692
cf-bgj
imgq:85,h2pri
last-modified
Mon, 21 Dec 2020 22:36:23 GMT
server
cloudflare
x-vcache
MISS
etag
"5fe12367-91bd"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
841114a5fec136a2-YYZ
expires
Fri, 29 Nov 2024 09:16:42 GMT
9139213c-5b44-11eb-9746-8b8866e9f2ff.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/9139213c-5b44-11eb-9746-8b8866e9f2ff.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b69de612111c26b096a1f30502688185e5bd0fcb1681c9fd7a9a1b89fa9d82e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
473808
cf-polished
qual=85, origFmt=jpeg, origSize=4605
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="9139213c-5b44-11eb-9746-8b8866e9f2ff.webp"
content-length
3756
cf-bgj
imgq:85,h2pri
last-modified
Wed, 20 Jan 2021 17:26:01 GMT
server
cloudflare
x-vcache
MISS
etag
"600867a9-11fd"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
841114a5fec236a2-YYZ
expires
Wed, 20 Nov 2024 19:31:24 GMT
84062fc8-a3fe-11ed-9545-938ccd782e2c.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/84062fc8-a3fe-11ed-9545-938ccd782e2c.jpg?resize=750%2C63
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098febc0d0ea7ff5edd7991f8ea8db5997c8f2ca32bbeb0ab2da5b28f0c96c35
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=10687
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="84062fc8-a3fe-11ed-9545-938ccd782e2c.webp"
content-length
8512
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Feb 2023 20:08:25 GMT
server
cloudflare
x-vcache
MISS
etag
"a076aaa44296e3449d9be9ce9c5169e2"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
841114a64f3036a2-YYZ
expires
Sat, 30 Nov 2024 08:12:10 GMT
65972107f3884.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/a/ac/aace2101-15e8-580d-a470-9b5a7daf1027/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/a/ac/aace2101-15e8-580d-a470-9b5a7daf1027/65972107f3884.image.jpg?resize=990%2C689
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62457e1ee40d37c75fdc8ab9c48b4c713e240979e8759a0e77afc2838903a1ee
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:05 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=86617, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Thu, 04 Jan 2024 21:20:21 GMT
server
cloudflare
x-vcache
MISS
etag
"3b1224894a38b90d1c58c9021d501e83"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a64f3236a2-YYZ
expires
Sat, 04 Jan 2025 07:01:07 GMT
60f1e118a9d82.image.png
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/e/cf/ecfff66c-e66d-11eb-95f9-4b43aeaae19e/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/e/cf/ecfff66c-e66d-11eb-95f9-4b43aeaae19e/60f1e118a9d82.image.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d950bcf10ea02125f7e203a9d96b3589a74558d66b33171845e4fa3d0a18d25
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
223229
cf-polished
origFmt=png, origSize=12536
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="60f1e118a9d82.webp"
content-length
6884
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Jul 2021 19:42:16 GMT
server
cloudflare
x-vcache
MISS
etag
"60f1e118-30f8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
841114a8bb9a36a2-YYZ
expires
Thu, 26 Dec 2024 07:47:15 GMT
optin.js
embed.secondstreetapp.com/Scripts/dist/ 		178 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.secondstreetapp.com/Scripts/dist/optin.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2b851fd4d6806c84a2ce7213dc068c38731ea9e2f5839ab032ed2be0eecfece9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 03 Jan 2024 14:09:38 GMT
Server
Microsoft-IIS/10.0
ETag
"0bd9e7c4e3eda1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
105
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
52814
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.29.3-U/
Redirect Chain
  • https://embed.sendtonews.com/player2/embedcode.php?fk=dtKKcuXb&cid=13403
  • https://embedcdn.sendtonews.com/easy-stn-player/7.29.3-U/embed.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.29.3-U/embed.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e59c70b8f27c2134f509e56e3a1ff96677c183a550bb8f6978c375952b9c1b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
xqdo0_9_jJJy3IfRoxvG5tem66bP0u7U
content-encoding
br
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
date
Sat, 06 Jan 2024 04:04:44 GMT
last-modified
Thu, 21 Dec 2023 20:29:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
23
etag
W/"619ab188798a2cb9e73963d2ee5ded22"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
-Wz1AUvsip4UNZHcaYlPlhiV0ftqTrxHLVdfTAuS4uQmBtCLPa_n4w==

Redirect headers

date
Sat, 06 Jan 2024 04:05:06 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.29.3-U/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
K_W0T9I-ajrB-qXmoVS70moWjvsPNSobAI4ecaUP7De13UIN1NF1fA==
64528a8d95831.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/d/e0/de0a808a-e9ce-11ed-8900-4be12711b57b/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/media/d/e0/de0a808a-e9ce-11ed-8900-4be12711b57b/64528a8d95831.image.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa05997ea2c6a549852ad57323ba29ddf9cc361a636871be8fe52617d1b2cd7c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
473809
cf-polished
qual=85, origFmt=jpeg, origSize=29480
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="64528a8d95831.webp"
content-length
17840
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 16:23:41 GMT
server
cloudflare
x-vcache
MISS
etag
"64528a8d-7328"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
841114a8dbf036a2-YYZ
expires
Sat, 30 Nov 2024 06:35:21 GMT
delivery.js
assets.revcontent.com/master/ 		162 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30e942decdbf47bf968e350c0cb9b3c53a7bd993f7fb6c72c3a026433a51cd6d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:14:21 GMT
content-encoding
br
via
1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 18:14:16 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
39046
x-amz-server-side-encryption
AES256
etag
W/"139e813e920abb2c744fef954882f626"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Xg5_ZHrFMM3i7QPk8KQxGD6YNyYugyJp6mUvyQcTORy8Ps3K4-ks7A==
2765012a-43ae-11eb-b69b-9b615e72b007.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/2765012a-43ae-11eb-b69b-9b615e72b007.jpg?resize=540%2C187
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb252a7b0f03225554f0781925db4039148977f4731567d3d161a7b2f8bac64
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=14995
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="2765012a-43ae-11eb-b69b-9b615e72b007.webp"
content-length
10340
cf-bgj
imgq:85,h2pri
last-modified
Mon, 21 Dec 2020 17:01:22 GMT
server
cloudflare
x-vcache
MISS
etag
"5ba692d20d23ce7a861173f51ffd3891"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
841114a8dbf136a2-YYZ
expires
Wed, 27 Nov 2024 05:49:07 GMT
tnt.access.3.1.7327b85a7127779778cc72940846a623.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.3.1.7327b85a7127779778cc72940846a623.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
971fa0f0cc4b635db2c872b97545a403a51db7b36f71a81cc58c6fae8d215b53
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1921663
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:13 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a921-1fd6"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8bb9b36a2-YYZ
expires
Thu, 28 Nov 2024 08:10:15 GMT
tnt.access.granted.3.1.fc65cad9e66250cf8998ec9ff3cfa9eb.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		2 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.granted.3.1.fc65cad9e66250cf8998ec9ff3cfa9eb.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d554bbf9b61e074fec1c764cbabc959881519d1baf824e86b6b93ab443621f0d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3267802
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-833"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8bb9d36a2-YYZ
expires
Wed, 27 Nov 2024 08:54:30 GMT
tnt.access.user.modal.b3515e2efc7544f596cd77d421e1655f.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		3 KB
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.b3515e2efc7544f596cd77d421e1655f.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b398ca5776a86c9873f15b54b0e4f51a30b844915c2286630072d2410f4ced00
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1327990
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:38 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da2-a12"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8bb9e36a2-YYZ
expires
Fri, 01 Nov 2024 12:02:04 GMT
tnt.access.user.modal.wall.b43d05f1a6436c3a27d60171e8f5a17a.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.user.modal.wall.b43d05f1a6436c3a27d60171e8f5a17a.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517a035eaf8312fe6f07fc82f413d219f29ca7b86cc51685d6aa5e92e7668823
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1901824
cross-origin-resource-policy
cross-origin
last-modified
Mon, 11 Dec 2023 16:13:18 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6577351e-6e3f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8bba036a2-YYZ
expires
Tue, 10 Dec 2024 20:01:31 GMT
tnt.access.denied.5.0.6ef8fe9a5d2994de98e0252dfb608e0e.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.denied.5.0.6ef8fe9a5d2994de98e0252dfb608e0e.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4412c70ec3e9a934ee15025f48bc9e567038a6d712619e2fdd7232d9fa6cea1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
142724
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-15e8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8bba236a2-YYZ
expires
Wed, 27 Nov 2024 10:08:52 GMT
jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a481ca181e9d6f64e4b75c4b87779e08aa375d45e1ea2ad9c21a7d8e38f361b2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
142724
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:06 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284e-51c7"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8bba336a2-YYZ
expires
Sat, 30 Nov 2024 10:07:01 GMT
additional-methods.54cac72c4ecc4fe6191818374fa8d218.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/additional-methods.54cac72c4ecc4fe6191818374fa8d218.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c1d2122bde8e57c6a0d64d3ae5ab9311b92a90d939505522ea8017a0332afed
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3078608
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:06 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284e-3ab0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8bba436a2-YYZ
expires
Fri, 29 Nov 2024 06:55:28 GMT
jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f8981a9d73ba11b77e370fb35ce0a54cb48ce5bcfdb66da69265151738350e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3172990
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:06 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284e-104f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8bba636a2-YYZ
expires
Fri, 29 Nov 2024 10:16:50 GMT
tnt.access.log.gtm.01f639ff9629a913e91d54435d6a8e8f.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		4 KB
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.gtm.01f639ff9629a913e91d54435d6a8e8f.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296847ecafe4dc26468d57dce8aedaa59b3a5a7a8210b84ddae721948e847f18
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
2186085
cross-origin-resource-policy
cross-origin
last-modified
Mon, 11 Dec 2023 16:13:18 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6577351e-f44"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8bba736a2-YYZ
expires
Tue, 10 Dec 2024 20:01:31 GMT
tnt.access.log.legacy.8de26295ce9ca025da0008f10ecacd2d.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		4 KB
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.legacy.8de26295ce9ca025da0008f10ecacd2d.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfb4a2c4f974120f57a48cc57f7937f8045abe2bfb1f78b6683dab126091464
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
86865
cross-origin-resource-policy
cross-origin
last-modified
Fri, 13 Oct 2023 13:11:32 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65294204-f6a"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8bba836a2-YYZ
expires
Wed, 30 Oct 2024 10:06:51 GMT
tnt.access.output.subscription.245e49413d8c36773b4034b7970cc61e.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.output.subscription.245e49413d8c36773b4034b7970cc61e.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef545107e05d08ac455ec0a3b36290ef3d3a5e7b49d2ed8f5f1499398b58fc43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
5776960
cross-origin-resource-policy
cross-origin
last-modified
Wed, 24 May 2023 17:14:29 GMT
x-vcache
MISS
server
cloudflare
etag
W/"646e45f5-9bc"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbd336a2-YYZ
expires
Thu, 23 May 2024 18:01:33 GMT
tnt.access.output.laterpay.7a6e72d83c11470ac72ce2b2f5d9fdbd.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.output.laterpay.7a6e72d83c11470ac72ce2b2f5d9fdbd.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17218c20074448ea8a33e56872f3a8baac7922f08f9f10c3c4d687748783f309
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
639122
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:13 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a921-9d7"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbd536a2-YYZ
expires
Thu, 28 Nov 2024 11:37:42 GMT
tnt.access.output.customjs.1480f2a51e2939dd767e130e3406e489.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 		2 KB
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.output.customjs.1480f2a51e2939dd767e130e3406e489.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
038751aa88bb026a85fd621a7c71ebba77ea7cfd9baede2dc2398dbd72430038
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3335693
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-642"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbd736a2-YYZ
expires
Sat, 09 Nov 2024 06:12:18 GMT
asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		942 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
007dbd112f2196eb29626c03f5073581e659fd241bc768de5a3fe694e9bdda88
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
84411
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:38 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da2-3ae"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbd936a2-YYZ
expires
Fri, 08 Nov 2024 06:34:36 GMT
tnt.ads.core.70d412172f30735865838caa3d6f42a0.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.70d412172f30735865838caa3d6f42a0.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a23c44de48fb21cbcd562cdf009d5d3049c6e064dea597c2e00f4539487909d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3085992
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65662850-35a7"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbda36a2-YYZ
expires
Thu, 28 Nov 2024 23:47:47 GMT
withinviewport.1f94ee79a22e6ee8e9c0bb61dec9999b.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/withinviewport.1f94ee79a22e6ee8e9c0bb61dec9999b.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e812de1cc1532c1ea126c92d765596050775f2b55aafe6123be3b5e6662e1cb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
494310
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf1-9b9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbdc36a2-YYZ
expires
Wed, 27 Nov 2024 10:08:54 GMT
jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		1 KB
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af63a4bcb7067346b51f003dffd3bcb595a4a71944e94d7d3fbd502e954324a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1260275
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf1-598"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbdd36a2-YYZ
expires
Wed, 27 Nov 2024 11:31:15 GMT
jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		978 B
545 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3abc1a9cc78e57fdddbdf16ba1cab73e97cbce4cd6af76da6a847c3626f505c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
919382
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:06 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284e-3d2"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbe036a2-YYZ
expires
Sat, 30 Nov 2024 10:57:33 GMT
sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3336410
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf1-1010"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbe236a2-YYZ
expires
Sat, 09 Nov 2024 19:16:48 GMT
tnt.regions.b44801b45845a81b995eeaad12f4f276.js
bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.b44801b45845a81b995eeaad12f4f276.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3085992
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284d-1021"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a8dbe336a2-YYZ
expires
Fri, 29 Nov 2024 12:46:58 GMT
gtm.js
www.googletagmanager.com/ 		234 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b09a549527767efb3c3ac41ff655b357526653a1c1486afbe7f799b2df79a1dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80371
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jan 2024 04:05:06 GMT
62f59fd0-d7e3-438f-9ad5-b01d90539a49.json
cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/62f59fd0-d7e3-438f-9ad5-b01d90539a49.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c01b4ea39d41a159cae309e742b5cd4dcbfb24d99456a6ab3822f426120f765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 04:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8149
content-md5
rOfib6L6hvufFQlsTgH36Q==
content-length
1707
x-ms-lease-status
unlocked
last-modified
Mon, 26 Sep 2022 04:01:06 GMT
server
cloudflare
etag
0x8DA9F73BCE27AFD
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
55a5b5b1-201e-0028-29a9-21582b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
841114a6cca16aed-BUF
expires
Sun, 07 Jan 2024 04:05:05 GMT
b-e09f10f-34756dc3.js
tagan.adlightning.com/townnews/ 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/townnews/b-e09f10f-34756dc3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-106.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:11:12 GMT
content-encoding
gzip
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-version-id
vEY6ZTr.gIsAUy2PGYS68L8RDGLk4qly
x-amz-cf-pop
EWR53-C3
age
1882435
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30930
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:26:34 GMT
server
AmazonS3
etag
"bd7974ac83b1adc649e5e24a01f74b12"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
tnMZ-Q7Hcbw7HBXO-5SC7PGAX43ZTp2c90uSMJv710gJ5GJmWaWujg==
bl-250cc79-54d0d8e7.js
tagan.adlightning.com/townnews/ 		92 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/townnews/bl-250cc79-54d0d8e7.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-106.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d571c7385908a3acc2b81723560e805eebe45fbe619fbffed1966fc42262e9fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:34:17 GMT
content-encoding
gzip
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-version-id
ndho84voS8obmbx9ziryTq7cEYDZE3p4
x-amz-cf-pop
EWR53-C3
age
1850
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
39264
x-amz-meta-git_commit
250cc79
last-modified
Sat, 06 Jan 2024 03:31:34 GMT
server
AmazonS3
etag
"c1f4573907fc763cb08b002052067b37"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
x003rMJBiPYkPM72nSQVDwgJOin5zuUlnRqCI-aw8kXgMzUcRTyKzg==
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-230.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:00:45 GMT
content-encoding
gzip
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront), 1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, PHL51-P1
age
262
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
9HvwgtKQNRC5im6ZXAogkw2PKs3xrASg3bJWh6LRKY0cGYl3YdO9Jg==
gtm.js
www.googletagmanager.com/ 		124 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NN54BPG
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
72e06114678dd28f5768b813c0eecaa6f56f022a513f5893b7f90981094ef57f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48727
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jan 2024 04:05:06 GMT
gtm.js
www.googletagmanager.com/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJWBF3J
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce262f4b0fa67c46246b270fbeecfe27321ddd237fca33ca4384620a5ad7a170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80298
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jan 2024 04:05:06 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jan 2024 04:05:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54345
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
l2Guxs40mUXZiM2gq26YImwkJn5F/5qDLi9reqEZeP7q8SsYF7fKs3TP7USGxsHrBpFEL26hjlzWzzmRq5kLuQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
841114a9ec6e4bc0-BUF
access-control-allow-headers
Content-Type
tracker.gif
www.telegraphherald.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegraphherald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=170451390603816001200505266784946&tnms_dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&tnms_upage=1&tnms_do=www.telegraphherald.com&tnms_uri=/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&tnms_ref=&rt=1704513906045
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
x-vcache
MISS
age
0
etag
"48f79fed-0"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
65972107f3884.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/a/ac/aace2101-15e8-580d-a470-9b5a7daf1027/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/a/ac/aace2101-15e8-580d-a470-9b5a7daf1027/65972107f3884.image.jpg?resize=200%2C139
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e24506222cd71cb414ead7082ba5cdc064fb854152749c63190f1f25c1ee74a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
degrade=85, origSize=7713, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Thu, 04 Jan 2024 21:20:21 GMT
server
cloudflare
x-vcache
MISS
etag
"9d9aa39eac29cdf23966c905d7905ae5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114a99d0436a2-YYZ
expires
Sat, 04 Jan 2025 07:01:07 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		78 B
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ed37e392b16dc80c3fe4470e3e48eb831b86dc84531de828b734190073d8062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
841114aa5df24bcc-BUF
vary
Accept-Encoding
content-type
text/javascript
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202209.1.0/ 		376 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
229oLfugqvtMNLM3e0uPaA==
age
51566
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
91423
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:30 GMT
server
cloudflare
etag
0x8DAAB422B1E6529
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
11732244-401e-004c-0918-15a9b3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
841114ab28964bd2-BUF
5cd2f43a3f59c700126bad43.js
buttons-config.sharethis.com/js/ 		461 B
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5cd2f43a3f59c700126bad43.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:2000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c4a23a217e269ad2451e4668ad319a23ad3c70ec0d3d84a43d3a2564f0d3287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 08 May 2019 19:40:11 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
etag
"4d059be5eef50cc04a77381344839252"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
461
x-amz-cf-id
SGZFqndky58qJuKC9dKUByCdmFRsH62paXB1RLlYI7OBXT31EI8llQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 20:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
27600
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140253
x-xss-protection
0
server
cafe
etag
11435206252018266965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 04 Jan 2025 20:25:06 GMT
e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
config.aps.amazon-adsystem.com/configs/ 		564 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-41.phl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
8d0318f0cb951dbe7dd97e3b06aac6b49d432d610e7eb245830192f68de424f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:47:02 GMT
via
1.1 0112af6219abab80a1c298e0563cf966.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
age
1084
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
_cfjhc_Uk8WctLEfH2Pr6MFXrVP1fNpKpUQvPEP0-ASTbn4PoDlabQ==
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.telegraphherald.com&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-230.phl51.r.cloudfront.net
Software
Server /
Resource Hash
2a6189f8ee4035f048eaedb4744ef6300f362a90a1f7aa6906edeac2e8e49eb4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 00:42:37 GMT
via
1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
age
12149
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3066
x-amz-cf-id
XhGGO7wtzWXpjx1NlAH4gjzJWi28vdXdQIp27Vwtr12rYfg7TuGL-A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-230.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 be2c2de1ae578e4915f9466876d9de46.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
GKdhYVsiv1nr3TdslNzFJobuj7d14tVmd1h_CHn3f_eb1gi4EPCJ8Q==
2466856
api.secondstreetapp.com/audience_signup_widgets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.secondstreetapp.com/audience_signup_widgets/2466856?callback=secondStreetOptinWidget_2466856
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dff214826d02cea31c4b4f789a44367318666c184420226ad5439ea3b45d0d16
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:32 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
Age
354
X-Powered-By
ASP.NET
X-SS
107
Connection
Keep-Alive
Content-Length
1378
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
X-StackifyID
V2|6f4b1ad2-8331-4135-a532-19c4c0687d9f|C69601|CD66
Cache-Control
public, max-age=600
Accept-Ranges
bytes
Expires
Sat, 06 Jan 2024 04:09:13 GMT
fotomoto-v2-min.css
static-fotomoto-com.s3.amazonaws.com/assets/ 		174 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-fotomoto-com.s3.amazonaws.com/assets/fotomoto-v2-min.css?1704460771
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
eddd5530bb19ac89c4c79678d7a2e6d1d17cef003139428583aba7a5bc1ffa79

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Aug 2022 02:46:57 GMT
Server
AmazonS3
x-amz-request-id
HTVT2EWKGTJG7GQ8
ETag
"3f100725814614b4f9fa41e4a922734d"
Content-Type
text/css
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Content-Length
23403
x-amz-id-2
oG6OE2P8g7nh1Zica+hs7UVAaLSNePGJXIvjKElOoQ3+88T7BrfHP1zyhGm7EHSahr3u1al579U=
Expires
Tue, 22 Aug 2023 02:46:56 GMT
fb1ed006ae07fb6a6a1b19eaa310a86a622141f1.css
widget.fotomoto.com/stores/style/ 		282 B
707 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.fotomoto.com/stores/style/fb1ed006ae07fb6a6a1b19eaa310a86a622141f1.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.111.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-111-65.compute-1.amazonaws.com
Software
nginx/1.0.10 + Phusion Passenger 3.0.11 (mod_rails/mod_rack) / Phusion Passenger (mod_rails/mod_rack) 3.0.11
Resource Hash
879c194b3db8616e1df26d44c2d9e10f81c2679c2a8b9e81ffff240b2637b4ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.006349
date
Sat, 06 Jan 2024 04:05:06 GMT
server
nginx/1.0.10 + Phusion Passenger 3.0.11 (mod_rails/mod_rack)
x-powered-by
Phusion Passenger (mod_rails/mod_rack) 3.0.11
etag
"3b22d928d8152d1370a5f453d8a1f6d5"
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/css; charset=utf-8
status
200
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-rack-cache
miss
x-request-id
f0e1e4fe8b8dd61275e094d380764e31
fotomoto-min.js
static-fotomoto-com.s3.amazonaws.com/assets/ 		645 KB
256 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-fotomoto-com.s3.amazonaws.com/assets/fotomoto-min.js?1704460771
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ec76b9e915f11475950c65e692a89abfd245de03985b87cd6db83fc54e2c5fbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Aug 2022 02:46:48 GMT
Server
AmazonS3
x-amz-request-id
HTVXYH7CFXPW2B9F
ETag
"92ecbf03bae895e5009216abfb07761f"
Content-Type
text/javascript
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Content-Length
262019
x-amz-id-2
mv9b/Mz+eK4M2+TzjuqH8O6YjqzQjNgDACcn5JPJUHaq0Crozx12NDKrzaxrgtPOtbocqPejMaA=
Expires
Tue, 22 Aug 2023 02:46:47 GMT
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=www.telegraphherald.com&location=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&product=inline-share-buttons&url=https%3A...
  • https://l.sharethis.com/sc?event=pview&hostname=www.telegraphherald.com&location=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&product=inline-share-buttons&url=https%3A%2F...
160 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?event=pview&hostname=www.telegraphherald.com&location=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&product=inline-share-buttons&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&cms=unknown&publisher=5cd2f43a3f59c700126bad43&sop=true&version=st_sop.js&lang=en&description=When%20a%20second%20dentist%20joined%20Valerie%20Peckosh%E2%80%99s%20Dubuque%20pediatric%20dentistry%20practice%20in%20July%2C%20the%20floodgates%20opened.&ua=&ua_mobile=false&ua_full_version_list=&uuid=dbc5d818-27f1-449b-9118-b01b5967557a&samesite=None
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Server
3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-26-161.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
53f18af0743623f8e8218119188189c15cd14c5296dbdad995e7d9d8c7af78da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.telegraphherald.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZGKAAGWY0XIAAAAILiBuAw==
Access-Control-Allow-Headers
*
Content-Length
160
X-Robots-Tag
noindex, nofollow

Redirect headers

Date
Sat, 06 Jan 2024 04:05:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.telegraphherald.com
Location
/sc?event=pview&hostname=www.telegraphherald.com&location=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&product=inline-share-buttons&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&cms=unknown&publisher=5cd2f43a3f59c700126bad43&sop=true&version=st_sop.js&lang=en&description=When%20a%20second%20dentist%20joined%20Valerie%20Peckosh%E2%80%99s%20Dubuque%20pediatric%20dentistry%20practice%20in%20July%2C%20the%20floodgates%20opened.&ua=&ua_mobile=false&ua_full_version_list=&uuid=dbc5d818-27f1-449b-9118-b01b5967557a&samesite=None
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZGKAAGWY0XIAAAAILiBuAw==
Access-Control-Allow-Headers
*
Content-Length
971
X-Robots-Tag
noindex, nofollow
;ID=181918;size=0x0;setID=661376;type=js;referrer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html;sw=1600;sh=1200;spr=1;kw=;pid=2585756;...
ads.empowerlocal.co/adserve/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=661376;type=js;referrer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html;sw=1600;sh=1200;spr=1;kw=;pid=2585756;place=0;rnd=2585756;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.254.130.154 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
104-254-130-154.static.hvvc.us
Software
nginx /
Resource Hash
cb33747e8dab3b26fddab0a939985ceafedcd610415bf7d2a41575e4ed42c9a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type
application/javascript
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
1329857520488846
connect.facebook.net/signals/config/ 		141 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1329857520488846?v=2.9.139&r=stable&domain=www.telegraphherald.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5333b8fd08e2ea42fdb51efa01f44928a5bd71433bc8a8f431ac65bdaa83834a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jan 2024 04:05:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36924
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
B1inCwU7vmURPRwuPHn5OuWHMR0fPnUGqa7+DXBWi2uvsgO8N7ABwDWgZH19RhaP6Oh7u9K7S7M061NRPH7z1w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.61.22.89 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-61-22-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sat, 06 Jan 2024 04:20:06 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 21:59:58 GMT
content-encoding
gzip
via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
21909
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
tXEP9D5s58ytvqORKJHRj5HvtHqcsnaLFGRlKVFXQ9jy3kkITLiYeg==
ima.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:35 GMT
server
cloudflare
age
201583
etag
W/"65833ebf-2810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
841114acd8cba223-YYZ
expires
Tue, 09 Jan 2024 04:05:06 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ref=&_it=amazon&partner_id=664
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
6325
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
841114ad0e744bc0-BUF
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
KNY29QN45MVGW8S4
age
2482
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
841114acff7d4bcc-BUF
x-amz-id-2
mBalHHT+POONn3rG2rjjcverig52+u65oL2xnTphyM9XbtgQ8esnFmFV5NAbPDdalZBT7I0zLzM=
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jan 2024 03:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
797
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 06 Jan 2024 05:51:49 GMT
gtm.js
www.googletagmanager.com/ 		182 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f55801a1bcf48fde762f206e6a75929aeaac77908ff06e5ac4ebcdd2cdab310b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65799
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jan 2024 04:05:06 GMT
gtm.js
www.googletagmanager.com/ 		226 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
530da57dc4371e47d6328c6bc3238b3deef7c27dec9cdf0fffe8d28e2320c355
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71687
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jan 2024 04:05:06 GMT
en.json
cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/4ca42237-2471-4f81-b400-7e63c3db30a8/ 		57 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/62f59fd0-d7e3-438f-9ad5-b01d90539a49/4ca42237-2471-4f81-b400-7e63c3db30a8/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5636ebfb4b4d85f97782812b2ce80b0aa148bb25aba1c7c6c6d3d6c0682be920
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
85440
content-md5
tutQbDg72LSUhcfPjerqdQ==
content-length
12024
x-ms-lease-status
unlocked
last-modified
Mon, 26 Sep 2022 04:01:07 GMT
server
cloudflare
etag
0x8DA9F73BDA64A49
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
57aa46a5-001e-0072-2c0f-243ecc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
841114acc8bc6aed-BUF
expires
Sun, 07 Jan 2024 04:05:06 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:c600:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 05:27:04 GMT
x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Via
1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P6
Age
81483
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
EYPJsSqmHgyWsKxdNCotAj7-BcwLtAVkQK-qKhy1ObB8SkX39UW_UQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
TX6CRJTF96PHRATZ
age
3094
etag
W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
841114ad2f954bcc-BUF
x-amz-id-2
DkGvZ3F6S5BI+Ua0jbPlIt67V2R7IjUVb4Q7QCere5w1C6DYFAS6QxTn5fFVhEjbGUjagPZqhKI=
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 21 Dec 2023 07:50:16 GMT
server
nginx
etag
W/"6583ee38-a9b8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 07 Jan 2024 04:05:06 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 10:45:42 GMT
content-encoding
gzip
age
494364
x-guploader-uploadid
ABPtcPrC-6N0WNjzkM5qAh9JaWJNUVWmAuT0EUNe79SUUOq5-JbFZ2q1o6Moq1ulXJNw4mtxq8o8E0tUjSpY48-eCIAGww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 30 Dec 2024 10:45:42 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
b5db071695bafe6f30e4a114842c55f2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 13:43:41 GMT
content-encoding
gzip
via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
51686
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
-rKoG44_oiVK9xFp33gEGjKppgAypncQyKIRnu19k9tTNiX1HtLIXw==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 06 Jan 2024 04:05:06 GMT
x-content-type-options
nosniff
content-encoding
br
age
14703
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-nyc-kteb1890076-NYC
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
201583
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
841114ad2939a223-YYZ
expires
Tue, 09 Jan 2024 04:05:06 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1329857520488846&ev=PageView&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&rl=&if=false&ts=1704513906787&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704513906779.127873175&cs_est=true&ler=empty&it=1704513906596&coo=false&rqm=GET
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jan 2024 04:05:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
otFlat.json
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wG3T8rT9wA5w2UbDdvkxcQ==
age
69739
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:21 GMT
server
cloudflare
etag
0x8DAAB42258FDE79
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
7cafb0c8-601e-0080-1282-0cc685000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
841114ada9076aed-BUF
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3e634eb4bc8fc909bd1ea389002b9036063e2fe86f1a423fb2eb577baaf7e1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
eeLeQFlL9c7wmvR8bYV+Vw==
age
69739
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13334
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:23 GMT
server
cloudflare
etag
0x8DAAB4226FAD215
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
85daebf5-d01e-003c-3176-131044000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
841114adb90a6aed-BUF
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/ 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
69739
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
90375368-501e-0040-77d6-123ebb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
841114adb90c6aed-BUF
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=aps&ver=1.3.0
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=aps&ver=1.3.0&b=1&g=w%2BuIldmMtjh7YH%2FpDmjyGD%2FA%2FQKrt%2B78WbIDkcb5duQ%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=aps&ver=1.3.0&b=1&g=w%2BuIldmMtjh7YH%2FpDmjyGD%2FA%2FQKrt%2B78WbIDkcb5duQ%3D
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 06 Jan 2024 04:05:06 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.telegraphherald.com
location
https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=aps&ver=1.3.0&b=1&g=w%2BuIldmMtjh7YH%2FpDmjyGD%2FA%2FQKrt%2B78WbIDkcb5duQ%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ Frame 8C3E 		2 KB
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,700
Requested by
Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09430f3620f6c275e8b1549a197d320593921568230a827421e64ad31c2b9041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 03:30:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jan 2024 04:05:06 GMT
t.dhj
t.sharethis.com/1/k/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=www.telegraphherald.com&rnd=1704513906893
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b786ef46c905136a59658f17751ec61b3795356eb12ad91c70a855f021d9ca0f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Sat, 06 Jan 2024 05:05:07 GMT
hadron.json
id.hadron.ad.gt/v1/ 		104 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=664&sync=0&domain=www.telegraphherald.com&url=https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ref=&_it=amazon&partner_id=664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af3ebe63bada1a075aea2a79ddc27f1941408367fc84532c4bfe145b243a3d8

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
841114af4f2a4bcf-BUF
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=664&sync=0&domain=www.telegraphherald.com&url=https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.telegraphherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
841114aedee94bcf-BUF
content-length
0
content-type
application/json
date
Sat, 06 Jan 2024 04:05:07 GMT
debug
OPTIONS block
expires
Sun, 05 Jan 2025 04:05:07 GMT
server
cloudflare
fotomoto_loading.gif
static-fotomoto-com.s3.amazonaws.com/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-fotomoto-com.s3.amazonaws.com/assets/fotomoto_loading.gif
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
62921350ddf3d7ac9045e2252ac924de81442b5c7f144346feae343fb30881a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:07 GMT
Last-Modified
Mon, 22 Aug 2022 02:46:08 GMT
Server
AmazonS3
x-amz-request-id
HTVNYEEY96E9A5PK
ETag
"d254f167f7c92c9f0f68832aca643734"
Content-Type
image/gif
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Content-Length
3117
x-amz-id-2
MOqIetw7ig6mlMoigoNQF+si+U/TaBTF9tyrO33n7OO8fk2HCmp9yWR8WV2U0SsI7i3ExzxlHVU=
Expires
Tue, 22 Aug 2023 02:46:07 GMT
widget_sprite.png
static-fotomoto-com.s3.amazonaws.com/assets/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-fotomoto-com.s3.amazonaws.com/assets/widget_sprite.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3ed247a67eac1003c708ddd1f12d8bbd831e22c6433f25285bb432531fda98a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:07 GMT
Last-Modified
Mon, 22 Aug 2022 02:46:42 GMT
Server
AmazonS3
x-amz-request-id
HTVR9S5N2Q5MHYXN
ETag
"3feaf624895576500aa0dcf9663fe488"
Content-Type
image/png
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Content-Length
42076
x-amz-id-2
Cti4iSaZYhflwTKLk72TJJgjH7O49tLYOgjBj+t/Mw2UBEvAulLf+0JqP9e8vMUND4gjZMsVpdg=
Expires
Tue, 22 Aug 2023 02:46:41 GMT
blank.gif
static-fotomoto-com.s3.amazonaws.com/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-fotomoto-com.s3.amazonaws.com/assets/blank.gif
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7de5a2cafafe8dce046705c7fa7394e2f6afa1f101f8b6e52251a0d69ebfc115

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:08 GMT
Last-Modified
Mon, 22 Aug 2022 02:43:44 GMT
Server
AmazonS3
x-amz-request-id
3K1B7VD1JYK7HT41
ETag
"b2b9f49ec8180a067aa2ca9803c1ce4c"
Content-Type
image/gif
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Content-Length
1095
x-amz-id-2
Y0Z2hrTY60uxqDQjxjbakZgIzaAkfFXPYx4iyIQr/hSl+d79weqrW41Fvqcn2F/+lOm6JeGpGLA=
Expires
Tue, 22 Aug 2023 02:43:43 GMT
fotomoto-metal-print-icon_19x15px.png
static-fotomoto-com.s3.amazonaws.com/assets/ 		303 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-fotomoto-com.s3.amazonaws.com/assets/fotomoto-metal-print-icon_19x15px.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
34b524307ac30874f393fa659bb78d28527136960a3dd32e098fc2adca02a4a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:08 GMT
Last-Modified
Mon, 22 Aug 2022 02:44:06 GMT
Server
AmazonS3
x-amz-request-id
3K13AJQY6DMA3H8A
ETag
"0786ce2cead4581fd1bb15acbf027b3d"
Content-Type
image/png
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Content-Length
303
x-amz-id-2
v+gGU6bN7iIuOCk8I6yYBYrWWwLCG+z1U+2VNKJ5Y50SLdTYi/ajv3fLDfTxqJTEW2KrSNl4fJg=
Expires
Tue, 22 Aug 2023 02:44:05 GMT
fb1ed006ae07fb6a6a1b19eaa310a86a622141f1_wlogo.jpg
s3.amazonaws.com/img.fotomoto.com/s/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/img.fotomoto.com/s/fb1ed006ae07fb6a6a1b19eaa310a86a622141f1_wlogo.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.140.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c234a499d9c862e37a5f552c5f6c17e2a5a4e8484a39ef54f6618dea3ebbdb71

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:08 GMT
Last-Modified
Thu, 24 Jun 2021 21:08:44 GMT
Server
AmazonS3
x-amz-request-id
3K18JFAQS9NFGMPG
ETag
"e449d733f6ce415fc488e76f0c968ee3"
Content-Type
Accept-Ranges
bytes
Content-Length
3314
x-amz-id-2
eYwT9/PhjKPqrOC4F1kRKLNqkADVbysZ1VAy4pVQOW4h1mntsp+BojGh9NGBHFDWJake6r1bqkY=
map
bcp.crwdcntrl.net/6/ 		156 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.228.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-228-249.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d225412d4de2978e3faabc8d18cba1d5a4dd79689d1c643ac9f56a72e70a73ec

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache
x-server
10.40.55.201
access-control-allow-credentials
true
content-length
156
expires
0
publisher:getClientId
ampcid.google.com/v1/ 		3 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		108 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-4.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dac08fd3eb7d2adf333d36ea5e35d4f4dc25c7dd705cbf99682707b2d95f9031

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
v4gxLFp6LN_bb5C9d7c7Yd6l6kCPxU1z
content-encoding
br
via
1.1 0e456968e63d1e7575028bb48aa8e96a.cloudfront.net (CloudFront)
date
Sat, 06 Jan 2024 04:05:03 GMT
x-amz-cf-pop
PHL50-C1
age
7
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 05 Dec 2023 14:57:24 GMT
server
AmazonS3
etag
W/"b2b7a401bd4f0de0145925b43c4e7c21"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
6voQzEztP7P0LQ-DWYXFYVfQWG2kA4ku1HFFiG5uiLG-OneSySk7Vg==
destination
www.googletagmanager.com/gtag/ 		259 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dac0856b4317c096d6e138d2a109030e07fe8e4c62a59432a49e9c9696a82e22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89908
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jan 2024 04:05:06 GMT
gtm.js
www.googletagmanager.com/ 		198 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afbdec04ad5fc1d3ed9c4c73d86a04c594c5b296fb7cb84baf21486dca75a364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66156
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jan 2024 04:05:07 GMT
increment
id5-sync.com/api/esp/ 		0
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraphherald.com
date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
map
bcp.crwdcntrl.net/6/ 		156 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.228.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-228-249.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0c9d99cfbb9189ee131f11a8ea0633439926597402b41fae79b1514452c4a50f

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache
x-server
10.40.49.225
access-control-allow-credentials
true
content-length
156
expires
0
envelope
lexicon.33across.com/v1/ 		42 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002XdhehAAB&src=esp&ver=1.3.0&us_privacy=1YNN
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Jan 2024 04:05:06 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&rid=esp&cc=1
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
5ec37d64a49a8f9a03aa2daaf4b44c912b5f481d232d18f77defb6faeec16ae4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-2dpMFhDDSIYroXJSMicHoEdR2G8"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 06 Jan 2024 04:05:07 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.telegraphherald.com
location
/esp?url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame 2290 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.telegraphherald.com&us_privacy=1YNN
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 04:05:06 GMT
server
Kestrel
server-processing-duration-in-ticks
734191
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
collect
www.google-analytics.com/j/ 		3 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=994743783&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&dp=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ul=en-us&de=UTF-8&dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAQCACAAI~&jid=1781591823&gjid=1634540988&cid=1290357590.1704513907&tid=UA-54716522-7&_gid=67798460.1704513907&_slc=1&gtm=45He4130n71PDQV3Nv72758733&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=yes&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&cd15=3.155.0&cd16=true&cd17=Page%20View&cd20=cc48af36-ab4b-11ee-93fb-b78c101851bb&cm1=298&gcd=11l1l1l1l1&dma=0&z=903052068
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-7&cid=1290357590.1704513907&jid=1781591823&gjid=1634540988&_gid=67798460.1704513907&_u=YGBAgUABAAQCAGAAI~&z=17501973
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 06 Jan 2024 04:05:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=994743783&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&dp=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ul=en-us&de=UTF-8&dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAUABAAQCAGAAIAB~&jid=291388891&gjid=1983353140&cid=1290357590.1704513907&tid=UA-1002501-1&_gid=67798460.1704513907&_r=1&_slc=1&gtm=45He4130n71PDQV3Nv72758733&gcd=11l1l1l1l1&dma=0&z=2117704929
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
514010fa6b11f61340616503c07fc5c2e4951163e6dc26cc2b4a33c229cc38d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
664
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/664?_it=amazon
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e09ceae91d8b66c5466fb21538ebb58a5784728f8f56dc77b4089a915095037

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 06 Jan 2024 04:01:42 GMT
server
cloudflare
age
205
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
841114b07a7d4bd8-BUF
collect
analytics.google.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4130v887101457z8861227858&_p=1704513905654&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1290357590.1704513907&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&sid=1704513907&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.content_id=cc48af36-ab4b-11ee-93fb-b78c101851bb&ep.canonical_url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ep.content_type=article&ep.canonical_content_id=cc48af36-ab4b-11ee-93fb-b78c101851bb&ep.content_publish_date=2024-01-05T01%3A00%3A00-06%3A00&ep.content_group=%2Fnews&epn.townnews_crm_group_id=216&ep.generator=BLOX&ep.generator_version=1.72.4&ep.content_author_id=3cbea984-1b4e-11ee-91f2-67af0921301e&ep.content_author_eh=6e5a0e0d3b77698d58a7c44d3c34a43ae8fc237b05c20c17fb05703cad5cc76c&tfd=2441
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=1290357590.1704513907&gtm=45je4130v887101457z8861227858&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pgm-api.js
assets.publicgood.com/pgm/v1/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.publicgood.com/pgm/v1/pgm-api.js
Requested by
Host: ads.empowerlocal.co
URL: https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=661376;type=js;referrer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html;sw=1600;sh=1200;spr=1;kw=;pid=2585756;place=0;rnd=2585756;click=CLICK_MACRO_PLACEHOLDER
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-3.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad4ea703f8ea456c70f0a5c5870d04f25083a39360509c26de5a45e3883867cd

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 06 Jan 2024 04:05:08 GMT
Content-Encoding
gzip
Via
1.1 be2c2de1ae578e4915f9466876d9de46.cloudfront.net (CloudFront)
Last-Modified
Fri, 05 Jan 2024 15:12:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PHL51-P1
ETag
W/"7a9edac7507593c9ed0f8fb41ebe67bd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Miss from cloudfront
Cache-Control
max-age=0
Connection
keep-alive
X-Amz-Cf-Id
LpiAdUqkVyPLUk5PwARBVKxHo3Mq-GElHHoxUzOHFudAukQ2veTpcQ==
app.js
ads.empowerlocal.co/ 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.empowerlocal.co/app.js
Requested by
Host: ads.empowerlocal.co
URL: https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=661376;type=js;referrer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html;sw=1600;sh=1200;spr=1;kw=;pid=2585756;place=0;rnd=2585756;click=CLICK_MACRO_PLACEHOLDER
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.254.130.154 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
104-254-130-154.static.hvvc.us
Software
nginx /
Resource Hash
19f017b060eef42c6c184a49c2293ba61282cf67189da8025a13dd7dd680e588

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
content-encoding
gzip
last-modified
Mon, 06 Nov 2023 19:03:51 GMT
server
nginx
etag
W/"65493897-10da1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
expires
Sat, 06 Jan 2024 04:35:07 GMT
js
www.googletagmanager.com/gtag/ 		293 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1KSYYTLTZT&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a7cf0d7c4d6b0d3538b72ad17851f83fba7c18ee2267f3ae257322e6780fdff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98134
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jan 2024 04:05:07 GMT
sid
mug.criteo.com/ Frame 2290
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=telegraphherald.com&sn=ChromeSyncframe&so=0&topUrl=www.telegraphherald.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=oXgodXxHRUxmYkhINE8xUGYxQWhLMmRZcG8rL2lFd2ZtdHBiOFdrdGlLMlp5VUF5R2toclUvUGlibm1vNE1ab0VIVDFGSU15Qjh5cFcyOGllVkdZM2FLVVdHR1FiT3VjU3ZxblVNKzMwUWt3TDExTjNmRkdtblVucFczYT...
457 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=oXgodXxHRUxmYkhINE8xUGYxQWhLMmRZcG8rL2lFd2ZtdHBiOFdrdGlLMlp5VUF5R2toclUvUGlibm1vNE1ab0VIVDFGSU15Qjh5cFcyOGllVkdZM2FLVVdHR1FiT3VjU3ZxblVNKzMwUWt3TDExTjNmRkdtblVucFczYTJPMk1EVFZLNEdMZWpTVEs5OG9sV2FUVHNxRUdRaUdYdmliWHgzMGZwUXJ6WWhta3hZaGNsTGZyQ1lUSi96UURYTmFmSXo3dUJTaVkxQmpLZXZzd1lIMlJ6ai96RmxjY3JTeVRFSnVwR0RoaW5uVkVJclpzVUd4K3NBWkM1Sy9DVnJQWm80TnFySHUwWW9vOEVVZU93QVZHU1puUzNjYm4rUFBvY1YxRkNPS2R0NllxNU9Gdz18&cppv=2
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d74d69d4842705d8028bb151c7e535af6508f7141401b6c44c1634fa8b39882c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1870597
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:06 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=oXgodXxHRUxmYkhINE8xUGYxQWhLMmRZcG8rL2lFd2ZtdHBiOFdrdGlLMlp5VUF5R2toclUvUGlibm1vNE1ab0VIVDFGSU15Qjh5cFcyOGllVkdZM2FLVVdHR1FiT3VjU3ZxblVNKzMwUWt3TDExTjNmRkdtblVucFczYTJPMk1EVFZLNEdMZWpTVEs5OG9sV2FUVHNxRUdRaUdYdmliWHgzMGZwUXJ6WWhta3hZaGNsTGZyQ1lUSi96UURYTmFmSXo3dUJTaVkxQmpLZXZzd1lIMlJ6ai96RmxjY3JTeVRFSnVwR0RoaW5uVkVJclpzVUd4K3NBWkM1Sy9DVnJQWm80TnFySHUwWW9vOEVVZU93QVZHU1puUzNjYm4rUFBvY1YxRkNPS2R0NllxNU9Gdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
522853
content-length
0
expires
0
t_.htm
t.sharethis.com/a/ Frame 7A00 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23373&cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=www.telegraphherald.com&rnd=1704513906893
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Sat, 06 Jan 2024 04:05:07 GMT
Expires
Sat, 13 Jan 2024 04:05:07 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-4.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
8wBdC1fvjthSTrFspxDO4VzVvdAFdrfL
content-encoding
gzip
via
1.1 6ef53c06467f47a1223db91b4e03cb22.cloudfront.net (CloudFront)
date
Sat, 06 Jan 2024 03:40:17 GMT
x-amz-cf-pop
PHL50-C1
age
1492
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 09 Oct 2023 16:01:47 GMT
server
AmazonS3
etag
W/"b1f2fbddf3135863ad45acc993d27497"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
mdUK-qR56241c1sOp8UYrGxxbqBZMeaj7dAHoRJRN6OChi5drV6Nxw==
664
p.ad.gt/api/v1/p/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/664
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/664?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722a661c4475066b1e8751262c656312e821c990f771f601231c9d7970b723f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 06 Jan 2024 04:01:37 GMT
server
cloudflare
age
210
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
841114b3a9be4bd3-BUF
halo_match
ids.ad.gt/api/v1/ 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&halo_id=060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm6g4ko6gywigwiew6kwomy
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
841114b209b74bc0-BUF
content-length
43
content-type
image/gif
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001704513907-TUF07WT0-4LZ0%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&adnxs_id=6275356792805496052&gdpr=0
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&adnxs_id=6275356792805496052&gdpr=0
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
841114b48b1f4bc0-BUF
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
an-x-request-uuid
e9a1f1a2-5cd2-4131-a891-a57ef05ae9f3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&adnxs_id=6275356792805496052&gdpr=0
x-proxy-origin
96.9.246.196; 96.9.246.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704513907-TUF07WT0-4LZ0&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704513907-TUF07WT0-4LZ0&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=756a3773-39ba-456b-9c41-5435aa35d5ec&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=756a3773-39ba-456b-9c41-5435aa35d5ec&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
841114b4fb624bc0-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=756a3773-39ba-456b-9c41-5435aa35d5ec&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
date
Sat, 06 Jan 2024 04:05:07 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704513907-TUF07WT0-4LZ0
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704513907-TUF07WT0-4LZ0
  • https://ids.ad.gt/api/v1/pbm_match?pbm=348B24C7-EE14-49B3-B3EA-5C947351BE80&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=348B24C7-EE14-49B3-B3EA-5C947351BE80&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
841114b4cb4c4bc0-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=348B24C7-EE14-49B3-B3EA-5C947351BE80&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
date
Sat, 06 Jan 2024 04:05:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
token
token.rubiconproject.com/ 		0
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001704513907-TUF07WT0-4LZ0&gdpr=0
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001704513907-TUF07WT0-4LZ0&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704513907...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001704513907-TUF07WT0-4LZ0&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=35ad9ecb-865b-4122-8512-db436c0940f1%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=756a3773-39ba-456b-9c41-5435aa35d5ec&ttd_puid=35ad9ecb-865b-4122-8512-db436c0940f1%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&tapad_id=35ad9ecb-865b-4122-8512-db436c0940f1
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&tapad_id=35ad9ecb-865b-4122-8512-db436c0940f1
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
841114b56ba64bc0-BUF
content-length
43
content-type
image/gif

Redirect headers

date
Sat, 06 Jan 2024 04:05:08 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&tapad_id=35ad9ecb-865b-4122-8512-db436c0940f1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001704513907-TUF07WT0-4LZ0&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&google_gid=CAESEJSVchjOqRgnwCwXhC8PlV4&google_cver=1&google_ula=450542624,0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&google_gid=CAESEJSVchjOqRgnwCwXhC8PlV4&google_cver=1&google_ula=450542624,0
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
841114b48b244bc0-BUF
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&google_gid=CAESEJSVchjOqRgnwCwXhC8PlV4&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001704513907-TUF07WT0-4LZ0
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDUxMzkwNy1UVUYwN1dUMC00TFow
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDUxMzkwNy1UVUYwN1dUMC00TFow
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDUxMzkwNy1UVUYwN1dUMC00TFow
date
Sat, 06 Jan 2024 04:05:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
841114b209b84bc0-BUF
content-type
text/html; charset=utf-8
openx
ids.ad.gt/api/v1/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001704513907-TUF07WT0-4LZ0%26auid%3DAU...
  • https://ids.ad.gt/api/v1/openx?openx_id=9ff7714f-cb01-44f9-8824-182bfcf3eb84&id=AU1D-0100-001704513907-TUF07WT0-4LZ0&auid=AU1D-0100-001704513907-TUF07WT0-4LZ0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=9ff7714f-cb01-44f9-8824-182bfcf3eb84&id=AU1D-0100-001704513907-TUF07WT0-4LZ0&auid=AU1D-0100-001704513907-TUF07WT0-4LZ0
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
841114b3aa994bc0-BUF
content-length
43
content-type
image/gif

Redirect headers

date
Sat, 06 Jan 2024 04:05:07 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://ids.ad.gt/api/v1/openx?openx_id=9ff7714f-cb01-44f9-8824-182bfcf3eb84&id=AU1D-0100-001704513907-TUF07WT0-4LZ0&auid=AU1D-0100-001704513907-TUF07WT0-4LZ0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
colossus
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001704513907-TUF07WT0-4LZ0&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-...
  • https://ids.ad.gt/api/v1/colossus?cls_id=19c8176a-c99a-43f8-b392-7e8ff4477e20&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/colossus?cls_id=19c8176a-c99a-43f8-b392-7e8ff4477e20&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
841114b5abd64bc0-BUF
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
http://ids.ad.gt/api/v1/colossus?cls_id=19c8176a-c99a-43f8-b392-7e8ff4477e20&id=AU1D-0100-001704513907-TUF07WT0-4LZ0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
impr_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001704513907-TUF07WT0-4LZ0%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001704513907-TUF07WT0-4LZ0%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&impr_uid=d38cfde5-5637-41e3-9daa-5e30cff1fa5d
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&impr_uid=d38cfde5-5637-41e3-9daa-5e30cff1fa5d
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
841114b57bbb4bc0-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001704513907-TUF07WT0-4LZ0&impr_uid=d38cfde5-5637-41e3-9daa-5e30cff1fa5d
access-control-allow-origin
*
date
Sat, 06 Jan 2024 04:05:08 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
;MID=181918;type=e959fb862;placementID=2216450;setID=661376;channelID=0;CID=0;BID=521395585;TAID=0;place=0;contKeyMatches=%5B13060%2C13062%2C13066%2C13095%2C13432%2C13747%2C14160%2C14612%2C15546%2C...
ads.empowerlocal.co/adserve/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.empowerlocal.co/adserve/;MID=181918;type=e959fb862;placementID=2216450;setID=661376;channelID=0;CID=0;BID=521395585;TAID=0;place=0;contKeyMatches=%5B13060%2C13062%2C13066%2C13095%2C13432%2C13747%2C14160%2C14612%2C15546%2C44445%2C336312%5D;contCatMatches=%5B10285%2C10315%5D;referrer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html;mt=1704513907060434;hc=b50ac7789fd4464e934d62f818b4d5b2951850db
Requested by
Host: ads.empowerlocal.co
URL: https://ads.empowerlocal.co/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.254.130.154 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
104-254-130-154.static.hvvc.us
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 16C4 		725 B
869 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e83d5f80aa75a1579e8ec1fa50bc77dae46c2f099655f49a359cacba4bb85ea1

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
451
content-type
text/html
date
Sat, 06 Jan 2024 04:05:07 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1KSYYTLTZT&gtm=45je4130v9117990098z8867863675&_p=1704513905654&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1290357590.1704513907&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&sid=1704513907&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.item_id=cc48af36-ab4b-11ee-93fb-b78c101851bb&ep.author=BY%20MAIA%20BOND&ep.published_time=2024-01-05T07%3A00%3A00Z&ep.cms_product=BLOX&ep.cms_version=1.72.4&ep.content_group=%2Fnews&ep.content_type=article&tfd=2740
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1KSYYTLTZT&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1KSYYTLTZT&cid=1290357590.1704513907&gtm=45je4130v9117990098z8867863675&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1KSYYTLTZT&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wp-banners.js
assets.publicgood.com/pgm/v1/adblock/ 		35 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.publicgood.com/pgm/v1/adblock/wp-banners.js?ad_slot=foo&adbannerid=bar
Requested by
Host: assets.publicgood.com
URL: https://assets.publicgood.com/pgm/v1/pgm-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-3.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1a2416ebef0116f2d6abaf238f4fa0b49ee53abf00cdb113bdb7d90a414058f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:08 GMT
Via
1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
Last-Modified
Fri, 05 Jan 2024 15:12:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PHL51-P1
ETag
"2f251ec1513bf2dd8779f6fff859a3b5"
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
35
X-Amz-Cf-Id
D4kaDg-X4yh0NrZWSemL38riR_m1UtPFPpYp4GgHQSFEHRc5v4SkQg==
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.29.3-U/ 		683 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3772aa5d9ab06b270165da73427ec3653cdcf83388fa0f20b5ce0cac5f0dbc65

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
WawtNCr7X3mmR0NRFC0WyhfCxQee5NhA
content-encoding
br
via
1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
date
Sat, 06 Jan 2024 04:04:50 GMT
last-modified
Thu, 21 Dec 2023 20:29:09 GMT
server
AmazonS3
age
18
x-amz-cf-pop
JFK50-P3
etag
W/"6c5b9a53101042b63fcc9c7aaa2fd113"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
O5_RWuPfxeRt29hD4_TD7ARsfj9ouTHZDozKERcmB1Mlr7KpA9cvhQ==
t_.js
t.sharethis.com/1.1268.23373/a/US/ Frame 0161 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1268.23373/a/US/t_.js?cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23373&cid=c010&cls=B
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
79630baf8eba8c670928b2e0294631c73fd3b0fffb8873c00969ed920313e505
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23373&cid=c010&cls=B
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:07 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
9658
Expires
Sat, 13 Jan 2024 04:05:07 GMT
ajs-destination.bundle.13362ca512563a10e34d.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-4.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 06:59:31 GMT
x-amz-version-id
arY3EWu63PxiojkDhSBzxNAjyf4PxNc5
content-encoding
gzip
via
1.1 0e456968e63d1e7575028bb48aa8e96a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
853537
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 14 Dec 2023 21:42:44 GMT
server
AmazonS3
etag
W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
H_t2jLfcfVJnHW1HNZZF35d1wTH3f-ZcJwQ0Qpwv0AAZpf4x1a_nag==
/
www.telegraphherald.com/tncms/access/rules/ 		27 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.telegraphherald.com/tncms/access/rules/
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
729c279083a19981997f6db25eda196dd3951005d347edb26cd6cdbddd45e674
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
X-TNCMS-Access-Version
2023-11-28 20:03:51
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 20:15:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28153
content-length
3496
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Jan 2024 20:15:54 GMT
x-vcache
HIT
etag
W/d67897443b04f9457c6675c33020b3a1
x-frame-options
SAMEORIGIN
vary
X-TNCMS-Access-Version, Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://admin-newyork1.bloxcms.com
x-tncms
1.72.4; app12; 0.23s; 1.6M
cache-control
public, max-age=86400
accept-ranges
bytes
x-robots-tag
noarchive
access-control-allow-headers
X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User
/
www.telegraphherald.com/tncms/search/recommend/ 		55 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.telegraphherald.com/tncms/search/recommend/?app=editorial&t=article&inline=summary&preview=1&k=dubuque-county-iowa%2Cdubuque-iowa
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
ce8ecb25fb7765df11714fea733df00b792bed5d2b6db5d635d2bf91d49cf488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:49:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
910
content-length
4211
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 06 Jan 2024 03:49:57 GMT
x-vcache
HIT
etag
W/6e08bac306b079872c4f2fd3d771868f
x-frame-options
SAMEORIGIN
vary
X-IPCountry, Accept-Encoding
content-type
application/json; charset=UTF-8
x-tncms
1.72.4; app19; 0.23s; 2.7M
cache-control
public, max-age=10
accept-ranges
bytes
x-robots-tag
noarchive
22700e6e-d221-e94c-ea08-1a8e14dbe9c9
pr-bh.ybp.yahoo.com/sync/openx/ Frame 16C4 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/22700e6e-d221-e94c-ea08-1a8e14dbe9c9?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:75af:f069:585e:f21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 16C4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ee611457-5e27-c0ff-1bd1-8eec83bfef60
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ee611457-5e27-c0ff-1bd1-8eec83bfef60&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ee611457-5e27-c0ff-1bd1-8eec83bfef60&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:07 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6ZZ570JNESEQVYVQTASB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:07 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VK7CMXHJ9AB23260SRTT
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ee611457-5e27-c0ff-1bd1-8eec83bfef60&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 16C4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=b6b7682a-428d-7b05-dbdf-0c7beb8c2480&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=756a3773-39ba-456b-9c41-5435aa35d5ec&ttd_puid=b6b7682a-428d-7b05-dbdf-0c7beb8c2480&gdpr=0&gdpr_consent=
43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=756a3773-39ba-456b-9c41-5435aa35d5ec&ttd_puid=b6b7682a-428d-7b05-dbdf-0c7beb8c2480&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:08 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=756a3773-39ba-456b-9c41-5435aa35d5ec&ttd_puid=b6b7682a-428d-7b05-dbdf-0c7beb8c2480&gdpr=0&gdpr_consent=
date
Sat, 06 Jan 2024 04:05:07 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 16C4 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWFkOGJiZTAtOGJmYS0yNWExLWNlM2YtNTZjMjIxNmVlYWUw
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 16C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECL5Tvl0w_t_Fq8jWysoAPY&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECL5Tvl0w_t_Fq8jWysoAPY&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:08 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECL5Tvl0w_t_Fq8jWysoAPY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		222 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.113.15 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:07 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=60916
accept-ranges
bytes
content-length
68444
expires
Sat, 06 Jan 2024 21:00:23 GMT
/
www.telegraphherald.com/tncms/search/mlt/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.telegraphherald.com/tncms/search/mlt/?origin=cc48af36-ab4b-11ee-93fb-b78c101851bb&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube
Requested by
Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
0da27186f929206c54d091f437ba0c499b089a1ddf9cc0ae2a3c9b1e633b0d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:49:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
910
content-length
3601
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Jan 2024 21:48:36 GMT
x-vcache
HIT
etag
W/f764833c392951a17ae9e8ca94aa039f
x-frame-options
SAMEORIGIN
vary
X-IPCountry, Accept-Encoding
content-type
application/json; charset=UTF-8
x-tncms
1.72.4; app12; 0.07s; 2.6M
cache-control
public, max-age=10
accept-ranges
bytes
x-robots-tag
noarchive
/
widget.fotomoto.com/cart/get_data/ 		28 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.fotomoto.com/cart/get_data/?act=cart_load&app_store_id=fb1ed006ae07fb6a6a1b19eaa310a86a622141f1&fotomoto_cart_session_key=c136321704513906&cachebursted=1704513907792&_=1704513906907
Requested by
Host: static-fotomoto-com.s3.amazonaws.com
URL: https://static-fotomoto-com.s3.amazonaws.com/assets/fotomoto-min.js?1704460771
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.111.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-111-65.compute-1.amazonaws.com
Software
nginx/1.0.10 + Phusion Passenger 3.0.11 (mod_rails/mod_rack) / Phusion Passenger (mod_rails/mod_rack) 3.0.11
Resource Hash
8e93349045c292abefc8570cfd48917319ff51e567f1192982e6187d56f8bc13

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.006594
date
Sat, 06 Jan 2024 04:05:07 GMT
server
nginx/1.0.10 + Phusion Passenger 3.0.11 (mod_rails/mod_rack)
x-powered-by
Phusion Passenger (mod_rails/mod_rack) 3.0.11
etag
"4b7c6cc8909f4a2359ac1471c2843731"
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=0, private, must-revalidate
x-rack-cache
miss
x-request-id
b1041552131825ec9237370df12b4075
toolbar.html
www.fotomoto.com/analytics/ Frame BA06 		829 B
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fotomoto.com/analytics/toolbar.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.111.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-111-65.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7243ea95b6a327c78dcf6d651ac4fda9e4024e0b4f09f735a7c0f66f9c2f6c02

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
829
content-type
text/html
date
Sat, 06 Jan 2024 04:05:07 GMT
last-modified
Thu, 05 Mar 2020 06:41:49 GMT
server
nginx
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17ce5ab42fc851c8e1b435749fd85c55486f866762ac5b6c004828d87221699f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e79923a6bf3023c41b587390a8b3651a2acc6fa717f9c2b421639625a596a6a9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		111 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a5419d4e7c7489df1ffee0bd3782e43948ac0becbb3984bda63d49d201f37e6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
ot_logo.png
cdn.cookielaw.org/logos/static/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_logo.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61e7a7943f7444e87b2af6295044b34292a537a23dd3d9436886e3a2ccf620ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 04:05:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8WyO+79CLtcTX81zrcTfgg==
age
45181
content-length
13077
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:06:31 GMT
server
cloudflare
etag
0x8DC0D6906737764
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
afb43bbf-701e-00a3-7487-3f5c46000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
841114b48d464bd2-BUF
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 04:05:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
65252
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:06:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9017ccaa-e01e-0037-6fa1-3feb2f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
841114b48d474bd2-BUF
/
www.telegraphherald.com/tncms/access/user/ 		736 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.telegraphherald.com/tncms/access/user/
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
6aa2b1d1d1ee8541c2b2c169b34728afb06a08ca39e5f2d5a4ed145636440eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-TNCMS-Access-User
anonymous
Referer
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-length
395
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
x-vcache
MISS
x-frame-options
SAMEORIGIN
vary
X-TNCMS-Access-User, X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://admin-newyork1.bloxcms.com
x-tncms
1.72.4; app20; 0.02s; 0.7M
cache-control
private, max-age=3600, must-revalidate
accept-ranges
bytes
x-robots-tag
noarchive
access-control-allow-headers
X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
/
advice.pgs.io/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://advice.pgs.io/?url=https%253A%252F%252Fwww.telegraphherald.com%252Fnews%252Ftri-state%252Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&partner_id=empowerlocal&target_id=&ignore_advice=false&bypass_geo=false
Requested by
Host: assets.publicgood.com
URL: https://assets.publicgood.com/pgm/v1/pgm-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-19.ewr53.r.cloudfront.net
Software
/
Resource Hash
3e310157689767959bc5f8afd29b2ba5de4674939397dfee627b6dc97bb79c78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
content-encoding
gzip
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amzn-requestid
46f6f1ce-8c72-461c-bfe9-a13af87246ce
x-amzn-trace-id
root=1-6598d174-3f20a2fd05b085083a0cd58a;sampled=0;lineage=37f957cc:0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-cf-id
zN_JwPs1_mZuwiX2OxaOodhVhX6HMR4BHt5IoGQqYZhBsjN6a_P-kQ==
60708812d6631.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/a/21/a2177f75-cd91-535d-88a5-4cca1c7b4b2d/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/a/21/a2177f75-cd91-535d-88a5-4cca1c7b4b2d/60708812d6631.image.jpg?crop=369%2C671%2C569%2C136&resize=200%2C364&order=crop%2Cresize
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f8001adbbe50914ef22964cd48b5e799eac0b796bc28e2174414dc4cebb6efc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=10853
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="60708812d6631.webp"
content-length
10104
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 17:00:02 GMT
server
cloudflare
x-vcache
MISS
etag
"44021e13aa04b809ce1387f987e8182e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
841114b56fa236a2-YYZ
expires
Sat, 28 Dec 2024 11:14:29 GMT
659778fd8ca13.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/8/66/8661c160-3a21-5189-9f71-e9340927af18/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/8/66/8661c160-3a21-5189-9f71-e9340927af18/659778fd8ca13.image.jpg?resize=200%2C115
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fae5ba5f7f4324a1120321f6672fa67ffe75921f1cb0fa0780e89c91ffde133
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
56378
cf-polished
qual=85, origFmt=jpeg, origSize=7495
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="659778fd8ca13.webp"
content-length
6356
cf-bgj
imgq:85,h2pri
last-modified
Fri, 05 Jan 2024 03:35:27 GMT
server
cloudflare
x-vcache
MISS
etag
"90695c1207b41af5378e68e25a8b2382"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
841114b56fa336a2-YYZ
expires
Sat, 04 Jan 2025 03:48:26 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
103741de0c2c227e5cb1f8f164d87033158b3874cc4b45c1eb969151895ad1e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.telegraphherald.com
date
Sat, 06 Jan 2024 04:05:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
analytics.js
www.google-analytics.com/ Frame BA06 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.fotomoto.com
URL: https://www.fotomoto.com/analytics/toolbar.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.fotomoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jan 2024 03:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
799
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 06 Jan 2024 05:51:49 GMT
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-4.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 04:39:09 GMT
x-amz-version-id
EvxMPiJM_fFHLYrJnG26FpE9URKkRhTD
content-encoding
gzip
via
1.1 0e456968e63d1e7575028bb48aa8e96a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
5268360
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 06 Nov 2023 04:03:19 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
Y7t7Kf2PNVJctIQeLcMUzWLOfDkDvMiS2Ale13ivGskLT6jgwXqLsQ==
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:23:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
2495
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 06 Jan 2024 04:23:33 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:00:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 06 Jan 2024 05:00:56 GMT
nlsn
sync.sharethis.com/ Frame 0161
Redirect Chain
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
  • https://sync.sharethis.com/nlsn?uid=08d2b02a64f0acd0b30173278bba27d6
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/nlsn?uid=08d2b02a64f0acd0b30173278bba27d6
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Server
3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-26-161.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGKAAGWY0XIAAAAILiBuAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

date
Sat, 06 Jan 2024 04:05:08 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://sync.sharethis.com/nlsn?uid=08d2b02a64f0acd0b30173278bba27d6
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
lotame
sync.sharethis.com/int/ Frame 0161
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZGKAAGWY0XIAAAAILiBuAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_conse...
  • https://sync.sharethis.com/int/lotame?uid=97669bd320c42c98f1a40c7ac5db4d1c&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/int/lotame?uid=97669bd320c42c98f1a40c7ac5db4d1c&gdpr=0&gdpr_consent=
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Server
3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-26-161.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGKAAGWY0XIAAAAILiBuAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:08 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.sharethis.com/int/lotame?uid=97669bd320c42c98f1a40c7ac5db4d1c&gdpr=0&gdpr_consent=
cache-control
no-cache
x-server
10.40.9.132
content-length
0
expires
0
eyeota
sync.sharethis.com/ Frame 0161
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2Dp91ypblk680X86DvE_y8Qrbdb4aBa4PutEVsJVQ_vk&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/eyeota?uid=2Dp91ypblk680X86DvE_y8Qrbdb4aBa4PutEVsJVQ_vk&gdpr=0&gdpr_consent=
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Server
3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-26-161.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGKAAGWY0XIAAAAILiBuAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2Dp91ypblk680X86DvE_y8Qrbdb4aBa4PutEVsJVQ_vk&gdpr=0&gdpr_consent=
Date
Sat, 06 Jan 2024 04:05:08 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ttd
sync.sharethis.com/ Frame 0161
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/ttd?uid=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Server
3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-26-161.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGKAAGWY0XIAAAAILiBuAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/ttd?uid=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=
date
Sat, 06 Jan 2024 04:05:08 GMT
server
Kestrel
content-length
215
yahoo
sync.sharethis.com/ Frame 0161
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent=
  • https://ups.analytics.yahoo.com/ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent=
  • https://sync.sharethis.com/yahoo?uid=y-TVOnYuRE2oMUrnKZm6osdTccIJvL8CBpxXo-~A&gdpr=0
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/yahoo?uid=y-TVOnYuRE2oMUrnKZm6osdTccIJvL8CBpxXo-~A&gdpr=0
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
HTTP/1.1
Server
3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-26-161.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGKAAGWY0XIAAAAILiBuAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/yahoo?uid=y-TVOnYuRE2oMUrnKZm6osdTccIJvL8CBpxXo-~A&gdpr=0
date
Sat, 06 Jan 2024 04:05:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
csync.ashx
ml314.com/ Frame 0161
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGKAAGWY0XIAAAAILiBuAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3641151808727416859
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MTE1MTgwODcyNzQxNjg1ORAAGg0I9KLjrAYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=0e4504b85bb29b35adb8983b51e159438cff8a05cc74f6d2b83c47d61089b213f4cb09cee1a4f8eb&person_id=3641151808727416859&eid=50082
43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=0e4504b85bb29b35adb8983b51e159438cff8a05cc74f6d2b83c47d61089b213f4cb09cee1a4f8eb&person_id=3641151808727416859&eid=50082
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 07 Jan 2024 04:05:08 GMT
date
Sat, 06 Jan 2024 04:05:08 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif

Redirect headers

date
Sat, 06 Jan 2024 04:05:08 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=0e4504b85bb29b35adb8983b51e159438cff8a05cc74f6d2b83c47d61089b213f4cb09cee1a4f8eb&person_id=3641151808727416859&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
60708812d6631.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/a/21/a2177f75-cd91-535d-88a5-4cca1c7b4b2d/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/a/21/a2177f75-cd91-535d-88a5-4cca1c7b4b2d/60708812d6631.image.jpg?crop=370%2C208%2C569%2C367&resize=370%2C208&order=crop%2Cresize
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64306d528d43a08c92169e78eae4a7683d53a97b1c43356d22b399be311fc38d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=11470
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="60708812d6631.webp"
content-length
10996
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 17:00:02 GMT
server
cloudflare
x-vcache
MISS
etag
"a66b5a3dabcd9674b535c9a0465e700e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
841114b6e9fb36a2-YYZ
expires
Thu, 02 Jan 2025 11:00:17 GMT
659778fd8ca13.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/8/66/8661c160-3a21-5189-9f71-e9340927af18/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/8/66/8661c160-3a21-5189-9f71-e9340927af18/659778fd8ca13.image.jpg?crop=1027%2C578%2C0%2C0&resize=540%2C304&order=crop%2Cresize
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22df16f24cee7e1182cd5906bfec8a230c94fd33f90d9caf29e6f98548360e4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=26656
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="659778fd8ca13.webp"
cf-bgj
imgq:85,h2pri
last-modified
Fri, 05 Jan 2024 03:35:27 GMT
server
cloudflare
x-vcache
MISS
etag
"62cfd9b4cb9469ea139a23c7b1ff9b11"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114b6e9fc36a2-YYZ
expires
Sat, 04 Jan 2025 08:25:10 GMT
collect
a.ad.gt/api/v1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
cf-ray
841114b75cd94bc0-BUF
getpixels
pixels.ad.gt/api/v1/ 		0
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=0d96dc4d246e554845c3eaea7f773f5b&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&code=%27none%27
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
841114b78e716aed-BUF
content-type
text/html; charset=utf-8
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 06 Jan 2024 03:56:36 GMT
server
cloudflare
age
484
etag
W/"da32bb-856b-60e3ef37d34d6"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
841114b7ea9f3981-YYZ
expires
Sat, 06 Jan 2024 08:05:08 GMT
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 04:05:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 02:40:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jan 2024 04:05:08 GMT
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 04:05:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 04:05:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jan 2024 04:05:08 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3686216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyqZR%2BJ3seR3VVRRso31Ji%2FkKpMmupXCJVKtM8g8lwPXHXuxZPDC7n3iM8%2FZEg1O66%2B3nAg4%2Bga7TmXPHY3jBuJnkjJMkrwoeJ5lBAIDwSjYcmadgO8kJShFBZvByksz2zYeDR6vVPITlYkjU4ec35o%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841114b86b114bc6-BUF
expires
Thu, 26 Dec 2024 04:05:08 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 0C47 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3701811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9ODUTIJhzBbufQLSLzQQcFrX9ab0KbeO1Em%2BUhCYiKPyWFbNnS6KpKZIj6zcHcIVVVl%2BhXOu43mKE52MS6EAUGTmM8w23F538pYE5Kmbw08iUcY0cigxjMVE5cLJCPga4cPu%2ByfGHPCCgrSQPuUzGWC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841114b86b134bc6-BUF
expires
Thu, 26 Dec 2024 04:05:08 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Sat, 06 Jan 2024 04:05:08 GMT
prebid.js
embed.sendtonews.com/library/prebid/8.6.0/ Frame 0C47 		443 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
i3B_jjvrdw.lF4dn27SHtSate1_g8CWu
content-encoding
gzip
via
1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 13:38:43 GMT
last-modified
Wed, 29 Nov 2023 21:48:59 GMT
server
AmazonS3
age
65122
x-amz-cf-pop
JFK50-P3
etag
W/"4b9ce2a8c4f2b111ada55ff0f82ba870"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
SC2iInxwL-Wf_2kQPgjqPFxRs8NVfROBt5zVq3UIQLdi8buvz8CqRg==
ppid.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ppid.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:46 GMT
server
cloudflare
age
201585
etag
W/"65833eca-2947"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
841114b81926a223-YYZ
expires
Tue, 09 Jan 2024 04:05:08 GMT
comScore.gt.min.js
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame 0C47 		335 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding
gzip
via
1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 20:28:44 GMT
last-modified
Thu, 13 Apr 2023 16:36:13 GMT
server
AmazonS3
age
55126
x-amz-cf-pop
JFK50-P3
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
HxDbxu4GRf-FeKeG_38TO-oouez3ePwWEbtJKHQ3cZJx-0CLMdcaKg==
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 09:30:57 GMT
via
1.1 0712e4ad4264127dfcb76a114b130494.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
66852
etag
"cb93bb50e5d021cc38de445a672c18a2"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
w6OEomqCWof1KfMEzO7ozT1zs5ItOEY5T5Vrq825ZoKmdPmusvHQ6w==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 09:52:08 GMT
via
1.1 0712e4ad4264127dfcb76a114b130494.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
65581
etag
"311cf2edc46e82f2a6911332b7db54e1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
eTPo1jIO4TX4e5f7XcxGWRDK8wDWw4Fkg5Yl43KiHcnWopGXq4BrGg==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 09:00:08 GMT
via
1.1 0712e4ad4264127dfcb76a114b130494.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
68701
etag
"8be584e844dabfe22970a0cb943c047e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
dP7jmFidyJu3Fm5JSkM73snEOu0Tb-6vqtl3iohW1r4YgXgLvXAIHw==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 08:40:30 GMT
via
1.1 0712e4ad4264127dfcb76a114b130494.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
69879
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
Kc_yFOG_LMjpo8KiUZAM6J6lhoQS1VIW6-LQ9b8ebb_Du6jFJVqWWw==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0C47 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-230.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:00:45 GMT
content-encoding
gzip
via
1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront), 1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, PHL51-P1
age
264
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
JXs6syhUe_aqhlaXXZD8lNkbW57BxPyY-uKI5-3NEqUSGOE0xUXL8Q==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=jilarcY-B0GLgNb1&instance=610033&version=7.29.3-U&age=240106&cmd=PRE_INIT&key=dtKKcuXb&seq=1&order=1&vIndex=0&absoluteTime=3713.6&relativeTime=0.3&canonical=https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&EXTREF=https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&REF=https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		31 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=jilarcY-B0GLgNb1&instance=610033&version=7.29.3-U&age=240106&ESG_key=dtKKcuXb&type=FULL&EXTREF=https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&REF=https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.106.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-50.jfk50.r.cloudfront.net
Software
Apache /
Resource Hash
09ea4a96c71e7f8b3a6f4f514c9c9794ddb32c387c97e1ec3c705c248a45abcc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
content-encoding
gzip
via
1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
content-length
4779
x-amz-cf-id
OgO1tpKihU0lHWXUeadqqNmpIPCpWxGmEFy7h0OE8M5iDJCDc4O8Vw==
expires
Sat, 06 Jan 2024 04:05:09 GMT
/
trends.revcontent.com/api/demand/ 		1 KB
716 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=273646&us_privacy=1YNN
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.131.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-131-63.compute-1.amazonaws.com
Software
envoy /
Resource Hash
c839e610b32512b98076bdfc62ef6142e48e93cb1f7bceeafeac2cdcec2b9646
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sat, 06 Jan 2024 04:05:08 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
sync
trends.revcontent.com/ 		62 B
569 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync?us_privacy=1YNN
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.131.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-131-63.compute-1.amazonaws.com
Software
envoy /
Resource Hash
4573039c8c07402b6a749813dc17988d4168363ab473c66b70eccda46b87b6ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sat, 06 Jan 2024 04:05:08 GMT
server
envoy
etag
"6e22e963-1537-427c-8572-8a5724cbb670"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
cache-control
max-age=600, private, s-maxage=0, stale-while-revalidate=1800
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
62
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 22:30:19 GMT
x-content-type-options
nosniff
age
279289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 22:30:19 GMT
/
www.telegraphherald.com/tncms/dmp/segment_audiences/ 		117 B
550 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.telegraphherald.com/tncms/dmp/segment_audiences/?anonymous_id=675a4335-017c-443f-af01-432eae7d67c3
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
3b398d5ef3d2215e7e5efe3598208e595d76acc848838628e36b14189673e1ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
X-Requested-Feature
geoip
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-length
107
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 06 Jan 2024 04:05:08 GMT
x-vcache
MISS
etag
W/a87bba5a97e43998c36fa81fcc4da3e5
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
x-tncms
1.72.4; app16; 0.31s; 0.6M
cache-control
public, max-age=300
accept-ranges
bytes
x-robots-tag
noarchive
/
www.telegraphherald.com/tncms/dmp/segment_audiences/ 		117 B
549 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.telegraphherald.com/tncms/dmp/segment_audiences/?anonymous_id=675a4335-017c-443f-af01-432eae7d67c3
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
3b398d5ef3d2215e7e5efe3598208e595d76acc848838628e36b14189673e1ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
X-Requested-Feature
geoip
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-length
107
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 06 Jan 2024 04:05:08 GMT
x-vcache
HIT
etag
W/a87bba5a97e43998c36fa81fcc4da3e5
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
x-tncms
1.72.4; app16; 0.31s; 0.6M
cache-control
public, max-age=300
accept-ranges
bytes
x-robots-tag
noarchive
count
count.api.pgs.io/ 		22 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://count.api.pgs.io/count
Requested by
Host: assets.publicgood.com
URL: https://assets.publicgood.com/pgm/v1/pgm-api.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.138.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-138-205.compute-1.amazonaws.com
Software
/
Resource Hash
fd8817c4d57193a7a32d38cf44152b33af3836180b0b491b26f9444ecf5b0cb4

Request headers

Accept
application/json
Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 06 Jan 2024 04:05:08 GMT
content-length
22
vary
Origin
content-type
application/json
tag
a.teads.tv/page/188551/ 		756 B
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/188551/tag
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.169.117 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-169-117.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e9e218d660dcf32ee875c91f7d889861ff9d08a85a7c77e79dae147dd001407

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, no-store
access-control-allow-credentials
true
content-length
474
expires
0
count
count.api.pgs.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://count.api.pgs.io/count
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.138.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-138-205.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.telegraphherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
content-length
0
date
Sat, 06 Jan 2024 04:05:08 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
v3
id5-sync.com/gm/ 		698 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
993c44a103075c6fb2ed65d00b213d5ca98034e3431fff18c5f4217cb35edb66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraphherald.com
date
Sat, 06 Jan 2024 04:05:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
id.sv.rkdms.com/identity/ 		2 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.telegraphherald.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.99.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-99-162.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.telegraphherald.com
date
Sat, 06 Jan 2024 04:05:08 GMT
access-control-allow-credentials
true
server
awselb/2.0
content-length
2
vary
Accept-Encoding
content-type
application/json
rid
match.adsrvr.org/track/ 		108 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
2feab8be6864869ca9e93d77c7e6ea200fe96153d6f19f06c4c67e1ed1830d17

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 05 Feb 2024 04:05:08 GMT
identity
api.rlcdn.com/api/ 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ppid
lexicon.33across.com/v1/ 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1YNN
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ppid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
p
api.segment.io/v1/ 		21 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.25.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-25-147.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraphherald.com
date
Sat, 06 Jan 2024 04:05:08 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=jilarcY-B0GLgNb1&instance=214610033&version=7.29.3-U&age=240106&cmd=GET&key=dtKKcuXb&c_id=13403&seq=1&order=2&vIndex=0&absoluteTime=3982.4&relativeTime=269.1&canonical=https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&EXTREF=https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&REF=https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&playerCfg=FP&playerType=FULL&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-16.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2db9dbe9e508943befef93ba539d3675a5e2c5701ce0671d5f2baab3070a116

Request headers

Referer
https://embed.sendtonews.com/
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
7tPeP2y06Lzrusrk7vibUMM21T6DB.Rc
content-encoding
br
via
1.1 c1cecf43ad8e18f031edf5229ce4289c.cloudfront.net (CloudFront), 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
date
Sat, 06 Jan 2024 01:40:35 GMT
x-amz-cf-pop
IAD61-P3, JFK50-P3
age
8673
x-cache
Hit from cloudfront
last-modified
Wed, 29 Nov 2023 22:05:10 GMT
server
AmazonS3
etag
W/"8c05f771b7f1423915f231f2744056e0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
Ju2Z4hN6stC5N3ULH0c-O0qBBN_WrHV-dzeI60GrfJfZDU1tw5Km9g==
0_mod.js
player.sendtonews.com/bidderFiles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0_mod.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-16.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a1cdf55e254eb5c720f7dd248b4b2b2936ca8fa27b571e5a8bd93675292ae92

Request headers

Referer
https://embed.sendtonews.com/
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
2VfNx06pPODr9icgt1sAaj3lCievnbd6
content-encoding
gzip
via
1.1 29f8ea05ee71cbbed039b0995b993502.cloudfront.net (CloudFront), 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 14:33:53 GMT
x-amz-cf-pop
ORD58-P2, JFK50-P3
age
48713
x-cache
Hit from cloudfront
last-modified
Mon, 27 Nov 2023 22:10:08 GMT
server
AmazonS3
etag
W/"88adb197b5dc52c641a635fd467dc1ec"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
h2W72GHlDzTFJvNeYgW-N-CwIEIhYEnOOEEXbIUGZ8813I-_PV0WTw==
w5vnv3hp1q1bjx0e0ei0z0imizcaysjb.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/w5vnv3hp1q1bjx0e0ei0z0imizcaysjb.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02d1a048a400e632c647d816bc658ba6d30dd3bb191e6ee4c46c6c1c3d996685

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
via
1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
59061
last-modified
Sat, 06 Jan 2024 03:40:54 GMT
server
AmazonS3
etag
"7162fe1b39e7d122bc0f032aa266b860"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
dwanvJ2-Zk3EKaFVmzQ4GmECNUtXr5q6uHKgU_NLdYol36LmgQvNwQ==
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 0C47 		185 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9000ac6e87387641c9ef778db9586e320bf451e28815384c5e72b689876bcc90
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3090471
etag
W/"551756787971b257da9f419bdc840bdf3a84e9696"
surrogate-control
max-age=63072000
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
max-age=3600
cf-ray
841114ba5ce739d8-YYZ
x-application-context
services-js-tag:default,prod:8089
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 19:48:06 GMT
x-content-type-options
nosniff
age
289022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 19:48:06 GMT
w5vnv3hp1q1bjx0e0ei0z0imizcaysjb.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/w5vnv3hp1q1bjx0e0ei0z0imizcaysjb.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02d1a048a400e632c647d816bc658ba6d30dd3bb191e6ee4c46c6c1c3d996685

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
via
1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
59061
last-modified
Sat, 06 Jan 2024 03:40:54 GMT
server
AmazonS3
etag
"7162fe1b39e7d122bc0f032aa266b860"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
1WLP5lAUFeMr2qXXGv588wVJteYH1nhtKbf6wnsxkye9DB9ISrCTxQ==
4iu1bn49fl0zlkk2w1fo7rgffc5288wm.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/4iu1bn49fl0zlkk2w1fo7rgffc5288wm.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
267128f420713bbdcc0ba74c5082e17f08bbb9437853f4c318cc69fe109272cc

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
via
1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
25030
last-modified
Sat, 06 Jan 2024 03:40:56 GMT
server
AmazonS3
etag
"3f863b07053a0cc7a9f682d27842ea1a"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
BZxmmE88QkRVe_sDrEcobZxuu-2XEXIjpebTOkr0XIhWiUiCsAUZrg==
tldmoy673pranim0w98gla0tfdymh91s.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/tldmoy673pranim0w98gla0tfdymh91s.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ec8af825756b9e093443f78a11f7a159654fcf3328609035ff777ff30fa4fca

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
via
1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
58301
last-modified
Sat, 06 Jan 2024 03:40:59 GMT
server
AmazonS3
etag
"4733a38aedbc3daa9edff34c88b1f336"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
RvoHxZmmjMu-ccBRx2yQ9BhukdfJSMq3Dhr9zUOyZr3cMWpFWF6MIA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0C47 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-230.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 be2c2de1ae578e4915f9466876d9de46.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
563iEIu0KrrZTvzJAjgRvr8399PBhIOXH8Nu5rgHJwohPJ5OWxnUHw==
6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
config.aps.amazon-adsystem.com/configs/ Frame 0C47 		564 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-41.phl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
fca1b23045b6c777d30be22aea1e625ed8240bbc298886c7f3c1fce209ebbac2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:47:49 GMT
via
1.1 0112af6219abab80a1c298e0563cf966.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
age
1039
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
jVy0w5E-d4IkfhQ-gxSyjPWZcheEajh3j2SlSJLEMH_Pi17DmzNf-g==
config
c.amazon-adsystem.com/cdn/prod/ Frame 0C47 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.telegraphherald.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.8.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-8-230.phl51.r.cloudfront.net
Software
Server /
Resource Hash
db474dcae6035d74edd4ebc274e72dfd03922a986af20695b13e292c817b78c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 01:21:28 GMT
via
1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
age
9819
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1764
x-amz-cf-id
LGS1iF9uBQi6USD3NsBcuYaFGmK4f1l8Cv2u8aKK-OpynReWQ-KdsA==
0p10p3ssq7r77714r75895ooq0r26675playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/0p10p3ssq7r77714r75895ooq0r26675playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
218577336e6a2edae26e856291a72ea8a715e2be0de917ab210e22262893b11c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
via
1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Sat, 06 Jan 2024 03:42:42 GMT
server
AmazonS3
etag
"3e8df2e9d3ec67295562221c6f79fb77"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
vaHMIKPOJ9fW3ywv_7pFmdVZc2DYvwn4x1GfwYh9xD5Ua8yB7X6NYg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=jilarcY-B0GLgNb1&instance=214610033&version=7.29.3-U&age=240106&cmd=IMA&key=dtKKcuXb&c_id=13403&seq=1&order=3&vIndex=0&absoluteTime=4180.4&relativeTime=467.1&EXTREF=https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&REF=https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&playerCfg=FP&recoveryMethod=NONE&imaVersion=3.609.1&blocked=false&recovered=false&hasAdParams=true&imaAttempt=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:08 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame A4DB 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
107544
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 22:12:45 GMT
expires
Fri, 03 Jan 2025 22:12:45 GMT
last-modified
Mon, 18 Dec 2023 19:42:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 04:05:09 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6FFF 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 06 Jan 2024 04:34:23 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 0C47 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.61.22.89 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-61-22-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sat, 06 Jan 2024 04:20:09 GMT
ima.js
cdn-ima.33across.com/ Frame 0C47 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:35 GMT
server
cloudflare
age
201586
etag
W/"65833ebf-2810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
841114bca8e4a223-YYZ
expires
Tue, 09 Jan 2024 04:05:09 GMT
hadron.js
cdn.hadronid.net/ Frame 0C47 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ref=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&_it=amazon&partner_id=694
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
6328
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
841114bca8084bc0-BUF
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
264.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/i/914/8.gif?id5id=ID5*WJlgUXdpkFsSL-8HE0kKIKagusxfdhkKd3zVISTiG0p6fNshoHVcY74G5tCcyVSuen0VxehHDxMO5qflxle4Fg&o=api&gdpr_consent=undefined&gdpr=false
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/914/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/914/2/7/2.gif?puid=6275356792805496052&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=6275356792805496052&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F1246%2F6%2F3.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://ce.lijit.com/merge?pid=92&3pid=6275356792805496052&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F1246%2F6%2F3.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/914/1246/6/3.gif?puid=H8a1dRZHPQrV2rfKTzKlkjn0&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F441%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/914/441/5/4.gif?puid=u_e2477fc0-fc38-492d-92dc-7ce5658ebf06&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
  • https://id5-sync.com/k/155.gif?puid=AAFtzE7LMaMAABbHcpkjgA&id5AccountNum=155&numCascadesAllowed=9
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/914/434/3/6.gif?puid=37a04d73-eea2-445a-958b-2cad8d91478a&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F796%2F2%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/914/796/2/7.gif?puid=25b650c7-f2d2-4411-ba54-29a42be8e0f5&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F914%2F108%2F1%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/914/108/1/8.gif?puid=35ad9ecb-865b-4122-8512-db436c0940f1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=756a3773-39ba-456b-9c41-5435aa35d5ec&ttl=%%TTL%%
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/264.gif?puid=756a3773-39ba-456b-9c41-5435aa35d5ec&ttl=%%TTL%%
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 06 Jan 2024 04:05:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/k/264.gif?puid=756a3773-39ba-456b-9c41-5435aa35d5ec&ttl=%%TTL%%
date
Sat, 06 Jan 2024 04:05:11 GMT
server
Kestrel
content-length
199
0p10p3ssq7r77714r75895ooq0r26675.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		594 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/0p10p3ssq7r77714r75895ooq0r26675.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f11dfc92c5735cc0f65cce140837aa55ac1a908570e4777a936b012ff9c3e6e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:10 GMT
via
1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
594
last-modified
Sat, 06 Jan 2024 03:43:02 GMT
server
AmazonS3
etag
"2c4af0e29e2a99ae9285cf66ea444b04"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
noLNJlgNYqudjAt4I2BlBVrYxBEr0jrlxri-c9APkTNUvLiVTgtosg==
498n5p5o2nn1717n9s5p0nr24s4n40n9base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		1 KB
2 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/498n5p5o2nn1717n9s5p0nr24s4n40n9base.en.vtt
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e2e249a6580dc37ec57c95d255ee8753b8e5e4e76e24221cc8697d78661c944

Request headers

Referer
https://www.telegraphherald.com/
Origin
https://www.telegraphherald.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:10 GMT
via
1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
1514
last-modified
Sat, 06 Jan 2024 03:43:44 GMT
server
AmazonS3
etag
"afbcdca66bacc2c5eb756a21de8e4a82"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
B-idfohgYzw2azRNYwE3kewbP6is68dxnuaMRd7aJgljP0OI0loq6g==
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160835&gdpr=0&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160835%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Ftr...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzQ4QjI0QzctRUUxNC00OUIzLUIzRUEtNUM5NDczNTFCRTgw&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY}
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEHWrhUtraBvURqdNA3BRXAA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=PM_CONSENT&p=160835&pmc=1&pr=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3Deafb16e4278043879dc81042f32043dd_2%...
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=eafb16e4278043879dc81042f32043dd_2&bidder=159&bidder_uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=eafb16e4278043879dc81042f32043dd_2&bidder=159&bidder_uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&callback=dspCMCallback
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
3.223.131.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-131-63.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sat, 06 Jan 2024 04:05:09 GMT
x-envoy-upstream-service-time
4
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=eafb16e4278043879dc81042f32043dd_2&bidder=159&bidder_uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&callback=dspCMCallback
date
Sat, 06 Jan 2024 04:05:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=revcontent&us_privacy=1YNN&rev_dt=1704513909277
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&us_privacy=1YNN&rev_dt=1704513909277
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=revcontent&bsw_custom_parameter=95f301e9-3dcc-400c-8987-bcc136cff5d7
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=95f301e9-3dcc-400c-8987-bcc136cff5d7&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D35ad9ecb-865b-4122-8512-db436c0940f1%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6275356792805496052&pt=35ad9ecb-865b-4122-8512-db436c0940f1%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=revcontent&bsw_param=95f301e9-3dcc-400c-8987-bcc136cff5d7
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=95f301e9-3dcc-400c-8987-bcc136cff5d7&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=95f301e9-3dcc-400c-8987-bcc136cff5d7&callback=dspCMCallback
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
3.223.131.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-131-63.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sat, 06 Jan 2024 04:05:10 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

Location
//trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=95f301e9-3dcc-400c-8987-bcc136cff5d7&callback=dspCMCallback
Date
Sat, 06 Jan 2024 04:05:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160835&gdpr=0&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160835%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Ftr...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzQ4QjI0QzctRUUxNC00OUIzLUIzRUEtNUM5NDczNTFCRTgw&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY}
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEHWrhUtraBvURqdNA3BRXAA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=PM_CONSENT&p=160835&pmc=1&pr=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3Deafb16e4278043879dc81042f32043dd_2%...
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=eafb16e4278043879dc81042f32043dd_2&bidder=159&bidder_uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=eafb16e4278043879dc81042f32043dd_2&bidder=159&bidder_uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&callback=dspCMCallback
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
3.223.131.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-131-63.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sat, 06 Jan 2024 04:05:09 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=eafb16e4278043879dc81042f32043dd_2&bidder=159&bidder_uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&callback=dspCMCallback
date
Sat, 06 Jan 2024 04:05:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=eafb16e4278043879dc81042f32043dd&us_privacy=1YNN&rev_dt=1704513909277
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=eafb16e4278043879dc81042f32043dd&us_privacy=1YNN&rev_dt=1704513909277
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=eafb16e4278043879dc81042f32043dd&bidder=154&bidder_uid=27ffab6f-94b0-42d5-8aaf-a11c789c2338&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=eafb16e4278043879dc81042f32043dd&bidder=154&bidder_uid=27ffab6f-94b0-42d5-8aaf-a11c789c2338&callback=dspCMCallback
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Server
3.223.131.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-131-63.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sat, 06 Jan 2024 04:05:09 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=eafb16e4278043879dc81042f32043dd&bidder=154&bidder_uid=27ffab6f-94b0-42d5-8aaf-a11c789c2338&callback=dspCMCallback
date
Sat, 06 Jan 2024 04:05:09 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
trends.revcontent.com/api/delivery/ 		29 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=273646&width=1600&us_privacy=1YNN&rev_allow_cookies=1&site_url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&icr_url=&va=0&user_uuid=6e22e963-1537-427c-8572-8a5724cbb670&time=1704513909282&up=pc&bn=chrome&bv=120&widget_width=1306&style_id=0&an=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.131.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-131-63.compute-1.amazonaws.com
Software
envoy /
Resource Hash
69f8d05410179967281d8713679d0637b6bb44b15fb7265ff46e132041d2e775
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Sat, 06 Jan 2024 04:05:09 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
124
teads-format.min.js
a.teads.tv/media/format/v3/ 		586 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.169.117 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-169-117.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1f1f4ee19ab75ef54a1a25c521696df2a643c719daa47b5b3c663be22e54b397

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
content-encoding
br
last-modified
Thu, 04 Jan 2024 17:15:55 GMT
x-amz-request-id
1H3TBV65QJC0S6YR
etag
"1ebd1fbf87c79a57c9a8c999f0a834e1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
2
accept-ranges
bytes
content-length
136624
x-amz-id-2
m/kobdI6951Ag7uXipGposn1WBJb0i5ZHxFC88vhwiQlfVfZ3IvgZ2sAHBWWj2133wuScJ3JkmQ=
expires
Sat, 06 Jan 2024 04:35:09 GMT
t
ds.reson8.com/v1/ Frame 0C47 		18 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ds.reson8.com/v1/t
Requested by
Host: cdn.resonate.com
URL: https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74df6a6e6baba23c158bc44b03c0e68cd743edffbf10942864e70e1414936b48
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:09 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
cf-ray
841114bdba2e36cf-YYZ
content-length
18
0p10p3ssq7r77714r75895ooq0r26675-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		517 KB
518 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/0p10p3ssq7r77714r75895ooq0r26675-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8c52071640408d26c3a5eda0769602a22f180c5a560985c355626bd05487427

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:10 GMT
via
1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
529408
last-modified
Sat, 06 Jan 2024 03:43:00 GMT
server
AmazonS3
etag
"66f5285f258ca2ae92d18edb515abe51"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
OqxOuclHc8TqFVlQKJD2W2kMf2X08CP0KGguV4MAByV2DJOjFJUV9Q==
envelope
lexicon.33across.com/v1/ Frame 0C47 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1YNN
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.telegraphherald.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
wigo-no-slot
sync.teads.tv/ Frame 9987 		325 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/wigo-no-slot
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.113.154 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-154.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
325
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 04:05:09 GMT
expires
Sat, 06 Jan 2024 04:05:09 GMT
pragma
no-cache
server
pekko-http/1.0.0
track
t.teads.tv/ 		23 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=c90b4323-b654-4bf0-8dd7-8cdbd414c17a&pageId=188551&pid=203656&debug_metadata=PgVgAcJo6O&fv=1309&ts=1704513909593&f=1&referer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.6.1.46 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-6-1-46.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=noSlot-BTF&env=js-web&auctid=c90b4323-b654-4bf0-8dd7-8cdbd414c17a&pageId=188551&pid=203656&fv=1309&ts=1704513909608&f=1&referer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.6.1.46 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-6-1-46.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sat, 06 Jan 2024 04:05:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.131.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-131-63.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
us-east-1a
date
Sat, 06 Jan 2024 04:05:09 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
css2
fonts.googleapis.com/ 		5 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7fd7424a4c35368a1f74b59332c21ad08e4570bf827d921c0af2dda5cec60bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 04:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 02:59:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jan 2024 04:05:09 GMT
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
703dd3e688e7899681a6392e30559611bc0bd9ed7d09e27208192b4806ba6d03

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 14:56:38 GMT
content-encoding
br
via
1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 18:14:17 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
60563
x-amz-server-side-encryption
AES256
etag
W/"5e684ec32476aededa83d80069c00cef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
7sp2MnaPOxGkIvlrpdOnAKsfAE4eS_HJm0jXuuthW5hXtZEuO2NRIg==
defaultWidget.delivery.js
assets.revcontent.com/master/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b97bd70e65d13ee703d75cc21cb905ee2a417ee419c611d72ff99f657dc84bd9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:14:25 GMT
content-encoding
br
via
1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 18:14:17 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
39047
x-amz-server-side-encryption
AES256
etag
W/"31e57ef7cfbaf94a1518f009c42df217"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
isYMbELXYyDTJBUV8bpYnWnS0_L0_l_tZaseEzqYXPr4tjv4U2YgPA==
/
img.revcontent.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-13.ewr53.r.cloudfront.net
Software
envoy /
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Tue, 03 Oct 2023 17:55:57 GMT
via
1.1 2b32055d9226f21c6a6dab015aed37ce.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 15:43:57 GMT
server
envoy
x-amz-cf-pop
EWR53-C1
age
8158152
etag
"a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33"
x-cache
Hit from cloudfront
content-type
image/png
x-envoy-upstream-service-time
22
alt-svc
h3=":443"; ma=86400
content-length
1351
x-amz-cf-id
w5M1rtIBjusgaJqdF7IygdT9tGZL08YMEr7hh---_ySjFKv_xhbWqQ==
0p10p3ssq7r77714r75895ooq0r26675.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		596 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/0p10p3ssq7r77714r75895ooq0r26675.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3-U/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-96.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9498b377973f729d312661890a576be9de50d311efe0e31d970ebcb7ca6d30ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:10 GMT
via
1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
596
last-modified
Sat, 06 Jan 2024 03:43:04 GMT
server
AmazonS3
etag
"6b3adb46d68b000b467c8a7673d8308e"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
Rg-jjV238RFqfeJbPhyetPWtX1pSq6XFcoSlnEyJKCCzMBKidb0Ykg==
/
www.telegraphherald.com/tncms/access/meter/ 		416 B
785 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.telegraphherald.com/tncms/access/meter/
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
c99db44c082e11064426559cd34190be5989a7449fa6d0798f822fe64f0fe26d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 06 Jan 2024 04:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-length
254
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
x-vcache
MISS
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
x-tncms
1.72.4; app17; 0.02s; 0.6M
cache-control
private, no-cache, no-store, max-age=0
vary
X-IPCountry, Accept-Encoding
x-robots-tag
noarchive
access-control-allow-headers
X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User
6579d5f74a3c43-55531327.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6579d5f74a3c43-55531327.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-83.phl50.r.cloudfront.net
Software
cloudflare /
Resource Hash
303fd8202d1802662065652c8b5292a3ad13349d6dd7c266ed9d35448614c8a4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 23:08:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
363423
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
9622
last-modified
Thu, 14 Dec 2023 01:08:18 GMT
server
cloudflare
etag
"23c2754f631d32fa18a878874ef200e9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83ee6c253de13ae8-IAD
timing-allow-origin
*
x-amz-cf-id
G-2GZouKMsr-yJ-BzuIUKl_qEzm9qxMgQ6PHvU5n47Z3gTz8Xi1SHA==
6524208f113f70-74038214.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6524208f113f70-74038214.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-83.phl50.r.cloudfront.net
Software
cloudflare /
Resource Hash
85846963c1b2759630628514ee385e0682d7f871250ae95e5291f84333742a2a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 16:52:39 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
213151
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
9683
last-modified
Tue, 10 Oct 2023 17:23:06 GMT
server
cloudflare
etag
"c0647c8e1cc84dfca5e42c86af11d755"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83fcc0e32aeb6fc7-IAD
timing-allow-origin
*
x-amz-cf-id
9LTdi2Au9UK5SxyUfzfIivkQyQuv57vJIWQWomcIGL6KPdsdOzgR1g==
64fb2641f35bc3-17181804.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/64fb2641f35bc3-17181804.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-83.phl50.r.cloudfront.net
Software
cloudflare /
Resource Hash
40f148723ebe71ada50997a6b1a9ad0b5a747912e162941e687f97d2046d16e6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:29:47 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
308123
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
23662
last-modified
Fri, 08 Sep 2023 14:02:38 GMT
server
cloudflare
etag
"02ca3619e301d3cfde37ad813d5a141d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83f3b23e28f55908-IAD
timing-allow-origin
*
x-amz-cf-id
zRexOll73fGHmN2YAYskgbz3Q7EVAi4if5KnY1SevTaFP3G7fRfrJw==
642142bb0a7553-99882629.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/642142bb0a7553-99882629.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-83.phl50.r.cloudfront.net
Software
cloudflare /
Resource Hash
c42bcb3cd4ce1c3ee33a4c7d2ef9364769e4ff10d1528c292b1896c433cb3618
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 23:52:21 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
187969
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
14194
last-modified
Fri, 23 Jun 2023 11:41:55 GMT
server
cloudflare
etag
"a92e04117cbec9016c1c69151dd76421"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83ff27addeb2599e-IAD
timing-allow-origin
*
x-amz-cf-id
Sk30bbTK3Ltc4wscD06Bk-2wb53dzpd9BTXoDX4fl3IsBzuqqkX06w==
654fe03e0cdf82-34322131.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/654fe03e0cdf82-34322131.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-83.phl50.r.cloudfront.net
Software
cloudflare /
Resource Hash
d3111d3e4c0634518a5fe1141b90e486a4b1f4d588dd1b5d862a23f39c22eae1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Thu, 04 Jan 2024 14:29:59 GMT
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
135311
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
19876
last-modified
Sat, 11 Nov 2023 20:16:31 GMT
server
cloudflare
etag
"a347f0ca877efa3479c4c5f0c90ab3b2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83ca7fa9cd323ade-IAD
timing-allow-origin
*
x-amz-cf-id
IL_y_tdGiY8HMt9tH8ca7HMlAiCXdP-dP-_s9cPTtocpTEqUuBzR9g==
6594c5a96ad915-06285519.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6594c5a96ad915-06285519.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-83.phl50.r.cloudfront.net
Software
cloudflare /
Resource Hash
a6528d76a385bf0d4983787d085cf29e4bd66c40d08f4ea1a57c89ead58afce0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 04:05:33 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
259177
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
17309
last-modified
Wed, 03 Jan 2024 04:05:27 GMT
server
cloudflare
etag
"9c38db5a15e59a9448c6fcb2e51f1487"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83f85d328cae81e8-IAD
timing-allow-origin
*
x-amz-cf-id
W6UpbaMhWk0N-y1DMoF3wQ9zRYVmVbgAHgKGv5GQaBPOAfp_QAn3Vw==
ec38ca193859b73ad618cb7856a0c7af.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ec38ca193859b73ad618cb7856a0c7af.jpeg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-83.phl50.r.cloudfront.net
Software
cloudflare /
Resource Hash
288f8aaa5795af93056cc14170471a1eae81b4c7dab175ed51ebe90b394822a2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 05:19:47 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
168323
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12735
last-modified
Thu, 04 Jan 2024 05:08:57 GMT
server
cloudflare
etag
"4cfdc021a5e215b702b5cc2222f89701"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
840107523948394a-IAD
timing-allow-origin
*
x-amz-cf-id
AIAQn8VS483ZyVfmKtywYisJO5eTFjXnZn8AelZkuSXATUOve-tnlQ==
1d71f9445e61419437e863d581c93fa6.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/1d71f9445e61419437e863d581c93fa6.jpg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-83.phl50.r.cloudfront.net
Software
cloudflare /
Resource Hash
06da8c9c6a2c622a5ae9607d0db059654dca4ea437d761ed4e1d5457b927b61f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 02 Jan 2024 20:36:54 GMT
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
286096
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
10891
last-modified
Tue, 19 Dec 2023 05:12:13 GMT
server
cloudflare
etag
"4ec225178d1dd94aa0262eeea7c75542"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83bc1e5e3dc63b59-IAD
timing-allow-origin
*
x-amz-cf-id
VAA5U9AU_f22deJgYdf8j_-35_g6MTUG02wUMq3pHpq-yifkXOsZMA==
6570c1fe78e195-38630693.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6570c1fe78e195-38630693.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-83.phl50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
c2d8433c388c8128f98e5b9a0ee1b8f6b086fc247272c0cbd0463f81d5128f2d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 02 Jan 2024 17:24:10 GMT
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
297660
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13081
last-modified
Wed, 06 Dec 2023 23:59:01 GMT
server
Cloudinary
etag
"af1bc3b843a8d70ebe875ac7e0115a6a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ietJ--cNS_c2Euu08dyG5w6Y89fjJwEcqlkzNo9Is-xfH0x24caZAA==
8aaa9d49dd43022e9232751926fb9ce5.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/8aaa9d49dd43022e9232751926fb9ce5.jpeg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-83.phl50.r.cloudfront.net
Software
cloudflare /
Resource Hash
fbfea16fc4457f6479e5190631345ba462bf54d44c2552e8314e71b53b81e268
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 02 Jan 2024 03:42:47 GMT
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
346943
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12787
last-modified
Thu, 08 Jun 2023 15:26:58 GMT
server
cloudflare
etag
"fbaac68c827f46549e319ddf145436b9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83b650d9ca0e20ae-IAD
timing-allow-origin
*
x-amz-cf-id
-mSe6-rhS4zl0vsRRI3Dap85NnIxr1UDdzl41CYQ_DUXENNlhSel-A==
69fe13e85ed0abbce405670e0e2b67eb.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/69fe13e85ed0abbce405670e0e2b67eb.jpeg
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-83.phl50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
57da53d201c0d142dbe4ba29215330ad0bd45b192f6840019dd3f38d9297878f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 10:26:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
63549
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11637
last-modified
Mon, 25 Dec 2023 20:36:20 GMT
server
Cloudinary
etag
"f3ecc1d1708f3daf296a612b1cebf67b"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
sGl7Q3rBfCTHb0w_iLq_QIliD_HvG69so5GpHbWVusa10BdpR04Z6Q==
a1d6bc6dae42eca24a305b2f7330bb21.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/a1d6bc6dae42eca24a305b2f7330bb21.png
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-83.phl50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
ebcc871f8f7aff9137cd9552ffd1344010c3608753057a3eb09a2a97b37855d7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Wed, 03 Jan 2024 22:53:51 GMT
x-content-type-options
nosniff
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
191479
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
22274
last-modified
Mon, 11 Dec 2023 11:50:09 GMT
server
Cloudinary
etag
"e61c93ca983443e4aff38651eec87ea2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
WdwShKPuIhR-x7Q3BHADBe_EbXvBEYv9ksAUa9jvpa1MpC3U5OTx-Q==
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.131.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-131-63.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.telegraphherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.telegraphherald.com
content-length
0
date
Sat, 06 Jan 2024 04:05:10 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.131.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-131-63.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.telegraphherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.telegraphherald.com
content-length
0
date
Sat, 06 Jan 2024 04:05:10 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
dbc.js
assets.revcontent.com/master/ 		143 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/dbc.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ef3bf18994e09356dfb0f0e9aca831010d53792358d80bb2cfaa1d2af6b1f1f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 09:10:07 GMT
content-encoding
br
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 18:14:16 GMT
server
AmazonS3
age
68104
x-amz-cf-pop
PHL50-C1
etag
W/"6a7ba60b3faa6223a4edc1ce376fca1f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
8nZUWY3vMjLtrCdySeVPsbVB-RVu_Sw74TMfmbvDx6VYAxVkCB_aVw==
dbc.css
assets.revcontent.com/master/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/dbc.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-108.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df5bb57668506d7e274a2a73f94769eaa8557fea9fcd627f027d4c0302c7cc22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:57:23 GMT
content-encoding
gzip
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 18:14:17 GMT
server
AmazonS3
age
51117
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
etag
W/"db5414caa298df0d267de911685db74f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jDDqRq5qZl8iF_DSlUJGwRRnaNBYO5tpuQQH3XIKot1QAudF-1ZpRA==
page-view
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.131.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-131-63.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://www.telegraphherald.com
date
Sat, 06 Jan 2024 04:05:10 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.131.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-131-63.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://www.telegraphherald.com
date
Sat, 06 Jan 2024 04:05:10 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
84062fc8-a3fe-11ed-9545-938ccd782e2c.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/custom/image/84062fc8-a3fe-11ed-9545-938ccd782e2c.jpg?resize=750%2C63
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098febc0d0ea7ff5edd7991f8ea8db5997c8f2ca32bbeb0ab2da5b28f0c96c35
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:10 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
5
cf-polished
qual=85, origFmt=jpeg, origSize=10687
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="84062fc8-a3fe-11ed-9545-938ccd782e2c.webp"
content-length
8512
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Feb 2023 20:08:25 GMT
server
cloudflare
x-vcache
MISS
etag
"a076aaa44296e3449d9be9ce9c5169e2"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
841114c2bbd836a2-YYZ
expires
Sat, 30 Nov 2024 08:12:10 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=994743783&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&dp=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ul=en-us&de=UTF-8&dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscription&ea=wall&el=Private%20Browsing%20%7C%20Hard%20Paywall&ev=0&_u=aGDAAUIZAAQCAGAMIAB~&jid=&gjid=&cid=1290357590.1704513907&tid=UA-1002501-1&_gid=67798460.1704513907&gtm=45He4130n71PDQV3Nv72758733&gcd=11l1l1l1l1&dma=0&z=706921078
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 19:41:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30241
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=994743783&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&dp=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ul=en-us&de=UTF-8&dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscription&ea=wall&el=Private%20Browsing%20%7C%20Hard%20Paywall&ev=0&_u=aGDAgUIZAAQCAGAMIAB~&jid=&gjid=&cid=1290357590.1704513907&tid=UA-54716522-7&_gid=67798460.1704513907&gtm=45He4130n71PDQV3Nv72758733&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=yes&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&cd15=3.155.0&cd16=true&cd17=Page%20View&cd20=cc48af36-ab4b-11ee-93fb-b78c101851bb&cm1=298&gcd=11l1l1l1l1&dma=0&z=233581058
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 19:41:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30241
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=994743783&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&dp=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ul=en-us&de=UTF-8&dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Access%20Control&ea=Access%20Rule%20Change&el=Private%20Browsing%20%7C%20Hard%20Paywall&ev=0&_u=aGDAAUIZAAQCAGAMIAB~&jid=&gjid=&cid=1290357590.1704513907&tid=UA-1002501-1&_gid=67798460.1704513907&gtm=45He4130n71PDQV3Nv72758733&gcd=11l1l1l1l1&dma=0&z=1930189520
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 19:41:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30241
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=994743783&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&dp=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ul=en-us&de=UTF-8&dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscription&ea=productImpressionsFinished&el=services%20displayed%20to%20user&ev=0&_u=aGDAAUIZAAQCAGAMIAB~&jid=&gjid=&cid=1290357590.1704513907&tid=UA-1002501-1&_gid=67798460.1704513907&gtm=45He4130n71PDQV3Nv72758733&gcd=11l1l1l1l1&dma=0&il1nm=Article&il1pi1id=d9d70676-2fe9-11ee-9040-27ce94e053d8&il1pi1nm=Become%20part%20of%20our%20online%20community!&il1pi1pr=0&il1pi1va=Subscribe%20Today&il1pi1br=TelegraphHerald.com&il1pi1ca=subscription&il1pi1ps=1&z=1309792474
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 19:41:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30241
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=994743783&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&dp=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ul=en-us&de=UTF-8&dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscription&ea=productImpressionsFinished&el=services%20displayed%20to%20user&ev=0&_u=aGDAgUIZAAQCAGAMIAB~&jid=&gjid=&cid=1290357590.1704513907&tid=UA-54716522-7&_gid=67798460.1704513907&gtm=45He4130n71PDQV3Nv72758733&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=yes&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&cd15=3.155.0&cd16=true&cd17=Page%20View&cd20=cc48af36-ab4b-11ee-93fb-b78c101851bb&cm1=298&gcd=11l1l1l1l1&dma=0&il1nm=Article&il1pi1id=d9d70676-2fe9-11ee-9040-27ce94e053d8&il1pi1nm=Become%20part%20of%20our%20online%20community!&il1pi1pr=0&il1pi1va=Subscribe%20Today&il1pi1br=TelegraphHerald.com&il1pi1ca=subscription&il1pi1ps=1&z=66027701
Requested by
Host: www.telegraphherald.com
URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 19:41:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30241
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		277 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&pid=U0yv4d5EHUfMR&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1009963%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-554570%22%2C%22s%22%3A%5B%22960x60%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%2C%7B%22sd%22%3A%22ad-559358%22%2C%22s%22%3A%5B%22500x500%22%5D%2C%22sn%22%3A%22%2F132916964%2C55274853%2Ftelegraphherald.com%2Fnews%2Ftri-state%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*WJlgUXdpkFsSL-8HE0kKIKagusxfdhkKd3zVISTiG0p6fNshoHVcY74G5tCcyVSuen0VxehHDxMO5qflxle4Fg%22%2C%22pubcommon%22%3A%228749cfda-56a6-4ffe-9100-1f7990b11996%22%2C%22audigent%22%3A%22060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm6g4ko6gywigwiew6kwomy%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.12.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-12-225.phl51.r.cloudfront.net
Software
Server /
Resource Hash
07c8e4f9532be4b9b68c22095d9f7e19066c153c4af1aacd6e711c1cf5f1ab7c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:10 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL51-P1
x-amz-rid
7KXJEXARGTB6FYY2EEYN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
277
x-amz-cf-id
gVKVbjIk1O4GBMdTB_BbVzuA9aNh35ALLqCcstjLu2lld14kqTKdaQ==
t
api.segment.io/v1/ 		21 B
179 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.25.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-25-147.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraphherald.com
date
Sat, 06 Jan 2024 04:05:10 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3123529034125019&correlator=3893389602636260&eid=31080197&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&us_privacy=1YNN&iu_parts=132916964%3A55274853%2Ctelegraphherald.com%2Cnews%2Ctri-state&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C960x60%7C970x250%2C500x500&ifi=1&didk=3106112522~2002308561~1954143341&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704513910790&lmt=1704491316&adxs=2000%2C1320%2C1350&adys=56%2C127%2C3509&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=1%7C2%7C3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&vis=1&psz=4000x1%7C1360x60%7C1310x500&msz=4000x1%7C1360x60%7C1310x500&fws=1028%2C1028%2C1028&ohw=4000%2C4000%2C4000&ga_vid=1290357590.1704513907&ga_sid=1704513911&ga_hid=994743783&ga_fc=true&ga_cid=67798460.1704513907&a3p=EhsKDGlkNS1zeW5jLmNvbRjH1cjnzTFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGMnTyOfNMUgAEhcKCHJ0YmhvdXNlGKDTyOfNMUgAUgIIahIbCgwzM2Fjcm9zcy5jb20YxtPI580xSABSAghvEhkKCnVpZGFwaS5jb20Yq9DI580xSABSAghkEhkKCnB1YmNpZC5vcmcY8NLI580xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKvQyOfNMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lXbEowV0dNcmMwdFNVRXRDUTJOVFZHbzJjMWhtVVQwOUluMD0Y59XI580xSAA.&dlt=1704513905468&idt=1221&prev_scp=pos%3Dsticky-anchor%2CTHFlex-Footer-Anchor-Ad%2Cimpact-sticky-anchor%26amznbid%3D2%26amznp%3D2%7Cpos%3DTHFlex-Homepage-Slider%2CATF%26amznbid%3D2%26amznp%3D2%7Cpos%3DTHFlex-Sticky-Note%2CATF%26amznbid%3D2%26amznp%3D2&cust_params=browser%3DChrome%26asset_id%3Dcc48af36-ab4b-11ee-93fb-b78c101851bb%26k%3Ddubuque-county-iowa%252Cdubuque-iowa%26page%3Dasset%252Carticle%252Capp-editorial%26las%3Danonymous%252C514&adks=1863230483%2C2451652745%2C1850785976&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756d6295a51b2f869d5f76a1e0b9a3dbc98480e1f5d4280308ec377ab356cd0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
467
x-xss-protection
0
google-lineitem-id
-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
90cb115e82623b375d8d3ff0d604a8ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6898 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://90cb115e82623b375d8d3ff0d604a8ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 04:05:10 GMT
expires
Sun, 05 Jan 2025 04:05:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iu3
s.amazon-adsystem.com/ Frame C78E 		406 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4df10e77d0617b16a87268cda7454535a98046a9270aa1b4e669db030c0f3a8f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
406
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 06 Jan 2024 04:05:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
M03T9X7A6BF642VBJPD6
pr
s.amazon-adsystem.com/v3/ Frame C61E 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
daad2a8861de7ca7cf5d9dd6a62be235b8e66505ad544229c82c2536a664394c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
4285
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 06 Jan 2024 04:05:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PQCW0TZD73A491371AGQ
ecm3
s.amazon-adsystem.com/ Frame C61E
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=95f301e9-3dcc-400c-8987-bcc136cff5d7
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=95f301e9-3dcc-400c-8987-bcc136cff5d7
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SRKZWR3JBS5DSEDWWSBH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=95f301e9-3dcc-400c-8987-bcc136cff5d7
Date
Sat, 06 Jan 2024 04:05:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame C61E
Redirect Chain
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=d38cfde5-5637-41e3-9daa-5e30cff1fa5d
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=d38cfde5-5637-41e3-9daa-5e30cff1fa5d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
68QERZMRFXEQB6KQS421
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=d38cfde5-5637-41e3-9daa-5e30cff1fa5d
access-control-allow-origin
*
date
Sat, 06 Jan 2024 04:05:10 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ecm3
s.amazon-adsystem.com/ Frame C61E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?id=AAFtzE7LMaMAABbHcpkjgA&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAFtzE7LMaMAABbHcpkjgA&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8QSG8EXE4QPJ84Y6XFDZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAFtzE7LMaMAABbHcpkjgA&ex=beeswax.com
Date
Sat, 06 Jan 2024 04:05:10 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame C61E
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=200B2E0CB8414762BA8761BD47B84685&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=200B2E0CB8414762BA8761BD47B84685&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EQNJ2AYVW4VNR3Z3BBRS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 06 Jan 2024 04:05:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=200B2E0CB8414762BA8761BD47B84685&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 05 Jan 2024 04:05:11 GMT
ecm3
s.amazon-adsystem.com/ Frame C61E
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded2231a6268927omfk00lr1jkn49
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded2231a6268927omfk00lr1jkn49
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8MWCFQ87WVPR2EKP8R7M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 06 Jan 2024 04:05:11 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded2231a6268927omfk00lr1jkn49
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
amzns2s
rtb.gumgum.com/usync/ Frame 029C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.2.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-2-103.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b8ee3a5190db871f74e9cd3ce5888d30627b19659b825302c5eb1c2f043d40c8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 06 Jan 2024 04:05:10 GMT
etag
W/"0c2a447838c223e9f6bb7a325f13b59f5"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 8B16
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
899 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1887827b60daa72a69c058bf9a70f119d8e33cae447772efe05198e08227c658

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
841114c82adf3a0a-YYZ
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 04:05:11 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EdqWWKWsnZv2t9yCdhcQJxINzOIaOHrDZbXNkKyr%2BbmANelAk1yUGeTDagK7SPbbBDHqz6y8byt4M9Yuk8ZXKiE9%2FueJWH%2BtDUOAmQtoYAZy745Omkv5AiCs4eL%2BZzxJE7qCT9cAJu82A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
841114c7ca6d3a0a-YYZ
content-length
0
date
Sat, 06 Jan 2024 04:05:11 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhT%2FgKyZbO46%2BReZGEXdahHnwTO1grWqA8oSQKF%2Bac4Yo8YEoTzqbD6jSHW1GlMUV%2B8MbE1p9cIIKz8fqM4qhjR5mBhYfuPi7qDYcih0QzQgSGJ%2BTMhlp1nzEa9jGHLY4ICWohu9YlvtQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync-iframe
cs-tam.minutemedia-prebid.com/ Frame CCDF 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:6c00:17:c484:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
ea08e4586cd7b908b32366b97bfa2172c495859f7571f375f51a7615cf5706e4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-tam.minutemedia-prebid.com
content-type
text/html
date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
x-amz-cf-id
ADws48cQJoFlX4JnClg9v261NrkvBSaj1RE3ROLYnEsAlGTO__2edg==
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
cm
u.openx.net/w/1.0/ Frame 85EE 		860 B
839 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
dc0b8df366a8235deb10e29959393515342ca346cb4b8ce720ba88cd5369e9c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
526
content-type
text/html
date
Sat, 06 Jan 2024 04:05:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame D535
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5888498526697502103&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5888498526697502103&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NGCPZR49GPDN89NTHWT5

Redirect headers

content-length
0
date
Sat, 06 Jan 2024 04:05:10 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5888498526697502103&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame C844
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=189dbddfc73b1404&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHQb1-37Ya2QNrpt1fAAAAAAA&expiration=1704600311&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHQb1-37Ya2QNrpt1fAAAAAAA&expiration=1704600311&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
B6WMQEAFT00HA8AH1MXB

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Sat, 06 Jan 2024 04:05:11 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHQb1-37Ya2QNrpt1fAAAAAAA&expiration=1704600311&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
/
match.sharethrough.com/jwumXNuB/v1/ Frame AF33 		888 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.39.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-39-164.compute-1.amazonaws.com
Software
/
Resource Hash
bd563965819028a1730d5f21588a5eba6ca26a77b0342f3ee6d3f9ac64b08252

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
888
date
Sat, 06 Jan 2024 04:05:11 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 47C2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.113.15 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131067
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 06 Jan 2024 04:05:10 GMT
expires
Sun, 07 Jan 2024 16:29:37 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CC2B 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 04:05:11 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 224F
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
849 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
b6b4fd69d2dfe3bff77049e56659a60ea8cae09d4cfa046b9cc071711294d1ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
849
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-5b8764964b-6c5xp
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-5b8764964b-48z5n
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 6EED
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mS25DaEFSRTJ1TFd2eVlrTU5iZ2RSXzZEdm81LkMubn5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mS25DaEFSRTJ1TFd2eVlrTU5iZ2RSXzZEdm81LkMubn5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PYS38S5VEQWRW0W2X7PX

Redirect headers

age
1
content-length
0
date
Sat, 06 Jan 2024 04:05:11 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mS25DaEFSRTJ1TFd2eVlrTU5iZ2RSXzZEdm81LkMubn5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame 406A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=6275356792805496052&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6275356792805496052&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
E5HPZATEA52Q5M73FRWC

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
aed5463a-0a29-42db-8330-e327b1ce7098
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 06 Jan 2024 04:05:10 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=6275356792805496052&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.246.196; 96.9.246.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame A79F
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2307e30636e16da8771e5472d067c2383db4e73a3a56a207312a35fab34008cc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
489
Content-Type
text/html
Date
Sat, 06 Jan 2024 04:05:11 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap5ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
usersync
usersync.gumgum.com/ Frame 029C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6275356792805496052
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6275356792805496052
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
an-x-request-uuid
472ccf40-68f7-4bba-8875-4819083e8382
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=6275356792805496052
x-proxy-origin
96.9.246.196; 96.9.246.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 029C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_e2477fc0-fc38-492d-92dc-7ce5658ebf06&gdpr=&gdpr_consent=&us_privacy=
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=95f301e9-3dcc-400c-8987-bcc136cff5d7
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=326e3936-28b2-4dda-98e0-db998f56f572&ssp=gumgum2&bsw_param=95f301e9-3dcc-400c-8987-bcc136cff5d7
  • https://usersync.gumgum.com/usersync?b=bsw&i=95f301e9-3dcc-400c-8987-bcc136cff5d7&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=95f301e9-3dcc-400c-8987-bcc136cff5d7&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=95f301e9-3dcc-400c-8987-bcc136cff5d7&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 06 Jan 2024 04:05:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 029C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=418acc5a-6a98-4353-bca4-1c9623dc25c6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=418acc5a-6a98-4353-bca4-1c9623dc25c6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 06 Jan 2024 04:05:11 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=418acc5a-6a98-4353-bca4-1c9623dc25c6
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 029C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-e2894fce-c1ed-5d59-67cb-02b220d95487$ip$96.9.246.196
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-e2894fce-c1ed-5d59-67cb-02b220d95487$ip$96.9.246.196
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-e2894fce-c1ed-5d59-67cb-02b220d95487$ip$96.9.246.196
Date
Sat, 06 Jan 2024 04:05:11 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 029C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-GvQTkThE2pciFZL1rTfxwhpaa0_BApP2zSp0~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-GvQTkThE2pciFZL1rTfxwhpaa0_BApP2zSp0~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 06 Jan 2024 04:05:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-GvQTkThE2pciFZL1rTfxwhpaa0_BApP2zSp0~A
content-length
0
usersync
usersync.gumgum.com/ Frame 029C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=159c90d9-9aff-49b9-a802-d9cf630f16a4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=159c90d9-9aff-49b9-a802-d9cf630f16a4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=159c90d9-9aff-49b9-a802-d9cf630f16a4
Date
Sat, 06 Jan 2024 04:05:11 GMT
Connection
keep-alive
X-CI-RTID
eb75c9ee-8ea8-4896-b238-7e4746cef98c
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 029C 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 06 Jan 2024 04:05:10 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 029C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_e2477fc0-fc38-492d-92dc-7ce5658ebf06&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=u_e2477fc0-fc38-492d-92dc-7ce5658ebf06&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=3VfD4bsxSztVr9Ck4xFV
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=3VfD4bsxSztVr9Ck4xFV
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=3VfD4bsxSztVr9Ck4xFV
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 029C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=iOoH03D3US82&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=iOoH03D3US82&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
3.219.2.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-2-103.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=iOoH03D3US82&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-6c5xp
expires
-1
usersync
usersync.gumgum.com/ Frame 029C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4810022746794177802
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4810022746794177802
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4810022746794177802
date
Sat, 06 Jan 2024 04:05:10 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 029C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_e2477fc0-fc38-492d-92dc-7ce5658ebf06
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WDN750AVRVW69XFENRVE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame F799
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=3039340663876897512&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=3039340663876897512&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 06 Jan 2024 04:05:11 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=3039340663876897512&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame B16F 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9lMjQ3N2ZjMC1mYzM4LTQ5MmQtOTJkYy03Y2U1NjU4ZWJmMDY=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 04:05:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8AC5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.113.15 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131066
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 06 Jan 2024 04:05:11 GMT
expires
Sun, 07 Jan 2024 16:29:37 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 9C19
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=756a3773-39ba-456b-9c41-5435aa35d5ec
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=756a3773-39ba-456b-9c41-5435aa35d5ec
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Sat, 06 Jan 2024 04:05:11 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=756a3773-39ba-456b-9c41-5435aa35d5ec
server
Kestrel
usersync
usersync.gumgum.com/ Frame 11E0
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZjRd8Co8YEAAIJ0fssAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZZjRd8Co8YEAAIJ0fssAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 06 Jan 2024 04:05:11 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZZjRd8Co8YEAAIJ0fssAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40129.dc2p.scaleout.jp
X-SO-IP
96.9.246.196
X-SO-Key
ZZjRd8Co8YEAAIJ0fssAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"96.9.246.196","key":"ZZjRd8Co8YEAAIJ0fssAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40129"}
X-SO-LB-Hostname
m-tgng29.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40129
usersync
usersync.gumgum.com/ Frame F2E3
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=ROPjEdTDvG-gaZ19khcPcdkVq4jP6gqo12IEbvzFvss&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=ROPjEdTDvG-gaZ19khcPcdkVq4jP6gqo12IEbvzFvss&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:11 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 06 Jan 2024 04:05:11 GMT Sat, 06 Jan 2024 04:05:11 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=ROPjEdTDvG-gaZ19khcPcdkVq4jP6gqo12IEbvzFvss&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 918A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 04:05:11 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 06 Jan 2024 04:05:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ecm3
s.amazon-adsystem.com/ Frame 85EE 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=ee611457-5e27-c0ff-1bd1-8eec83bfef60
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ACJNP891VYJ3P813HXX8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58294/ Frame 85EE 		0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=9873eba3-9ae7-414c-88f8-cd717c2fd0e9
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
db_sync
px.ads.linkedin.com/ Frame 85EE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=e371174c-8fca-4d65-84a6-8c88d2174558
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0e602d286a22a5b7d5c50d32c1fe3c70198ed9e3e87a5cd04fa1798fc2570812791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0e602d286a22a5b7d5c50d32c1fe3c70198ed9e3e87a5cd04fa1798fc2570812791426b5417dce21&rand=06721825
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0e602d286a22a5b7d5c50d32c1fe3c70198ed9e3e87a5cd04fa1798fc2570812791426b5417dce21&rand=06721825&expected_cookie=ffab8fbc-3208-4379-8810-622a5707421c
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0e602d286a22a5b7d5c50d32c1fe3c70198ed9e3e87a5cd04fa1798fc2570812791426b5417dce21&rand=06721825&expected_cookie=ffab8fbc-3208-4379-8810-622a5707421c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 1444759235DF4243896047DC1365AAA6 Ref B: NYCEDGE1421 Ref C: 2024-01-06T04:05:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOPxI4ITnNldWlWGqrGQ==

Redirect headers

date
Sat, 06 Jan 2024 04:05:10 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A14CB13F735B4F4399B66EA10F1AEBD2 Ref B: NYCEDGE1421 Ref C: 2024-01-06T04:05:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=0e602d286a22a5b7d5c50d32c1fe3c70198ed9e3e87a5cd04fa1798fc2570812791426b5417dce21&rand=06721825&expected_cookie=ffab8fbc-3208-4379-8810-622a5707421c
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOPxI10ZlS14XpSv6tkg==
sd
us-u.openx.net/w/1.0/ Frame 85EE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6275356792805496052
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6275356792805496052
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
an-x-request-uuid
ff9c9daf-2681-49dd-a40c-c3a50ee80c6e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6275356792805496052
x-proxy-origin
96.9.246.196; 96.9.246.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 85EE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8826346638743762313&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8826346638743762313&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8826346638743762313&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 85EE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZZjRdwAMaNY9yABd
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZjRdwAMaNY9yABd&_test=ZZjRdwAMaNY9yABd
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZjRdwAMaNY9yABd&_test=ZZjRdwAMaNY9yABd
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4573-YYZ
pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704513911.204435,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZjRdwAMaNY9yABd&_test=ZZjRdwAMaNY9yABd
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 47C2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66040429&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a3720dddf8a432ae45248a890d6fbc494326637aca97e247ae90e35b513dc44e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 06 Jan 2024 04:05:11 GMT
content-length
1837
content-type
text/html; charset=UTF-8
crum
dsum-sec.casalemedia.com/ Frame 8B16
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZjRdzUh5G.Pa.K62WwKmQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFDe5IcOr279_-DRX0eOn5g&google_cver=1&google_hm=2
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFDe5IcOr279_-DRX0eOn5g&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVS0wm8f2yKchESUHUF4K4ghfuqr0WZEBrUdjsoLOeB88nFPl%2BggwjYEBWj%2BoA%2FdRMsOHLWrjif83koZN4p6c4CJO6tkkDY1wBoJdn%2FsuOCt8f%2BBAZZawBy%2BYW1zx6F%2BkNCRjFJdAIqHEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841114c96f8b36b5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFDe5IcOr279_-DRX0eOn5g&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pippio.com/api/ Frame 8B16
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZjRdzUh5G.Pa.K62WwKmQAA%26997&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZjRdzUh5G.Pa.K62WwKmQAA%26997&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=897ec219bc3042369a2d6c8e882b010c
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=897ec219-bc30-4236-9a2d-6c8e882b010c
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=e0e70242-e7fb-4d35-80e1-470268c0b506%3A1704513911.5290954&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3De0e70242-e7fb-4d35...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155610672804&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3De0e702...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=e0e70242-e7fb-4d35-80e1-470268c0b506%3A1704513911.5290954&pid=500040&it=1&iv=e0e70242-e7fb-4d35-80e1-470268c0b506%3A1704513911.5290954&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704513911.5310578&iv=e0e70242-e7fb-4d35-80e1-470268c0b506:1704513911.5290954
42 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704513911.5310578&iv=e0e70242-e7fb-4d35-80e1-470268c0b506:1704513911.5290954
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704513911.5310578&iv=e0e70242-e7fb-4d35-80e1-470268c0b506:1704513911.5290954
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
usermatchredir
ssum-sec.casalemedia.com/ Frame 8B16
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZjRdzUh5G-Pa-K62WwKmQAAA-UAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMzCSwHfgd80fGeFhjrFk3k&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMzCSwHfgd80fGeFhjrFk3k&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7kETCbzFABwdEL6TEMULUoq2hqeGsgZuGQ4G6JQ3qgZ0fLy7GvGdJh9usfY%2BxJFvyEXJtEZhPRXoAyvFVDULk%2Fru45Swj0elAU4EYSMT%2BR5pYfg1dlQs2%2BgDpzxnfG37KjummRgaTu79A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841114c8ff0436b5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMzCSwHfgd80fGeFhjrFk3k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8B16 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZjRdzUh5G-Pa-K62WwKmQAAA-UAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3WDZA113CHXE49W74PSC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8B16
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFtzE7LMaMAABbHcpkjgA&expiration=1705723511
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFtzE7LMaMAABbHcpkjgA&expiration=1705723511
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICUp9xKgB0Gz33npqrdqjIcsjFshQaimNfC3t46HstPuFYKoM9vpKjDbuGpS%2Bgum2%2FNVqkDwGERBIhgtV09ctSDQWGoW4K0BbW3xboK5bui68FoSk97mUzY2m6qSQnW5rDg3gDCWEr21uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841114c8feff36b5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFtzE7LMaMAABbHcpkjgA&expiration=1705723511
Date
Sat, 06 Jan 2024 04:05:11 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 8B16
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=t0lKuhBW1RlXVR5
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=t0lKuhBW1RlXVR5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8ooi2N%2B80RLePTWvdLu6xV2dfXzfui1%2F3tsBRvhorpfsmS0V263Zx3fEkDPW1ZCIhqIvJpGSmGde%2FWniT5JQxIes6n%2FmD5NZ1XGXNXPAHS%2FywT9lnkFyOab%2F06xbMtDJ3rqSKQR5GPlLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841114ca592236b5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:10 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-075c2ed310ac109cf@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=t0lKuhBW1RlXVR5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame 8B16 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.70.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-70-213.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
ecm3
s.amazon-adsystem.com/ Frame 8B16 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZZjRdzUh5G-Pa-K62WwKmQAAA-UAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
66CN21152DZSD9ST8AKR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 15AC
Redirect Chain
  • https://um4.eqads.com/um/cs
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=cdca3095-0577-42e9-9d87-4288e2b0da63&expiration=1712376311
43 B
729 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=cdca3095-0577-42e9-9d87-4288e2b0da63&expiration=1712376311
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
841114c9b81e36b5-YYZ
content-length
43
content-type
image/gif
date
Sat, 06 Jan 2024 04:05:11 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHwhc%2BXdixanLczt4ueRH8K3dfr4hqFkcvHIzvX2Zq0d3DtDAzugBKpWTpSq603RMUu0HawG1lqZMRi6vpeoiRRfShOZyE7OpRBxnJwzf0uTFn2ia74B4zlv4u7KsYzjczTFiwSnY39ZQg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Sat, 06 Jan 2024 04:05:11 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=cdca3095-0577-42e9-9d87-4288e2b0da63&expiration=1712376311
usync.js
eus.rubiconproject.com/ Frame CC2B 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a80d1993e63c25da02fc8722f0f8245299792aa67545d94dad859d216fb24e62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:11 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 00:10:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72270
Connection
keep-alive
Content-Length
13173
Expires
Sun, 07 Jan 2024 00:09:41 GMT
rtset
bh.contextweb.com/bh/ Frame 224F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=c2JGZlJsMURNVkJVakxnbnV2RHBlUQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEO5aMkEb5BYuNqFFW66Eof0&google_cver=1
49 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEO5aMkEb5BYuNqFFW66Eof0&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-6c5xp
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEO5aMkEb5BYuNqFFW66Eof0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 224F
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=1b26782669fb146d&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF5TgQu5o8JQNQRq40AAAAAAA&expiration=1704600311&nuid=&is_secure=true&gdpr_consent=&gdpr=0
49 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF5TgQu5o8JQNQRq40AAAAAAA&expiration=1704600311&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-6c5xp
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF5TgQu5o8JQNQRq40AAAAAAA&expiration=1704600311&nuid=&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 224F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=iOoH03D3US82&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WB3E7QSKVXDRC1XE22EJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame A79F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=H8a1dRZHPQrV2rfKTzKlkjn0&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5SACCCKQ608CNY7D8RD4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
aae7bfe1-d93c-4404-adc3-8a36b9f7a821.gif
us2.shb-sync.com/ Frame A79F
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://us2.shb-sync.com/aae7bfe1-d93c-4404-adc3-8a36b9f7a821.gif?puid=31dd3e50-6558-503b-90b6-df2a2d4829a3&redir=[RED]&gdpr=0&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us2.shb-sync.com/aae7bfe1-d93c-4404-adc3-8a36b9f7a821.gif?puid=31dd3e50-6558-503b-90b6-df2a2d4829a3&redir=[RED]&gdpr=0&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
80.77.85.115 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Server
nginx
Location
https://us2.shb-sync.com/aae7bfe1-d93c-4404-adc3-8a36b9f7a821.gif?puid=31dd3e50-6558-503b-90b6-df2a2d4829a3&redir=[RED]&gdpr=0&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
merge
ce.lijit.com/ Frame A79F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=95f301e9-3dcc-400c-8987-bcc136cff5d7
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=95f301e9-3dcc-400c-8987-bcc136cff5d7
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a6d47c8d-a05a-47fe-b092-6f6dc52e52ab&user_group=1&ssp=fmx&bsw_param=95f301e9-3dcc-400c-8987-bcc136cff5d7
  • https://ce.lijit.com/merge?pid=26&3pid=95f301e9-3dcc-400c-8987-bcc136cff5d7&gdpr=&gdpr_consent=&us_privacy=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=95f301e9-3dcc-400c-8987-bcc136cff5d7&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=95f301e9-3dcc-400c-8987-bcc136cff5d7&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 06 Jan 2024 04:05:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame A79F
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDhhMWRSWkhQUXJWMnJmS1R6S2xram4w&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDhhMWRSWkhQUXJWMnJmS1R6S2xram4w&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 06 Jan 2024 04:05:11 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDhhMWRSWkhQUXJWMnJmS1R6S2xram4w&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame A79F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=dkU67yRBNOBtRGblc0cu4HIVN-JtFTS2JRW4TiRt
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=dkU67yRBNOBtRGblc0cu4HIVN-JtFTS2JRW4TiRt
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=dkU67yRBNOBtRGblc0cu4HIVN-JtFTS2JRW4TiRt
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame A79F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1704513911313
  • https://ad.turn.com/r/cs?pid=45&rndcb=7256306851
  • https://sync.1rx.io/usersync/turn/8826346638743762313?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005
date
Sat, 06 Jan 2024 04:05:11 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd6edbbc6366d4d9a9900ae9f2a590340005
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame AF33 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=b9ed420b-d370-43e3-9928-b5fc34289316
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BZHWCM0V8MYXK4WN0XJD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame AF33
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
107.20.39.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-39-164.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=
date
Sat, 06 Jan 2024 04:05:11 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame AF33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YjllZDQyMGItZDM3MC00M2UzLTk5MjgtYjVmYzM0Mjg5MzE2
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
107.20.39.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-39-164.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AF33
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7cc7f35bff31404&is_secure=true&networkId=17100&version=1&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHHG_NH9QroQNJPL6FAAAAAAA&expiration=1704600311&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&...
42 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHHG_NH9QroQNJPL6FAAAAAAA&expiration=1704600311&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 04:05:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHHG_NH9QroQNJPL6FAAAAAAA&expiration=1704600311&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
v1
match.sharethrough.com/sync/ Frame AF33
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=b9ed420b-d370-43e3-9928-b5fc34289316&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=95f301e9-3dcc-400c-8987-bcc136cff5d7&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=sharethrough&user_id=LvvcVAPxcBFbtOxpsgdc0
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=95f301e9-3dcc-400c-8987-bcc136cff5d7&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=95f301e9-3dcc-400c-8987-bcc136cff5d7&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
107.20.39.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-39-164.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=95f301e9-3dcc-400c-8987-bcc136cff5d7&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Sat, 06 Jan 2024 04:05:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=4810022746794177802&gdpr=0&gdpr_consent=
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=4810022746794177802&gdpr=0&gdpr_consent=
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=4810022746794177802&gdpr=0&gdpr_consent=
date
Sat, 06 Jan 2024 04:05:10 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://csync.loopme.me/?pubid=11555&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21511&id=8f06ada0-1f4a-4926-90d1-3a7551a95bba&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21511&id=8f06ada0-1f4a-4926-90d1-3a7551a95bba&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21511&id=8f06ada0-1f4a-4926-90d1-3a7551a95bba&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
date
Sat, 06 Jan 2024 04:05:11 GMT
server
_
content-length
0
image.sbmx
global.ib-ibi.com/ Frame CCDF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=95f301e9-3dcc-400c-8987-bcc136cff5d7&ssp=minutemedia&gdpr=0&gdpr_consent=
  • https://global.ib-ibi.com/image.sbmx?go=298769&pid=541&xid=10599292096464791424&ssp=minutemedia&gdpr=0&gdpr_consent=
0
0
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212409987125821
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212409987125821
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212409987125821
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=2fee8a2e-3d1f-4451-a347-158cab8fae65
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=2fee8a2e-3d1f-4451-a347-158cab8fae65
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Sat, 06 Jan 2024 04:05:11 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=2fee8a2e-3d1f-4451-a347-158cab8fae65
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZZjRdzUh5G.Pa.K62WwKmQAA%26997
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZZjRdzUh5G.Pa.K62WwKmQAA%26997
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZ%2BezG0v2%2BAgHGRzi21YbSIGKldXQ50EMHtzM7PnBln0sPT1DzmnyVZE0zzQsiIjAnkoKpaUs1WtOiIN9ozvOFbU3Gr5xexCPe5z4flzfySOPNykyaJhMooqfrpohRhAXVHnRPvEDPpy5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZZjRdzUh5G.Pa.K62WwKmQAA%26997
cache-control
no-cache
cf-ray
841114c93f5a36b5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=f0aa40034ebb4ae56492bf9b19a6570a
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=f0aa40034ebb4ae56492bf9b19a6570a
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs.minutemedia-prebid.com/cs?aid=21502&id=f0aa40034ebb4ae56492bf9b19a6570a
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=37a04d73-eea2-445a-958b-2cad8d91478a
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=37a04d73-eea2-445a-958b-2cad8d91478a
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-99
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=37a04d73-eea2-445a-958b-2cad8d91478a
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=78bc7582-4aff-4291-8237-21782e61496c
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=78bc7582-4aff-4291-8237-21782e61496c
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Server
nginx
Location
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=78bc7582-4aff-4291-8237-21782e61496c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=27ffab6f-94b0-42d5-8aaf-a11c789c2338
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=27ffab6f-94b0-42d5-8aaf-a11c789c2338
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
//cs.minutemedia-prebid.com/cs?aid=21503&id=27ffab6f-94b0-42d5-8aaf-a11c789c2338
date
Sat, 06 Jan 2024 04:05:11 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID...
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=iOoH03D3US82&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=iOoH03D3US82&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=iOoH03D3US82&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-6c5xp
expires
-1
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=1578769649556390020185
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=1578769649556390020185
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=1578769649556390020185
date
Sat, 06 Jan 2024 04:05:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
merge
ce.lijit.com/ Frame CCDF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&zcc=1&cb=1704513911312
  • https://ad.turn.com/r/cs?pid=45&rndcb=5046860981
  • https://sync.1rx.io/usersync/turn/8826346638743762313?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005
date
Sat, 06 Jan 2024 04:05:11 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd6edbbc6366d4d9a9900ae9f2a590340005
content-type
text/html
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=VEhZQll55Zll1DlKhYW9&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=VEhZQll55Zll1DlKhYW9&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=VEhZQll55Zll1DlKhYW9&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://b1sync.zemanta.com/usersync/disqus?puid=ua-51a3a1c2-1931-3cc9-9e34-baf81c870a7f&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D33%26buyeruid%3D__ZUID__%2...
  • https://ssp.disqus.com/match?bidder=33&buyeruid=3VfD4bsxSztVr9Ck4xFV&r=Cid1YS01MWEzYTFjMi0xOTMxLTNjYzktOWUzNC1iYWY4MWM4NzBhN2YQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD...
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS01MWEzYTFjMi0xOTMxLTNjYzktOWUzNC1iYWY4MWM4NzBhN2YQ____________ASpZa...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F17285%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D8047baa0-cde4-4736-a6fc-1f5761b53376%26bidder%...
  • https://prebid.a-mo.net/cchain/0/17285?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=8047baa0-cde4-4736-a6fc-1f5761b53376&bidder=appnexus&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyP...
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F17285%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D8047baa0-cde4-473...
  • https://prebid.a-mo.net/cchain/3/17285?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=8047baa0-cde4-4736-a6fc-1f5761b53376&bidder=sovrn&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNp...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F17285%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%2...
  • https://prebid.a-mo.net/cchain/4/17285?us_privacy=1---&gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=8047baa0-cde4-4736-a6fc-1f5761b53376&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRj...
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F17285%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D8047baa0-cde4-4736-a6fc-1...
  • https://prebid.a-mo.net/cchain/5/17285?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=8047baa0-cde4-4736-a6fc-1f5761b53376&bidder=amx_com&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPU...
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F17285%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D8047baa0-cde4-...
  • https://prebid.a-mo.net/cchain/6/17285?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=8047baa0-cde4-4736-a6fc-1f5761b53376&bidder=openx&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNp...
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F17285%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D8047baa0...
  • https://prebid.a-mo.net/cchain/7/17285?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=8047baa0-cde4-4736-a6fc-1f5761b53376&bidder=adform&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUN...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS01MWEzYTFjMi0xOTMxLTNjYzktOWUzNC1iYWY4MWM4NzBhN2YQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS01MWEzYTFjMi0xO...
  • https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-51a3a1c2-1931-3cc9-9e34-baf81c870a7f
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-51a3a1c2-1931-3cc9-9e34-baf81c870a7f
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:12 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-51a3a1c2-1931-3cc9-9e34-baf81c870a7f
pragma
no-cache
date
Sat, 06 Jan 2024 04:05:12 GMT
cache-control
no-store
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3686&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21517&id=d1318d810f1f85ba93697617a26cc52&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21517&id=d1318d810f1f85ba93697617a26cc52&gdpr_consent=&gdpr=0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.minutemedia-prebid.com/cs?aid=21517&id=d1318d810f1f85ba93697617a26cc52&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1704513911351058-113
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=b9ed420b-d370-43e3-9928-b5fc34289316&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=b9ed420b-d370-43e3-9928-b5fc34289316&gdpr=0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21496&id=b9ed420b-d370-43e3-9928-b5fc34289316&gdpr=0
date
Sat, 06 Jan 2024 04:05:11 GMT
content-length
0
sn.ashx
pmp.mxptint.net/ Frame CCDF
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=e058962e0a5146d&is_secure=true&networkId=17100&version=1&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHQb1-37Ya4gN8xc6nAAAAAAA&expiration=1704600311&nuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&...
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_10ED87404_A5FCC5B3&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
38.68.201.140 Ashburn, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-387518711; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:10 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-387518711; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sat, 06 Jan 2024 04:05:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=3VfD4bsxSztVr9Ck4xFV
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=3VfD4bsxSztVr9Ck4xFV
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Content-Type
text/html; charset=utf-8
Location
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=3VfD4bsxSztVr9Ck4xFV
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
98
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=6275356792805496052
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=6275356792805496052
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
an-x-request-uuid
f978451b-4e23-48f1-8d05-ef088e60d564
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=6275356792805496052
x-proxy-origin
96.9.246.196; 96.9.246.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=H8a1dRZHPQrV2rfKTzKlkjn0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=H8a1dRZHPQrV2rfKTzKlkjn0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Sat, 06 Jan 2024 04:05:11 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=H8a1dRZHPQrV2rfKTzKlkjn0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame CCDF
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1&rts=-928482247952724185
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=44ae8766-9d2d-5306-8099-fc5ae5012d2d
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=44ae8766-9d2d-5306-8099-fc5ae5012d2d
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=44ae8766-9d2d-5306-8099-fc5ae5012d2d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
ecm3
s.amazon-adsystem.com/ Frame CCDF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=minutemedia.com&id=lPex-lgzCp_mm
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VF506WB4ERK6WM4JGHG7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame C00D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-tam.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 04:05:11 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 06 Jan 2024 04:05:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame DEC1 		2 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-tam.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
dcm
s.amazon-adsystem.com/ Frame 7FD3 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=348B24C7-EE14-49B3-B3EA-5C947351BE80&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SMS4YV462RVFXD07ZMX9
ecm3
s.amazon-adsystem.com/ Frame 8ADB 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID348B24C7-EE14-49B3-B3EA-5C947351BE80
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
2RNP8G1B9KEMCQV1AN7P
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 47C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NIskx-4USbOz6lyUc1G-gA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.37.113.15 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=131066
accept-ranges
bytes
content-length
5622
expires
Sun, 07 Jan 2024 16:29:37 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 47C2
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=348B24C7-EE14-49B3-B3EA-5C947351BE80
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=35ad9ecb-865b-4122-8512-db436c0940f1&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=35ad9ecb-865b-4122-8512-db436c0940f1&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=46953725378786933631167846734667393259&pt=35ad9ecb-865b-4122-8512-db436c0940f1%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=46953725378786933631167846734667393259&pt=35ad9ecb-865b-4122-8512-db436c0940f1%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

dcs
dcs-prod-usw2-2-v050-07c9d6af1.edge-usw2.demdex.com 2 ms
pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
HtjNlvP9Rp0=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=46953725378786933631167846734667393259&pt=35ad9ecb-865b-4122-8512-db436c0940f1%2C%2C
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 47C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20348B24C7-EE14-49B3-B3EA-5C947351BE80&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 47C2
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 06 Jan 2024 04:05:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=348B24C7-EE14-49B3-B3EA-5C947351BE80&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Sat, 06 Jan 2024 04:05:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 47C2
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:200B2E0CB8414762BA8761BD47B84685
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.203.70.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-70-213.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT

Redirect headers

location
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
date
Sat, 06 Jan 2024 04:05:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
95
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame 47C2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=348B24C7-EE14-49B3-B3EA-5C947351BE80
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=348B24C7-EE14-49B3-B3EA-5C947351BE80
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=348B24C7-EE14-49B3-B3EA-5C947351BE80
date
Sat, 06 Jan 2024 04:05:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
348B24C7-EE14-49B3-B3EA-5C947351BE80
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 47C2 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/348B24C7-EE14-49B3-B3EA-5C947351BE80?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:75af:f069:585e:f21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 47C2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LcGsmBJE2uUxWtNbpUaZxssDup1ciQ8-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LcGsmBJE2uUxWtNbpUaZxssDup1ciQ8-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LcGsmBJE2uUxWtNbpUaZxssDup1ciQ8-~A&gdpr=0
date
Sat, 06 Jan 2024 04:05:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cs
cs.minutemedia-prebid.com/ Frame 47C2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=25b650c7-f2d2-4411-ba54-29a42be8e0f5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=348B24C7-EE14-49B3-B3EA-5C947351BE80
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=348B24C7-EE14-49B3-B3EA-5C947351BE80
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=348B24C7-EE14-49B3-B3EA-5C947351BE80
date
Sat, 06 Jan 2024 04:05:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
khaos.json
token.rubiconproject.com/ Frame CC2B 		7 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1YNN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
usync.js
eus.rubiconproject.com/ Frame 918A 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a80d1993e63c25da02fc8722f0f8245299792aa67545d94dad859d216fb24e62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:11 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 00:10:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72270
Connection
keep-alive
Content-Length
13173
Expires
Sun, 07 Jan 2024 00:09:41 GMT
ecm3
s.amazon-adsystem.com/ Frame CC2B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1YNN&khaos=LR1JKKMD-1X-4SS
  • https://s.amazon-adsystem.com/ecm3?id=LR1JKKMD-1X-4SS&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LR1JKKMD-1X-4SS&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S6AJPV1JXN60KT1PB94A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LR1JKKMD-1X-4SS&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b08c627b67f10e75995ce6908d3f9f7b
Expires
0
khaos.json
token.rubiconproject.com/ Frame 918A 		7 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1YNN&khaos=LR1JKKMD-1X-4SS
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
usersync
usersync.gumgum.com/ Frame 918A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1YNN&khaos=LR1JKKMD-1X-4SS
  • https://usersync.gumgum.com/usersync?b=mag&i=LR1JKKMD-1X-4SS&us_privacy=1YNN
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LR1JKKMD-1X-4SS&us_privacy=1YNN
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LR1JKKMD-1X-4SS&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1537ef2fe96d186f089f142283d9817a
Expires
0
usync.js
eus.rubiconproject.com/ Frame C00D 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a80d1993e63c25da02fc8722f0f8245299792aa67545d94dad859d216fb24e62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 04:05:11 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 00:10:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72270
Connection
keep-alive
Content-Length
13173
Expires
Sun, 07 Jan 2024 00:09:41 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame CC2B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1YNN
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EN3F5KRKH1BY6PJH8CZK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame CC2B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YNN
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rvODd7PdRHuS21xzisbjxQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rvODd7PdRHuS21xzisbjxQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rvODd7PdRHuS21xzisbjxQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SJ4D10EPN0BFRHPKEZDG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rvODd7PdRHuS21xzisbjxQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1537ef2fe96d186f089f142283d9817a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame CC2B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1YNN
  • https://s.amazon-adsystem.com/ecm3?id=LR1JKKMD-1X-4SS&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LR1JKKMD-1X-4SS&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J7JDS2MTASYNSK4DCZJQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LR1JKKMD-1X-4SS&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1537ef2fe96d186f089f142283d9817a
Expires
0
pixel
cm.g.doubleclick.net/ Frame CC2B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNN
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjE5M2U1YmU0Y2U4YjcxYjA0Y2NiNDUwOGVkMjQ0YmZlNjFmZjEyMw&us_privacy=1YNN
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjE5M2U1YmU0Y2U4YjcxYjA0Y2NiNDUwOGVkMjQ0YmZlNjFmZjEyMw&us_privacy=1YNN
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjE5M2U1YmU0Y2U4YjcxYjA0Y2NiNDUwOGVkMjQ0YmZlNjFmZjEyMw&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CC2B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNN
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFIxSktLTUQtMVgtNFNT&us_privacy=1YNN
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI-bezIjD3s9cxPDYo0b1cM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFIxSktLTUQtMVgtNFNT&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFIxSktLTUQtMVgtNFNT&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFIxSktLTUQtMVgtNFNT&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame CC2B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNN
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/KcQlkUI1irWf1KI9vRiFJw?csrc=&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WJ.FUqdE2oLiGmC8O_Qq8VAk_F8J.Ph18xojTQ--~A
42 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WJ.FUqdE2oLiGmC8O_Qq8VAk_F8J.Ph18xojTQ--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
1537ef2fe96d186f089f142283d9817a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 06 Jan 2024 04:05:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WJ.FUqdE2oLiGmC8O_Qq8VAk_F8J.Ph18xojTQ--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame CC2B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1YNN
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR1JKKMD-1X-4SS&us_privacy=1YNN
0
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR1JKKMD-1X-4SS&us_privacy=1YNN
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:10 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7AA2F29B31404D02BDBDB7711EA6BB20 Ref B: NYCEDGE1421 Ref C: 2024-01-06T04:05:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOPxI2AIUtI5I90kxuOQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR1JKKMD-1X-4SS&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CC2B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=&expires=30
42 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=756a3773-39ba-456b-9c41-5435aa35d5ec&gdpr=0&gdpr_consent=&expires=30
date
Sat, 06 Jan 2024 04:05:11 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame CC2B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELsdqxs3CywlVzEyPP9NQsU&google_cver=1
42 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELsdqxs3CywlVzEyPP9NQsU&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
1537ef2fe96d186f089f142283d9817a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELsdqxs3CywlVzEyPP9NQsU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CC2B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFtzE7LMaMAABbHcpkjgA&expires=30
42 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFtzE7LMaMAABbHcpkjgA&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
1537ef2fe96d186f089f142283d9817a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFtzE7LMaMAABbHcpkjgA&expires=30
Date
Sat, 06 Jan 2024 04:05:11 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame CC2B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=25b650c7-f2d2-4411-ba54-29a42be8e0f5&expires=30&us_privacy=1YNN
42 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=25b650c7-f2d2-4411-ba54-29a42be8e0f5&expires=30&us_privacy=1YNN
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
1537ef2fe96d186f089f142283d9817a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=25b650c7-f2d2-4411-ba54-29a42be8e0f5&expires=30&us_privacy=1YNN
Date
Sat, 06 Jan 2024 04:05:11 GMT
Connection
keep-alive
X-CI-RTID
2492f916-ed85-41c6-b32c-e3826e75c3a4
Content-Length
164
Content-Type
text/html; charset=utf-8
pixel
capi.connatix.com/us/ Frame CC2B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1YNN
  • https://capi.connatix.com/us/pixel?puid=LR1JKKMD-1X-4SS&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNN
  • https://capi.connatix.com/us/pixel?puid=LR1JKKMD-1X-4SS&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNN&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LR1JKKMD-1X-4SS&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNN&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
841114cc38dc548b-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 06 Jan 2024 04:05:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LR1JKKMD-1X-4SS&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNN&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
841114cb9812548b-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
merge
ce.lijit.com/ Frame CC2B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&us_privacy=1YNN
  • https://ce.lijit.com/merge?pid=80&3pid=LR1JKKMD-1X-4SS&us_privacy=1YNN
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LR1JKKMD-1X-4SS&us_privacy=1YNN
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 04:05:11 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LR1JKKMD-1X-4SS&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame CC2B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1YNN
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR1JKKMD-1X-4SS&us_privacy=1YNN
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR1JKKMD-1X-4SS&us_privacy=1YNN
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR1JKKMD-1X-4SS&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
magnite
prebid.a-mo.net/setuid/ Frame CC2B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1YNN
  • https://prebid.a-mo.net/setuid/magnite?uid=LR1JKKMD-1X-4SS&us_privacy=1YNN
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LR1JKKMD-1X-4SS&us_privacy=1YNN
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:10 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LR1JKKMD-1X-4SS&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1537ef2fe96d186f089f142283d9817a
Expires
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame CC2B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1YNN
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LR1JKKMD-1X-4SS&us_privacy=1YNN
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR1JKKMD-1X-4SS
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR1JKKMD-1X-4SS&ckls=true&ci=c6b05UMwiz&nc=false&trid=609699267
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR1JKKMD-1X-4SS&ckls=true&ci=c6b05UMwiz&nc=false&trid=609699267
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-minuteMedia_n-Azerion_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_pm-db5_n-simpli.fi_rbd_ppt_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.224.214.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-10.phl50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
8aS_61M4hLAUEDPHViOjIUlC-FaAt3UEr5zqFdvFhcEqwArapT0QlQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:11 GMT
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR1JKKMD-1X-4SS&ckls=true&ci=c6b05UMwiz&nc=false&trid=609699267
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
OMfCNhGjWc1me_JcjkaigyfKiSkLwH_HIbmLSGHNA4JqieshHstVHg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame C00D 		7 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1YNN&khaos=LR1JKKMD-1X-4SS
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
cs
cs.minutemedia-prebid.com/ Frame C00D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&us_privacy=1YNN&khaos=LR1JKKMD-1X-4SS
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LR1JKKMD-1X-4SS&us_privacy=1YNN
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LR1JKKMD-1X-4SS&us_privacy=1YNN
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-158-177.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:11 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LR1JKKMD-1X-4SS&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1KSYYTLTZT&gtm=45je4130v9117990098&_p=1704513905654&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1290357590.1704513907&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&dp=%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sid=1704513907&sct=1&seg=1&_s=2&tfd=7757
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1KSYYTLTZT&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegraphherald.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1aa0a58e73057ad95a24aa404da1142e84867e72f88a305019bef79ed0903012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12196
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJWBF3J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jan 2024 03:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
803
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 06 Jan 2024 05:51:49 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=994743783&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&ul=en-us&de=UTF-8&dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&_u=aGDAAUIZAAQCAGAMIAB~&jid=&gjid=&cid=1290357590.1704513907&tid=UA-1002501-1&_gid=67798460.1704513907&gtm=45He4130n81KJWBF3Jv851426746&gcd=11l1l1l1l1&dma=0&z=416128955
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 19:41:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30243
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
659778fd8ca13.image.jpg
bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/8/66/8661c160-3a21-5189-9f71-e9340927af18/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/telegraphherald.com/content/tncms/assets/v3/editorial/8/66/8661c160-3a21-5189-9f71-e9340927af18/659778fd8ca13.image.jpg?crop=591%2C590%2C154%2C0&resize=100%2C100&order=crop%2Cresize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26241669b48bb0072bdf59745249f64aa861cff309a371d908a0e745f3574ff5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:12 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=4262
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="659778fd8ca13.webp"
cf-bgj
imgq:85,h2pri
last-modified
Fri, 05 Jan 2024 03:35:27 GMT
server
cloudflare
x-vcache
MISS
etag
"c59766d43f7a46d18144f3eede975d15"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
841114d3ef2836a2-YYZ
expires
Sat, 04 Jan 2025 07:15:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 06 Jan 2024 04:05:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F808 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
5357
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 02:35:56 GMT
expires
Sun, 05 Jan 2025 02:35:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FA52 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6b36993de8613368e7fb3b9034501d00d0d5c4413d3dd501c90938f53638a6be
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cMkhwR6HVF945DFhBA2v1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.telegraphherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-cMkhwR6HVF945DFhBA2v1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 04:05:13 GMT
expires
Sat, 06 Jan 2024 04:05:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F808 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:30:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
5658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Jan 2025 02:30:55 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 47C2 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:26:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ Frame FA52 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=3123529034125019&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F808 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TuZf0Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=3123529034125019&bg=!ycqlyoXNAAY3kmNgF5I7ADQBe5WfOKFVv2YqIOleuHwNozb4qhanfJGxAseXIqSxEVk_DK_Lz2ow509Tc5yTk01a_m6pAgAAAINSAAAABWgBB5kCxyeMKDm2QuuNsoPO5hmwRi-B8ihpPcOFqgueD5-sEwV9cdztiDKkZWLKjBRaHcVmWQgpvUVg6iquOD3g7rELI2VuRM56T8VyZDOedMh6CH-f5xgZQSQuNMY6lClX70xXenpEO9qJxv3nbhCLjywhtsRFV_H2iIIVQ_ikaKG4gsNIAE_HGsKvdIddMW8DnH_0cdXL_ylgLR5T-y8kEy8FYjY_xl6IQQ2KKf_9HlZYOaKuG7zkWLW1hWuVU6miwsuAahrbn3A1H1DMeyYgFQ0A7bQRZKlj9GIdrwZP5R5lZN6U9Ba8TL_8Kf1Brcqzi3UHCxJtVOT_HPUF6ykOzU-ql6X7Lqi7zSKDLMieKn7bZMxWre7AiOicCLiCGrn19guC2gpihFNJtb5k5-FTBgUasP5EmtqNyGrD39kAsGE_HZODfL5_33D4z27A1QllRRAj7oLAgioPSvKc2i1NuFBUCrY9awFftcQ6O2K2yV3HWsLvB1nF2P5E6AUre09h4R-rsh_h9WExEx1-74xC2Tec2kEFtPfdzXw-6Kj8_WaKMXT1dGpob8y32UExocTJm5BZ9_h4GZX5Bq_nqkaPRkJ3kWnETt1yUsp9uRQ-47nWwNiu2j05elOkOg9uVzrpfqdgGceWAap_s5B2oKFG1Q32PJ9BgziWyzaI_d1yAEz25a02PHM0FQK6HrPcvmCFaHyP03yQ756gHLpVfwVbQVSzPWQrkom4QYX1UyQPx8iwN0xn-_tzIaIHyXZEEyewS60PFqHV3BgOr_ErBKP-Z2-Epw9F79ONH28eGN9drvUguPgHje2m4PvuJTh1tC0G5DMbKEkYsYPP9wqA8Ak8VI0xk3A7TRdIdqfpSKrgWgTcyUBElkWcM40y69ufJSCINuewc3hjxssUsLrcbKOpDCuhGLAWPwMcThHd1fRowBKN_gjm7vCGv8wPpA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 8AC5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92496524&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dbcc22c848bef73d3265276f7ed7d6cfce134ae0fd4ab7dfd2c5c5b0388ffcb5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 06 Jan 2024 04:05:13 GMT
content-length
1978
content-type
text/html; charset=UTF-8
ImgSync
image8.pubmatic.com/AdServer/ Frame 16CF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGdHpFN0xNYU1BQUJiSGNwa2pnQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFtzE7LMaMAABbHcpkjgA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4810022746794177802&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AAFtzE7LMaMAABbHcpkjgA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4810022746794177802%26gdpr%3D0%26gdpr_cons...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4810022746794177802&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://bh.contextweb.com/bh/rtset?ev=AAFtzE7LMaMAABbHcpkjgA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4810022746794177802%26gdpr%3D0%26bee_sync_pa...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4810022746794177802&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAFtzE7LMaMAABbHcpkjg...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFtzE7LMaMAABbHcpkjgA&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 06 Jan 2024 04:05:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 06 Jan 2024 04:05:13 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 5C03
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_fab86b7dab964e369f481
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2bffa213-22ee-467c-b66a-0397c7196786&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 06 Jan 2024 04:05:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 06 Jan 2024 04:05:14 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 7EB6
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=cb3d4284-ac48-11ee-8f2b-b787a7328fd9
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=cb3d4284-ac48-11ee-8f2b-b787a7328fd9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 04:05:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sat, 06 Jan 2024 04:05:14 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=cb3d4284-ac48-11ee-8f2b-b787a7328fd9
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-2
ImgSync
image8.pubmatic.com/AdServer/ Frame 299B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6275356792805496052&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:48df0004-5357-4d05-becb-15f44f279d60&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 06 Jan 2024 04:05:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 06 Jan 2024 04:05:13 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame B2DE 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 06 Jan 2024 04:05:14 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4573-YYZ
x-timer
S1704513914.146808,VS0,VE20
ImgSync
image8.pubmatic.com/AdServer/ Frame F9FE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4Tyrp7M4paj6Pfet5D6_qOVspqr6bKX-smw7PZcL
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:35745b27-0367-47e4-8e8d-a0cc77fdd8c4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 06 Jan 2024 04:05:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 06 Jan 2024 04:05:13 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame EF3C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=pubmatic&bidswitch_custom_parameter=95f301e9-3dcc-400c-8987-bcc136cff5d7
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=5fd74a47ad1d3d10d89006154d048d0f&expires=30&ssp=pubmatic&bsw_param=95f301e9-3dcc-400c-8987-bcc136cff5d7
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=95f301e9-3dcc-400c-8987-bcc136cff5d7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 05 Jan 2024 04:13:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 06 Jan 2024 04:05:14 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 10C5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:t0lKuhBW1RlXVR5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:021635af-0068-4456-855d-423e26b673be&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 06 Jan 2024 04:05:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 06 Jan 2024 04:05:14 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync
usersync.gumgum.com/ Frame 0EBB 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=348B24C7-EE14-49B3-B3EA-5C947351BE80
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:14 GMT
Expires
0
Pragma
no-cache
insync
thrtle.com/ Frame 8AC5
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=348B24C7-EE14-49B3-B3EA-5C947351BE80&vxii_pid=12&vxii_pid1=10067&vxii_rcid=7f3fe104-c97d-47d3-840f-7d8e2b9e407f
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=348B24C7-EE14-49B3-B3EA-5C947351BE80&vxii_pid=12&vxii_pid1=10067&vxii_rcid=7f3fe104-c97d-47d3-840f-7d8e2b9e407f
Protocol
H2
Server
34.202.106.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-106-150.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sat, 06 Jan 2024 04:05:14 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=348B24C7-EE14-49B3-B3EA-5C947351BE80&vxii_pid=12&vxii_pid1=10067&vxii_rcid=7f3fe104-c97d-47d3-840f-7d8e2b9e407f
date
Sat, 06 Jan 2024 04:05:14 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 8AC5 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 8AC5 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.106.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-106-196.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:14 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 8AC5 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.1.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-1-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 06 Jan 2024 04:05:13 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8AC5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=114d99f0-9108-41f4-9e61-4cbfc9f230d0-6598d17a-5553&gdpr=0&gdpr_consent=
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=114d99f0-9108-41f4-9e61-4cbfc9f230d0-6598d17a-5553&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 04:05:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:14 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=114d99f0-9108-41f4-9e61-4cbfc9f230d0-6598d17a-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 8AC5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8826346638743762313&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Sat, 06 Jan 2024 04:05:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 47C2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8062687&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9cbe12bf9a32cb52e0aaf1e6062bf167fd669f54da59af89bb2a0ee6d94b7221

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 06 Jan 2024 04:05:14 GMT
content-length
1958
content-type
text/html; charset=UTF-8
ImgSync
image8.pubmatic.com/AdServer/ Frame A972
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4olPzsHtXVlnywKyINlUh2AJ9sQ&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Fri, 05 Jan 2024 04:13:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 06 Jan 2024 04:05:14 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 42D3
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=326e3936-28b2-4dda-98e0-db998f56f572&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=348B24C7-EE14-49B3-B3EA-5C947351BE80
42 B
509 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=348B24C7-EE14-49B3-B3EA-5C947351BE80
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.90.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-90-210.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:14 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 06 Jan 2024 04:05:14 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=348B24C7-EE14-49B3-B3EA-5C947351BE80
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 4865
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377155610672804
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Sat, 06 Jan 2024 04:05:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 05 Jan 2024 17:13:50 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 55C7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 06 Jan 2024 04:05:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 06 Jan 2024 04:05:13 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
i.match
s.tribalfusion.com/z/ Frame 643D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
841114dd0c0d4bcf-BUF
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 04:05:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
841114dc4b9c4bcf-BUF
content-type
text/html
date
Sat, 06 Jan 2024 04:05:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
14420
ecm3
s.amazon-adsystem.com/ Frame DF19 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID348B24C7-EE14-49B3-B3EA-5C947351BE80
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 06 Jan 2024 04:05:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
G0994S68SBJ9KAAH0CFJ
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 47C2 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-15.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:14 GMT
via
1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P4
content-length
0
x-amz-cf-id
ZqX8zl2Jtf3Dmv9klE15u6AJizY_JPAqt1O0yUKXYbgctRWpPN9E3w==
x-cache
Error from cloudfront
396846.gif
idsync.rlcdn.com/ Frame 47C2
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e371174c-8fca-4d65-84a6-8c88d2174558
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e371174c-8fca-4d65-84a6-8c88d2174558
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:14 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 06 Jan 2024 04:05:14 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e371174c-8fca-4d65-84a6-8c88d2174558
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=348B24C7-EE14-49B3-B3EA-5C947351BE80/gdpr=0/ Frame 47C2 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=348B24C7-EE14-49B3-B3EA-5C947351BE80/gdpr=0/gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.228.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-228-249.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.55.151
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 47C2 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=348B24C7-EE14-49B3-B3EA-5C947351BE80&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
ImgSync
image8.pubmatic.com/AdServer/ Frame 47C2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3039340663876897512
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:05:13 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Sat, 06 Jan 2024 04:05:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4130v887101457z8861227858&_p=1704513905654&gcd=11l1l1l1l1&dma=0&cid=1290357590.1704513907&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1704513907&sct=1&seg=0&dl=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&dt=%27Crisis%20throughout%20the%20state%27%3A%20Local%20Medicaid%20recipients%20struggle%20to%20find%20dental%20care%20%7C%20Tri-state%20News%20%7C%20telegraphherald.com&en=view_item_list&pr1=&ep.item_list_id=765f85e8-69cc-11ed-ae08-a77e99293d01&ep.item_list_name=Newzware&_et=3069&tfd=10518
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.telegraphherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 04:05:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraphherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbmx?go=298769&pid=541&xid=10599292096464791424&ssp=minutemedia&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

474 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| documentPictureInPicture object| dataLayer object| OneTrustStub boolean| tncms_access_control_sync object| TNCMS function| $ function| jQuery function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset object| logProductListViewed object| logProductClicked object| logProductViewed object| logProductAdded object| logProductRemoved object| logCheckoutStarted object| logCheckoutStepViewed object| logCheckoutStepCompleted object| logPaymentInfoEntered object| logOrderCompleted object| csoWAR2 function| csoWAR3 object| xop object| googletag object| -153crxtt10qo object| -jthuugijgg object| gptAdSlots object| apstag number| _sf_startpt function| showBuyPhotoBtn function| fbq function| _fbq function| TNStats_Tracker object| TNTracker object| item object| myKeywordList function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| G96jEu2 function| G96jEu3 function| xblocker object| OJLvXh function| OJLvXf object| xblacklist string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| ggeac object| google_tag_data object| google_js_reporting_queue object| __otccpaooLocation object| _aps boolean| apstagLOADED object| apscustom object| FOTOMOTO_CONFIG function| FMJQ boolean| fotomoto_api_mode function| loadjs function| loadjsDefer function| loadcss function| fotomoto_ready number| rnd number| pid661376 number| plc661376 string| abkw string| absrc object| _absrc object| google_tag_manager object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| ha string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| Optanon object| OneTrust function| _33AcrossIdMappingsProvider function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| hadron boolean| __halo_loaded__ function| FMUUID object| Mustache object| FOTOMOTO object| Fotomoto object| fm_init_timer object| fm_event_getter object| FOTOMOTOCropWindow object| jQuery11130058397046171239975 object| fm_utils object| fm_componentNamespace function| EvEmitter function| imagesLoaded object| gaplugins string| aReferrer string| aNewReferrer object| analytics function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| PublisherCommonId object| regeneratorRuntime object| ID5 object| _33across object| __id5_instances object| pbjs object| __uid2SecureSignalProvider object| __uid2 object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_146 object| Criteo object| Criteo_identitytag_146 object| gaGlobal object| gaData object| au object| AdButler object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| auvars object| adviceService object| pgmApi undefined| publicgoodjs object| el object| emp_el_action object| options function| loadPg function| loadFallback function| loadFallbackEmpty function| loadSuccess object| tntSignup object| userStatus function| __tntSubscriptionAccessRecaptchaOnloadCallback boolean| checkedForPromoCode object| tntPurchase object| tntOfferPopulateModal object| tntPayment object| paymentPromisesSpreedly function| SpreedlyIdentifyPaymentCard function| SpreedlyallowSubmit function| SpreedlyPayment function| submitPaymentFormSpreedly function| enableFormForKnownUserSpreedly function| selectedContinueWithEmailSpreedly function| copyLink function| fotomoto_loaded function| fotomotoBuy function| FOTOMOTOPANEL_beforeShow function| callback function| withinviewport string| sMode_1034732 number| iAttempt number| iMaxAttempt boolean| bDmpTrack string| sImpressionPx object| socialReferrers string| referrer function| getRecommendations_1034732 function| shuffle_1034732 function| trackImpression function| stick_in_parent object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| wpJsonRciWidget object| ua_result object| revcontent function| renderRCWidget undefined| hashSet undefined| urlHash undefined| data undefined| param undefined| dmpData string| tmpByline string| theFingerprint string| theURL string| theByline function| docReady object| autag number| __mobxInstanceCount undefined| __mobxGlobals object| owpbjsChunk object| owpbjs object| PWT function| dspCriteoRTUSCallback function| dspCMCallback string| sUserId object| headertag function| _33AcrossPpidMappingsProvider object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_320278 object| teadsscript object| closure_lm_275151 object| teads number| a number| e function| Swiper number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

256 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARD0Fg
.sharethis.com/ Name: __stid
Value: ZGKAAGWY0XIAAAAILiBuAw==
.sharethis.com/ Name: __stidv
Value: 2
.telegraphherald.com/ Name: _fbp
Value: fb.1.1704513906779.127873175
.telegraphherald.com/ Name: lotame_domain_check
Value: telegraphherald.com
.telegraphherald.com/ Name: fpestid
Value: KZAwWJ8Z4b2hLF3DABGn0k0n6vL0CRRLdZ6KV74C1AQXHByEj5yxETQj56ze6qaH9w3NNQ
www.telegraphherald.com/ Name: usprivacy
Value: 1YNN
.33across.com/ Name: check
Value: true
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 97669bd320c42c98f1a40c7ac5db4d1c
.telegraphherald.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.telegraphherald.com/ Name: _gid
Value: GA1.2.67798460.1704513907
.telegraphherald.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.telegraphherald.com/ Name: _gat_UA-1002501-1
Value: 1
.telegraphherald.com/ Name: _cc_id
Value: 97669bd320c42c98f1a40c7ac5db4d1c
.telegraphherald.com/ Name: panoramaId_expiry
Value: 1704600307067
.openx.net/ Name: i
Value: 651b5773-eb0a-44f2-8109-c4938fab177d|1704513907
.criteo.com/ Name: uid
Value: ac36b8b3-6075-4a24-a314-6c06e5045770
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.telegraphherald.com/ Name: _au_1d
Value: AU1D-0100-001704513907-TUF07WT0-4LZ0
.telegraphherald.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE3MDQ1MTM5MDcsInR0ZCI6MTcwNDUxMzkwNywicHViIjoxNzA0NTEzOTA3LCJydWIiOjE3MDQ1MTM5MDcsInRhcGFkIjoxNzA0NTEzOTA3LCJhZHgiOjE3MDQ1MTM5MDcsImdvbyI6MTcwNDUxMzkwNywib3BlbngiOjE3MDQ1MTM5MDcsImNvbG9zc3VzIjoxNzA0NTEzOTA3LCJpbXByIjoxNzA0NTEzOTA3fQ%3D%3D
.tapad.com/ Name: TapAd_TS
Value: 1704513907520
.tapad.com/ Name: TapAd_DID
Value: 35ad9ecb-865b-4122-8512-db436c0940f1
.adnxs.com/ Name: uuid2
Value: 6275356792805496052
.adsrvr.org/ Name: TDID
Value: 756a3773-39ba-456b-9c41-5435aa35d5ec
www.telegraphherald.com/ Name: fotomoto_cart_skey_fb1ed006ae07fb6a6a1b19eaa310a86a622141f1
Value: c136321704513906
.criteo.com/ Name: partitioned_bundle
Value: r0YxoV95OGxndUklMkIyZnpLTmdZaUJrM2RYaGxPaEVYdEdtYTJPVWQ2dTBEME92WkMlMkZEQ3pJVlpsYUpCRHNleWNMNGZadXJ3Y0tLOG9wa1BNVXJFeU43WHk3VXpNdlhoN2lORHdJeW5NMTRXb014RVRDM1V5MWNlTjNMTGVEYSUyQjhiJTJGM0h5UjY0VFBSdHZvN1B3dCUyQjZNd3dZVDVEcnlxanVXdVBoM2FFMEdFMFRVUThzNnBVM1ViZ3c2MnhsUzUxVnFkdDJE
.doubleclick.net/ Name: IDE
Value: AHWqTUn5SGPvLSPR4MaPUJ0Wp-lJtB2cP2YZg9h0rzd12eDjV5fCdKT1YKEFWjGssAg
.rubiconproject.com/ Name: khaos
Value: LR1JKKMD-1X-4SS
.yahoo.com/ Name: A3
Value: d=AQABBHPRmGUCEFmHs3DWb0nqxm19lvqX3bEFEgEBAQEimmWiZQAAAAAA_eMAAA&S=AQAAAvFONnIZ6JdDsQqkFgNmlLQ
.telegraphherald.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Fri+Jan+05+2024+18%3A05%3A07+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202209.1.0&hosts=&landingPath=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html&groups=C0001%3A1%2CSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 348B24C7-EE14-49B3-B3EA-5C947351BE80
.amazon-adsystem.com/ Name: ad-id
Value: A88Tv9suR0YKhkkeoNyHXhY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.360yield.com/ Name: tuuid
Value: d38cfde5-5637-41e3-9daa-5e30cff1fa5d
.360yield.com/ Name: tuuid_lu
Value: 1704513908
.openx.net/ Name: univ_id
Value: 537072971|756a3773-39ba-456b-9c41-5435aa35d5ec|1704513908030171
.colossusssp.com/ Name: gtm_usr
Value: 19c8176a-c99a-43f8-b392-7e8ff4477e20
.colossusssp.com/ Name: lmg_r
Value: 66
.telegraphherald.com/ Name: _ga
Value: GA1.2.1290357590.1704513907
.t.sharethis.com/ Name: pxcelPage_default_c010_B
Value: 0_6_1704513908258
.telegraphherald.com/ Name: cto_bundle
Value: Ve3xCl95OGxndUklMkIyZnpLTmdZaUJrM2RYaGxPaEVYdEdtYTJPVWQ2dTBEME92WkMlMkZEQ3pJVlpsYUpCRHNleWNMNGZadXJ3Y0tLOG9wa1BNVXJFeU43WHk3VXpNdlhoN2lORHdJeW5NMTRXb014RVRDM1V5MWNlTjNMTGVEYSUyQjhiJTJGM0h5UjY0VFBSdHZvN1B3dCUyQjZNd3dZVDVQSlA4JTJGUGczbVFJakpDSUVDdzVXSHclM0Q
.exelator.com/ Name: EE
Value: "08d2b02a64f0acd0b30173278bba27d6"
.ml314.com/ Name: pi
Value: 3641151808727416859
.eyeota.net/ Name: mako_uid
Value: 18cdcf22eef-20ae0000010a507e
.eyeota.net/ Name: SERVERID
Value: 20606~DM
www.telegraphherald.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHAIsUoycAo0cwkzSAxOcUgydjA0NzYyNwiKSnRyDzFbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR%252FLqwQAmO8qQA%253D%253D"
.revcontent.com/ Name: rcuuid
Value: 6e22e963-1537-427c-8572-8a5724cbb670
.rkdms.com/ Name: sessionid
Value: h-a279a2b7dc024d83b3eb04b9b97ea5a5_t-1704513908
.telegraphherald.com/ Name: ajs_group_id
Value: null
.id5-sync.com/ Name: id5
Value: dd20a695-7c77-7667-a001-230c327a893c#1704513908984#2
.bidswitch.net/ Name: tuuid
Value: 95f301e9-3dcc-400c-8987-bcc136cff5d7
.bidswitch.net/ Name: c
Value: 1704513909
.bidswitch.net/ Name: tuuid_lu
Value: 1704513909
.reson8.com/ Name: RCID2
Value: F07D35CB19AFB6DBAAAC1F31C47799F8
.revcontent.com/ Name: adb_blk
Value: false
.revcontent.com/ Name: __ID
Value: 4e64b6087d094c5385c96cb48f4f7392
.mfadsrvr.com/ Name: tuuid
Value: 27ffab6f-94b0-42d5-8aaf-a11c789c2338
.mfadsrvr.com/ Name: c
Value: 1704513909
.mfadsrvr.com/ Name: tuuid_lu
Value: 1704513909
.lijit.com/ Name: ljt_reader
Value: H8a1dRZHPQrV2rfKTzKlkjn0
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHWrhUtraBvURqdNA3BRXAA&KRTB&23025-CAESEHWrhUtraBvURqdNA3BRXAA&KRTB&23386-CAESEHWrhUtraBvURqdNA3BRXAA
.lijit.com/ Name: _ljtrtb_92
Value: 6275356792805496052
.gumgum.com/ Name: vst
Value: u_e2477fc0-fc38-492d-92dc-7ce5658ebf06
.telegraphherald.com/ Name: ajs_anonymous_id
Value: 675a4335-017c-443f-af01-432eae7d67c3
.telegraphherald.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1704513907.1.0.1704513910.57.0.0
.bidr.io/ Name: bito
Value: AAFtzE7LMaMAABbHcpkjgA
.bidr.io/ Name: bitoIsSecure
Value: ok
.go.sonobi.com/ Name: __uis
Value: 37a04d73-eea2-445a-958b-2cad8d91478a
.go.sonobi.com/ Name: HAPLB8G
Value: s8599|ZZjRe
.openx.net/ Name: pd
Value: v2|1704513907.3|vPvMgakWgy.iKbwhEgKg2
.casalemedia.com/ Name: CMID
Value: ZZjRdzUh5G.Pa.K62WwKmQAA
.casalemedia.com/ Name: CMPS
Value: 997
.casalemedia.com/ Name: CMPRO
Value: 997
.mediago.io/ Name: __mguid_
Value: 746ded2231a6268927omfk00lr1jkn49
.simpli.fi/ Name: suid
Value: 200B2E0CB8414762BA8761BD47B84685
.contextweb.com/ Name: V
Value: iOoH03D3US82
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 9657cd73f00b8751
.deepintent.com/ Name: CDIUSER
Value: di_fab86b7dab964e369f481
.adform.net/ Name: C
Value: 1
.telegraphherald.com/ Name: __gads
Value: ID=54f21c21f28c8c42:T=1704513910:RT=1704513910:S=ALNI_MabGKqGZb2kiYreZZ_HMJ2iZFMPhg
.telegraphherald.com/ Name: __gpi
Value: UID=00000a06763a834f:T=1704513910:RT=1704513910:S=ALNI_MaQpucQT7Ratr-syRTnw5zj_Egzlw
.smartadserver.com/ Name: pid
Value: 4810022746794177802
.zemanta.com/ Name: zuid
Value: 3VfD4bsxSztVr9Ck4xFV
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrI0V7IyNDcwNTcyNjU01FEyNDBCFTAyRuObgfkmpqbmhiC%2BCYp8LQCjtBBW
.adform.net/ Name: uid
Value: 3039340663876897512
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZjRdwAMaNY9yABd
.sharethrough.com/ Name: stx_user_id
Value: b9ed420b-d370-43e3-9928-b5fc34289316
.minutemedia-prebid.com/ Name: wrvUserID
Value: lPex-lgzCp_mm
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e2894fce-c1ed-5d59-67cb-02b220d95487.k2%2FA8igkKIaOEJMg5tp9yZvOo3DO6UMrD12Omg%2Fa4Us
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e2894fce-c1ed-5d59-67cb-02b220d95487.k2%2FA8igkKIaOEJMg5tp9yZvOo3DO6UMrD12Omg%2Fa4Us
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4olPzsHtXVlnywKyINlUh2AJ9sQ.3NeRPd88rwu2YWopfEMFgseW1an3BAIURxpu7S2OaBs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4olPzsHtXVlnywKyINlUh2AJ9sQ.3NeRPd88rwu2YWopfEMFgseW1an3BAIURxpu7S2OaBs
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDN93c5d2CcLYBXinhA5GmTpFF8SKk-lyyeNfE6ZJBOgEHwYBCD3ouOsBjABOgT90vuTQgSnp2rW.0caM6x0Xmt3xiv3ipnax6J09gxRbuAecDMhVlLxIZ%2BU
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDN93c5d2CcLYBXinhA5GmTpFF8SKk-lyyeNfE6ZJBOgEHwYBCD3ouOsBjABOgT90vuTQgSnp2rW.0caM6x0Xmt3xiv3ipnax6J09gxRbuAecDMhVlLxIZ%2BU
.ipredictive.com/ Name: cu
Value: 25b650c7-f2d2-4411-ba54-29a42be8e0f5|1704513911183
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 326e3936-28b2-4dda-98e0-db998f56f572
.turn.com/ Name: uid
Value: 8826346638743762313
.mfadsrvr.com/ Name: ssh
Value: !minutemedia,1704513911!revcontent,1704513909
.analytics.yahoo.com/ Name: IDSYNC
Value: "19b8~2g0s:18y3~2g0s:18za~2g0s:18z8~2g0s"
.eqads.com/ Name: EQUser
Value: UID=cdca3095-0577-42e9-9d87-4288e2b0da63
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:200B2E0CB8414762BA8761BD47B84685&KRTB&23486-uid:200B2E0CB8414762BA8761BD47B84685&KRTB&23489-uid:200B2E0CB8414762BA8761BD47B84685&KRTB&23539-uid:200B2E0CB8414762BA8761BD47B84685
.quantserve.com/ Name: mc
Value: 6598d177-4e237-72e45-e7aee
.omnitagjs.com/ Name: ayl_visitor
Value: f0aa40034ebb4ae56492bf9b19a6570a
.33across.com/ Name: 33x_ps
Value: u%3D212409987125821%3As1%3D1704513911328%3Ats%3D1704513911328
.dotomi.com/ Name: DotomiTest
Value: 7cc7f35bff31404
.3lift.com/ Name: tluid
Value: 1578769649556390020185
.pippio.com/ Name: did
Value: 1dLbJOtAS5vGOcAs
.pippio.com/ Name: didts
Value: 1704513911
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CPei46wGEgYIgr0rEAA=
.krushmedia.com/ Name: krm_usr
Value: 31dd3e50-6558-503b-90b6-df2a2d4829a3
.krushmedia.com/ Name: krm_r
Value: 572
.liadm.com/ Name: lidid
Value: 897ec219-bc30-4236-9a2d-6c8e882b010c
.w55c.net/ Name: wfivefivec
Value: t0lKuhBW1RlXVR5
.lijit.com/ Name: _ljtrtb_43
Value: dkU67yRBNOBtRGblc0cu4HIVN-JtFTS2JRW4TiRt
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-25b650c7-f2d2-4411-ba54-29a42be8e0f5&KRTB&23011-25b650c7-f2d2-4411-ba54-29a42be8e0f5&KRTB&23355-25b650c7-f2d2-4411-ba54-29a42be8e0f5
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-756a3773-39ba-456b-9c41-5435aa35d5ec&KRTB&22918-756a3773-39ba-456b-9c41-5435aa35d5ec&KRTB&22926-756a3773-39ba-456b-9c41-5435aa35d5ec&KRTB&23031-756a3773-39ba-456b-9c41-5435aa35d5ec
.creativecdn.com/ Name: u
Value: FfSOJxUgvUb3EVn5mYHQ
.creativecdn.com/ Name: g
Value: FfSOJxUgvUb3EVn5mYHQ_1704513911340
.creativecdn.com/ Name: ts
Value: 1704513911
.ads.stickyadstv.com/ Name: UID
Value: d1318d810f1f85ba93697617a26cc52
.admanmedia.com/ Name: admtr
Value: 78bc7582-4aff-4291-8237-21782e61496c
.admanmedia.com/ Name: ac_r
Value: CS112
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.w55c.net/ Name: matchcasale
Value: 5
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.yieldmo.com/ Name: yieldmo_id
Value: VEhZQll55Zll1DlKhYW9%7C1704499200000%7C0
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHHG_NH9QroQNJPL6FAAAAAAA&KRTB&22713-AAAHHG_NH9QroQNJPL6FAAAAAAA&KRTB&22715-AAAHHG_NH9QroQNJPL6FAAAAAAA&KRTB&23519-AAAHHG_NH9QroQNJPL6FAAAAAAA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005%22%2C%22nxtrdr%22%3Afalse%7D
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-51a3a1c2-1931-3cc9-9e34-baf81c870a7f
.server.cpmstar.com/ Name: USER_ID
Value: .%fb%dcT%03%f1p%11%5b%b4%eci%b2%07%5c
.shb-sync.com/ Name: smart_usr
Value: 3906b498-04d9-4393-818b-5bbb56080da5
.shb-sync.com/ Name: smart_r
Value: 32906
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjCwabf1p3HPBAFEhYKB3J1Ymljb24SCwjE9tng1p3HPBAFGAEgASgCMgsI6pjVju2dxzwQBTgBWgc4aDl1MTFoYAI.
.rubiconproject.com/ Name: audit
Value: 1|edVrDS93x0+b+FHt7N3zmpTp3eJrOF+F7GK5SR/BXNmFQXC9JARqfhDIT4Zs7gAPVc+c47VBns3yUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnZk9XRndrSwYsdQmuwvFmG3O8bEi5wPfik82Hbl8zcG4YPDxny9O7hNPVHjylZIeXCxTittMqIfE
.csync.loopme.me/ Name: viewer_token
Value: 8f06ada0-1f4a-4926-90d1-3a7551a95bba
.rezync.com/ Name: zync-uuid
Value: e0e70242-e7fb-4d35-80e1-470268c0b506:1704513911.5290954
.demdex.net/ Name: demdex
Value: 46953725378786933631167846734667393259
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005%22%7D
.lijit.com/ Name: _ljtrtb_80
Value: LR1JKKMD-1X-4SS
.socdm.com/ Name: SOC
Value: ZZjRd8Co8YEAAIJ0fssAAAAA
.linkedin.com/ Name: li_sugr
Value: ffab8fbc-3208-4379-8810-622a5707421c
.linkedin.com/ Name: bcookie
Value: "v=2&d8255241-7c34-4318-892d-f01b2b2fc80c"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3142:u=1:x=1:i=1704513911:t=1704600311:v=2:sig=AQGfJMxbrRToFHBZkRwt5k6hk75gxURV"
.mxptint.net/ Name: mxpim
Value: R35CA9_10ED87404_A5FCC5B3.1.00000000000000006598D177
.lijit.com/ Name: _ljtrtb_97
Value: RX-d6edbbc6-366d-4d9a-9900-ae9f2a590340-005
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CA9_10ED87404_A5FCC5B3&KRTB&23092-R35CA9_10ED87404_A5FCC5B3
.dpm.demdex.net/ Name: dpm
Value: 46953725378786933631167846734667393259
.connatix.com/ Name: cnx_userId
Value: 1c0d1fe91c734ccd90896def128de602
.id5-sync.com/ Name: 3pi
Value: 2#1704513909517#-2069456893#6275356792805496052|434#1704513910986#-1694040392|264#1704513911621#-982270340#756a3773-39ba-456b-9c41-5435aa35d5ec|441#1704513910429#1624299621#u_e2477fc0-fc38-492d-92dc-7ce5658ebf06|155#1704513910761#1936599075#AAFtzE7LMaMAABbHcpkjgA|796#1704513911261#321942181|108#1704513911430#-1271822818|1246#1704513909883#-1435146802
.primis.tech/ Name: csuuid
Value: 6598d177a1131
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3IwRHAIAgEwE_aIXOHIJJyNKQQKzf73H1FoQJqKhXfFHuby0BR7N8-FqajPwyYsyV5uybS7QA6qwY8OgAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0NTUzNDAzN7IwMBHiM9StygrMysswcTbNTEoDAC7HuTElAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0NTUzNDAzN7IwMBHiM9StygrMysswcTbNTEoDAC7HuTElAAAA
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: 8047baa0-cde4-4736-a6fc-1f5761b53376
.prebid.a-mo.net/ Name: sd_amuid2
Value: 8047baa0-cde4-4736-a6fc-1f5761b53376
pool.admedo.com/ Name: tuuid
Value: a6d47c8d-a05a-47fe-b092-6f6dc52e52ab
pool.admedo.com/ Name: c
Value: 1704513911
pool.admedo.com/ Name: tuuid_lu
Value: 1704513911
.mookie1.com/ Name: id
Value: 10599292096464791424
.mookie1.com/ Name: mdata
Value: 1|10599292096464791424|1704513911718
.mookie1.com/ Name: ov
Value: 2991606a811e90d78e4f8155f57d2f8d
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!148-2!148-3!148
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
live.rezync.com/ Name: sd-session-id
Value: .eJwNjEEOgyAQAP-yZ2l2gWWBz5iq24S00kb0UuPf5TiTyZww_nRbn1XrDnnfDh1g_pRODfIJrfxXfUMGkkROhJgDYRAb0cM1QNPWyreOZemNogpab43KazJ-cWwiKhnfbYgzTowhk6BnconowTZh4v65AZ6TJPs.ZZjRdw.jQDbdnLNMsSBBLQz2KM58TH5_II
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 44ae8766-9d2d-5306-8099-fc5ae5012d2d
.betweendigital.com/ Name: ss
Value: 1
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: c6b05UMwiz
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.betweendigital.com/ Name: ut
Value: ZZjRdwAMudA2vbBZUOaXWYXQLbayGKkP-O3zwg==
.lijit.com/ Name: ljtrtb
Value: eJwVy8sOgjAQQNF%2F6dpJhnY6ZVwS46MoJgWFLVBMjC7rwhj%2F3bq9J%2FejSlRrdQyFr%2BvTBooBqG3VSonOmbWzxrITXaIlYbT6Ty5TGCDyEqdpZjDMESjKCCKIMC5y06MVNISAaPNCJi%2FxcWH3DlVzrlLYTc8Z5xftD9cGfNp2rfahp%2B4ekvr%2BAH1wJjg%3D
.lijit.com/ Name: _ljtrtb_26
Value: 95f301e9-3dcc-400c-8987-bcc136cff5d7
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.intentiq.com/ Name: intentIQCDate
Value: 1704513911949
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVMFlJZk9C
.intentiq.com/ Name: IQPData
Value: 1611265732#1704513911947#0#1704513911947
.a-mx.com/ Name: amdt_t
Value: p::1704513912105
.a-mx.com/ Name: amuid2
Value: 8047baa0-cde4-4736-a6fc-1f5761b53376
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.telegraphherald.com/ Name: _ga_1KSYYTLTZT
Value: GS1.2.1704513907.1.1.1704513912.55.0.0
.pubmatic.com/ Name: SPugT
Value: 1704475589
.ads.pubmatic.com/ Name: KCCH
Value: YES
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240106%22%2C%22141%22%3A%2220240106%22%7D
.quantserve.com/ Name: d
Value: ELYBEgHrKvijDejbEA
.pubmatic.com/ Name: DPSync3
Value: 1704585600%3A248_255%7C1705104000%3A265%7C1705536000%3A257%7C1705708800%3A260_263_258_261_259_201_262_256
.w55c.net/ Name: matchpubmatic
Value: 5
.adnxs.com/ Name: XANDR_PANID
Value: HZtrRgrgAshvHLBS0JvlOQ-LlWlNaERTFQa3Ew8iAfFzOQ8eKZMgRiby-1k8z6fg0ai3uQcA8AsvMwo4b5K3Spuewbf2Aj7TC8FLP5pI2HE.
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_fab86b7dab964e369f481
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-4Tyrp7M4paj6Pfet5D6_qOVspqr6bKX-smw7PZcL&KRTB&19420-4Tyrp7M4paj6Pfet5D6_qOVspqr6bKX-smw7PZcL&KRTB&22979-4Tyrp7M4paj6Pfet5D6_qOVspqr6bKX-smw7PZcL&KRTB&23462-4Tyrp7M4paj6Pfet5D6_qOVspqr6bKX-smw7PZcL
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:t0lKuhBW1RlXVR5&KRTB&23421-uid:t0lKuhBW1RlXVR5
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6275356792805496052&KRTB&23339-6275356792805496052
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_12MsQ2AMAwExQBUmcPI79hOwjgBMxAlJSMwIVQgUd5Jd9cworAacoMKsKcSHIVFhaJsnXTNRpUDpI_1unA39vmNMJk0bqZH-k5w1_PHNxTpuEtqAAAA
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8826346638743762313&KRTB&23150-8826346638743762313&KRTB&23527-8826346638743762313
.pubmatic.com/ Name: pi
Value: 0:3
.pubmatic.com/ Name: SyncRTB3
Value: 1705363200%3A63%7C1705104000%3A223_15_2%7C1705795200%3A35%7C1705708800%3A3_176_55_240_22_178_104_220_165_166_54_250_231_13_46_233_81_56_8_48_71_5_21
.rlcdn.com/ Name: rlas3
Value: SeUtdZuUPjnziV/e5mkXkUrY4aus2DEJrfml6Hkmo6s=
.rlcdn.com/ Name: pxrc
Value: CPSi46wGEgUI6AcQABIFCOhHEAMSBQjbThAAEgYIuOsBEAY=
.sitescout.com/ Name: ssi
Value: 114d99f0-9108-41f4-9e61-4cbfc9f230d0#1704513914242
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1791377155610672804
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-4olPzsHtXVlnywKyINlUh2AJ9sQ&KRTB&23334-4olPzsHtXVlnywKyINlUh2AJ9sQ&KRTB&23417-4olPzsHtXVlnywKyINlUh2AJ9sQ&KRTB&23426-4olPzsHtXVlnywKyINlUh2AJ9sQ
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-326e3936-28b2-4dda-98e0-db998f56f572&KRTB&23340-326e3936-28b2-4dda-98e0-db998f56f572&KRTB&23498-326e3936-28b2-4dda-98e0-db998f56f572
.adgrx.com/ Name: ADGRX_UID
Value: cb3d4284-ac48-11ee-8f2b-b787a7328fd9
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3039340663876897512&KRTB&23263-3039340663876897512&KRTB&23481-3039340663876897512
.kargo.com/ Name: ktcid
Value: 32e4475e-b4ec-0760-5d36-c15609d09549
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwNDUxMzkxNDI4M30
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
beacon.lynx.cognitivlabs.com/ Name: ss
Value: LZmYd%2BzXizwQnFejnZmBFrAA3sTZIm5Ois62baNgvrcDdqj4X7lngKVUlbxyljAf8xHYV0UUAmtfG%2Bkb1O20lLSOh9B2af0zLzGyp89ShYw%3D
.thrtle.com/ Name: mc
Value: eyJpZCI6IjdmM2ZlMTA0LWM5N2QtNDdkMy04NDBmLTdkOGUyYjllNDA3ZiIsImwiOjE3MDQ1MTM5MTQzMDAsInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-cb3d4284-ac48-11ee-8f2b-b787a7328fd9&KRTB&23275-cb3d4284-ac48-11ee-8f2b-b787a7328fd9
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-114d99f0-9108-41f4-9e61-4cbfc9f230d0-6598d17a-5553&KRTB&23418-114d99f0-9108-41f4-9e61-4cbfc9f230d0-6598d17a-5553
.adstanding.com/ Name: _adstanding_id
Value: 5fd74a47ad1d3d10d89006154d048d0f
.bfmio.com/ Name: __187_cid
Value: 348B24C7-EE14-49B3-B3EA-5C947351BE80
.bfmio.com/ Name: __io_cid
Value: 42ff37dc498b506970529d5d1c78370cc87a4851
.smartadserver.com/ Name: csync
Value: 127:AAFtzE7LMaMAABbHcpkjgA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-95f301e9-3dcc-400c-8987-bcc136cff5d7
.tribalfusion.com/ Name: ANON_ID
Value: a3ntuJM0ing9PBmSTEpS9BAmJ0Zaq3lTB4vH1wZbPHnHJdbX4lbi2bUJQ4qGgQhjZa1SINmYtZcPHdTHt4gTiQItZaH32
.adsby.bidtheatre.com/ Name: __kuid
Value: 48df0004-5357-4d05-becb-15f44f279d60.473727914
.technoratimedia.com/ Name: tads_uidp_16
Value: 1543803565212
.technoratimedia.com/ Name: tads_uidp_37
Value: 4c14ca13-7cc8-38a9-b0b1-48bfe4de7500
.technoratimedia.com/ Name: tads_uidp_44
Value: LR1IRM9F-X-EKOR
.technoratimedia.com/ Name: tads_uidp_45
Value: 33EAD8FF-CDBC-4FB2-8DA7-00F4584842DA
.technoratimedia.com/ Name: tads_uidp_46
Value: 3065109336622479930
.technoratimedia.com/ Name: tads_uidp_48
Value: 4e29f957-8bcf-4dd8-bc1b-49b147223133
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAGXxO7wl3uIgMTTvnnAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 7a9054aa-9d6f-4af4-923e-b662d8c9447c
.technoratimedia.com/ Name: tads_uidp_61
Value: 212409923278515
.technoratimedia.com/ Name: tads_uidp_62
Value: 3475141566634873000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: sIVDaEu6-MFTyH9gtMCA0wRHG6-kPINm
.technoratimedia.com/ Name: tads_uidp_7
Value: 9a637313-0ee8-4657-b68b-e5508ada6858
.technoratimedia.com/ Name: tads_uidp_70
Value: 1622253365053-949194170222-008367-009-004841
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFtzE7LMaMAABbHcpkjgA
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-4b24f500-6ef9-4df2-a566-5346f05a034d-005
.technoratimedia.com/ Name: tads_uidp_77
Value: bjgw8cIDTZoZ1Fm2jx91afuyf8ctH-vs-Rq7GL63RiY
.technoratimedia.com/ Name: tads_uidp_79
Value: 49c0b233-dfe4-4033-97fa-48e6fa1dbe54
.technoratimedia.com/ Name: tads_uidp_80
Value: y-nTWe151E2uHYbEUG5YLNoHxPUD7.HqQh~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZZjDK8abWNtsu4UBNQkVygAA&3810
.technoratimedia.com/ Name: tads_uidp_83
Value: XDRyPC3y39Ya
.technoratimedia.com/ Name: tads_uidp_88
Value: 2585754425281700375050
.technoratimedia.com/ Name: tads_uidp_90
Value: dd6efeea-2c59-4a87-b0ac-dbac85afd4f7
.technoratimedia.com/ Name: tads_uidp_91
Value: 2048915037081700588brt56841675014149615267a0
.technoratimedia.com/ Name: tads_uid
Value: A86D4DA215FB40F8BBC0EC13D800DDA9
.technoratimedia.com/ Name: tads_uid_cd
Value: 20231007011547+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1693142250488
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1oyn|2N.0.AAAF5TgQu5o8JQNQRq40AAAAAAA|4is.0.CAESEO5aMkEb5BYuNqFFW66Eof0|7bq.0.1|8nK.0.1|7dN.0.AAFtzE7LMaMAABbHcpkjgA
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFtzE7LMaMAABbHcpkjgA
.pubmatic.com/ Name: PugT
Value: 1704513913
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 18

10 Console Messages

Source Level URL
Text
javascript warning URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html(Line 2515)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=661376;type=js;referrer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html;sw=1600;sh=1200;spr=1;kw=;pid=2585756;place=0;rnd=2585756;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.telegraphherald.com/news/tri-state/article_cc48af36-ab4b-11ee-93fb-b78c101851bb.html(Line 2515)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=661376;type=js;referrer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html;sw=1600;sh=1200;spr=1;kw=;pid=2585756;place=0;rnd=2585756;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://connect.facebook.net/signals/config/1329857520488846?v=2.9.139&r=stable&domain=www.telegraphherald.com(Line 137)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=661376;type=js;referrer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html;sw=1600;sh=1200;spr=1;kw=;pid=2585756;place=0;rnd=2585756;click=CLICK_MACRO_PLACEHOLDER(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://assets.publicgood.com/pgm/v1/pgm-api.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ads.empowerlocal.co/adserve/;ID=181918;size=0x0;setID=661376;type=js;referrer=https%3A%2F%2Fwww.telegraphherald.com%2Fnews%2Ftri-state%2Farticle_cc48af36-ab4b-11ee-93fb-b78c101851bb.html;sw=1600;sh=1200;spr=1;kw=;pid=2585756;place=0;rnd=2585756;click=CLICK_MACRO_PLACEHOLDER(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://assets.publicgood.com/pgm/v1/pgm-api.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://p.ad.gt/api/v1/p/664
Message:
Unrecognized feature: 'attribution-reporting'.
security warning URL: https://tagan.adlightning.com/townnews/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20348B24C7-EE14-49B3-B3EA-5C947351BE80&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://global.ib-ibi.com/image.sbmx?go=298769&pid=541&xid=10599292096464791424&ssp=minutemedia&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

90cb115e82623b375d8d3ff0d604a8ec.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.empowerlocal.co
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
advice.pgs.io
amazon-tam-match.dotomi.com
ampcid.google.com
analytics.google.com
ap.lijit.com
api.rlcdn.com
api.secondstreetapp.com
api.segment.io
assets.publicgood.com
assets.revcontent.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bloximages.newyork1.vip.townnews.com
buttons-config.sharethis.com
c.amazon-adsystem.com
c1.adform.net
capi.connatix.com
cdn-ima.33across.com
cdn.cookielaw.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.resonate.com
cdn.segment.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
count.api.pgs.io
crb.kargo.com
creativecdn.com
cs-tam.minutemedia-prebid.com
cs.admanmedia.com
cs.krushmedia.com
cs.minutemedia-prebid.com
csync.loopme.me
d29xw9s9x32j3w.cloudfront.net
dis.criteo.com
dpm.demdex.net
ds.reson8.com
dsum-sec.casalemedia.com
eb2.3lift.com
embed.secondstreetapp.com
embed.sendtonews.com
embedcdn.sendtonews.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
global.ib-ibi.com
google-bidout-d.openx.net
gum.criteo.com
i.liadm.com
ib.adnxs.com
id.a-mx.com
id.hadron.ad.gt
id.rlcdn.com
id.sv.rkdms.com
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
img.revcontent.com
invstatic101.creativecdn.com
js-sec.indexww.com
l.sharethis.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis.tech
live.rezync.com
loadus.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
ml314.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.ad.gt
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
platform-api.sharethis.com
player.sendtonews.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
ps.eyeota.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
r.bidswitch.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adstanding.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
s3.amazonaws.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-fotomoto-com.s3.amazonaws.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.colossusssp.com
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.sharethis.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync1.intentiq.com
synchroscript.deliveryengine.adswizz.com
t.sharethis.com
t.teads.tv
tagan.adlightning.com
tags.crwdcntrl.net
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trends.revcontent.com
u.openx.net
um.simpli.fi
um4.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
us2.shb-sync.com
usersync.gumgum.com
visitor.omnitagjs.com
widget.fotomoto.com
www.facebook.com
www.fotomoto.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.telegraphherald.com
x.bidswitch.net
yeet.revcontent.com
global.ib-ibi.com
104.16.132.24
104.18.13.242
104.18.35.167
104.18.36.155
104.18.41.104
104.18.9.110
104.254.130.154
104.36.115.113
107.178.254.65
107.20.39.164
108.138.106.16
108.138.106.17
108.138.106.50
108.138.128.34
124.146.153.162
13.224.207.4
13.224.214.10
13.224.214.108
13.224.214.41
13.224.214.83
13.225.63.13
131.153.148.28
131.153.242.59
141.95.33.120
142.251.35.162
147.28.129.140
151.101.2.49
162.19.138.116
162.248.18.37
172.240.155.116
172.64.149.180
173.231.178.77
174.129.115.222
18.165.83.70
18.215.90.210
18.238.12.225
18.238.4.3
18.238.55.15
18.238.8.230
184.73.232.225
185.167.164.39
185.184.8.90
188.166.17.21
192.104.183.109
195.244.31.10
198.148.27.131
199.38.167.131
2001:4860:4802:38::181
207.198.113.89
216.22.16.68
23.1.200.83
23.105.12.121
23.105.12.158
23.195.94.138
23.196.3.202
23.37.113.15
23.37.113.154
23.47.169.117
23.61.22.89
2600:1f18:4e9:5a01:75af:f069:585e:f21
2600:9000:20ed:6c00:17:c484:6380:93a1
2600:9000:20ed:ca00:1b:6b7d:2300:93a1
2600:9000:2511:c600:a:e047:753:a221
2600:9000:25c8:2000:c:abe:f440:93a1
2600:9000:266a:5c00:1a:5235:f980:93a1
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:4400::6812:2089
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:83ec
2606:ae80:1451:20::1720
2607:f350:3:2569:0:10:0:200c
2607:f8b0:4004:c08::9b
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2006
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2004
2607:f8b0:4006:824::2001
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::485
3.130.26.161
3.211.158.177
3.219.2.103
3.223.131.63
3.233.22.19
3.33.220.150
34.102.146.192
34.111.113.62
34.117.77.79
34.120.107.143
34.120.155.137
34.170.123.2
34.197.228.249
34.199.75.211
34.200.65.202
34.202.106.150
34.206.99.162
34.208.28.93
34.236.138.205
34.96.70.87
35.207.24.140
35.208.249.213
35.210.53.219
35.211.118.13
35.211.178.172
35.214.204.214
35.227.252.103
35.244.154.8
35.244.159.8
35.244.193.51
37.157.2.230
38.68.201.140
40.76.134.238
44.215.45.69
50.17.111.65
51.222.39.186
52.0.156.250
52.0.205.209
52.203.70.213
52.217.124.97
52.223.22.214
52.46.143.56
52.7.115.38
52.73.1.8
52.85.151.96
52.85.61.19
52.86.139.62
52.95.122.74
54.196.247.2
54.197.229.45
54.198.106.196
54.203.25.147
54.209.20.238
54.209.245.194
54.230.163.106
54.231.140.88
54.243.132.7
54.87.127.173
63.251.114.136
63.251.28.133
63.251.86.49
67.202.105.24
68.67.160.186
69.173.151.100
69.194.240.13
70.42.32.159
74.119.119.139
74.119.119.150
8.18.47.7
8.2.110.134
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.98
80.77.85.115
80.77.87.166
96.46.186.63
96.6.1.46
007dbd112f2196eb29626c03f5073581e659fd241bc768de5a3fe694e9bdda88
02d1a048a400e632c647d816bc658ba6d30dd3bb191e6ee4c46c6c1c3d996685
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880
038751aa88bb026a85fd621a7c71ebba77ea7cfd9baede2dc2398dbd72430038
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06da8c9c6a2c622a5ae9607d0db059654dca4ea437d761ed4e1d5457b927b61f
06f8981a9d73ba11b77e370fb35ce0a54cb48ce5bcfdb66da69265151738350e
07c8e4f9532be4b9b68c22095d9f7e19066c153c4af1aacd6e711c1cf5f1ab7c
09430f3620f6c275e8b1549a197d320593921568230a827421e64ad31c2b9041
098febc0d0ea7ff5edd7991f8ea8db5997c8f2ca32bbeb0ab2da5b28f0c96c35
09ea4a96c71e7f8b3a6f4f514c9c9794ddb32c387c97e1ec3c705c248a45abcc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9d99cfbb9189ee131f11a8ea0633439926597402b41fae79b1514452c4a50f
0da27186f929206c54d091f437ba0c499b089a1ddf9cc0ae2a3c9b1e633b0d24
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
103741de0c2c227e5cb1f8f164d87033158b3874cc4b45c1eb969151895ad1e4
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
17218c20074448ea8a33e56872f3a8baac7922f08f9f10c3c4d687748783f309
17ce5ab42fc851c8e1b435749fd85c55486f866762ac5b6c004828d87221699f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1887827b60daa72a69c058bf9a70f119d8e33cae447772efe05198e08227c658
19f017b060eef42c6c184a49c2293ba61282cf67189da8025a13dd7dd680e588
1aa0a58e73057ad95a24aa404da1142e84867e72f88a305019bef79ed0903012
1af63a4bcb7067346b51f003dffd3bcb595a4a71944e94d7d3fbd502e954324a
1c756dd78f3fe8604ffdb519ffce264517c5e4b02ced287d9279be254d872ae8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e09ceae91d8b66c5466fb21538ebb58a5784728f8f56dc77b4089a915095037
1f1f4ee19ab75ef54a1a25c521696df2a643c719daa47b5b3c663be22e54b397
20cb7e97cdd2bd5b3175038e3c8730a3d639c7b951f803d1cd215e662eea50f8
218577336e6a2edae26e856291a72ea8a715e2be0de917ab210e22262893b11c
2307e30636e16da8771e5472d067c2383db4e73a3a56a207312a35fab34008cc
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
23db6143ec1303cb65608357c6a00e3ca02e89522b016e35e19f5e88096f9431
26241669b48bb0072bdf59745249f64aa861cff309a371d908a0e745f3574ff5
267128f420713bbdcc0ba74c5082e17f08bbb9437853f4c318cc69fe109272cc
288f8aaa5795af93056cc14170471a1eae81b4c7dab175ed51ebe90b394822a2
296847ecafe4dc26468d57dce8aedaa59b3a5a7a8210b84ddae721948e847f18
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2a6189f8ee4035f048eaedb4744ef6300f362a90a1f7aa6906edeac2e8e49eb4
2b851fd4d6806c84a2ce7213dc068c38731ea9e2f5839ab032ed2be0eecfece9
2c1d2122bde8e57c6a0d64d3ae5ab9311b92a90d939505522ea8017a0332afed
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef3bf18994e09356dfb0f0e9aca831010d53792358d80bb2cfaa1d2af6b1f1f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2feab8be6864869ca9e93d77c7e6ea200fe96153d6f19f06c4c67e1ed1830d17
303fd8202d1802662065652c8b5292a3ad13349d6dd7c266ed9d35448614c8a4
30e942decdbf47bf968e350c0cb9b3c53a7bd993f7fb6c72c3a026433a51cd6d
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34b524307ac30874f393fa659bb78d28527136960a3dd32e098fc2adca02a4a8
375815b98f2ff61d408f4b92475b7ae40940b4555adfcfa3414d17771542b19f
3772aa5d9ab06b270165da73427ec3653cdcf83388fa0f20b5ce0cac5f0dbc65
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
3895ebeedf32ed25a1fb2328a2a9d936e2ab4721a487f26598d9b627bd81071c
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
3af3ebe63bada1a075aea2a79ddc27f1941408367fc84532c4bfe145b243a3d8
3b398d5ef3d2215e7e5efe3598208e595d76acc848838628e36b14189673e1ae
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3e310157689767959bc5f8afd29b2ba5de4674939397dfee627b6dc97bb79c78
3e59c70b8f27c2134f509e56e3a1ff96677c183a550bb8f6978c375952b9c1b4
3e9e218d660dcf32ee875c91f7d889861ff9d08a85a7c77e79dae147dd001407
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed247a67eac1003c708ddd1f12d8bbd831e22c6433f25285bb432531fda98a2
3f8001adbbe50914ef22964cd48b5e799eac0b796bc28e2174414dc4cebb6efc
3fae5ba5f7f4324a1120321f6672fa67ffe75921f1cb0fa0780e89c91ffde133
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f148723ebe71ada50997a6b1a9ad0b5a747912e162941e687f97d2046d16e6
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b
4573039c8c07402b6a749813dc17988d4168363ab473c66b70eccda46b87b6ce
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
485b4c6ae76f95936a31d46b0fcc282856e8dae99d6d35512f981ad01b7cd098
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4d950bcf10ea02125f7e203a9d96b3589a74558d66b33171845e4fa3d0a18d25
4df10e77d0617b16a87268cda7454535a98046a9270aa1b4e669db030c0f3a8f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f04e44a6efb67304eaccf40f84d4991481660f4124eb9d5f5e115ea54fcfce4
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
514010fa6b11f61340616503c07fc5c2e4951163e6dc26cc2b4a33c229cc38d9
517a035eaf8312fe6f07fc82f413d219f29ca7b86cc51685d6aa5e92e7668823
530da57dc4371e47d6328c6bc3238b3deef7c27dec9cdf0fffe8d28e2320c355
5333b8fd08e2ea42fdb51efa01f44928a5bd71433bc8a8f431ac65bdaa83834a
53f18af0743623f8e8218119188189c15cd14c5296dbdad995e7d9d8c7af78da
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5636ebfb4b4d85f97782812b2ce80b0aa148bb25aba1c7c6c6d3d6c0682be920
57da53d201c0d142dbe4ba29215330ad0bd45b192f6840019dd3f38d9297878f
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58c92caa165f3ed1505fd12b3f52ee2b05c08c99e93d7a967bc3d922b9b54897
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5a7cf0d7c4d6b0d3538b72ad17851f83fba7c18ee2267f3ae257322e6780fdff
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
5c01b4ea39d41a159cae309e742b5cd4dcbfb24d99456a6ab3822f426120f765
5c4a23a217e269ad2451e4668ad319a23ad3c70ec0d3d84a43d3a2564f0d3287
5e2e249a6580dc37ec57c95d255ee8753b8e5e4e76e24221cc8697d78661c944
5ec37d64a49a8f9a03aa2daaf4b44c912b5f481d232d18f77defb6faeec16ae4
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e7a7943f7444e87b2af6295044b34292a537a23dd3d9436886e3a2ccf620ca
62457e1ee40d37c75fdc8ab9c48b4c713e240979e8759a0e77afc2838903a1ee
62921350ddf3d7ac9045e2252ac924de81442b5c7f144346feae343fb30881a9
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64306d528d43a08c92169e78eae4a7683d53a97b1c43356d22b399be311fc38d
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
69f8d05410179967281d8713679d0637b6bb44b15fb7265ff46e132041d2e775
6a1cdf55e254eb5c720f7dd248b4b2b2936ca8fa27b571e5a8bd93675292ae92
6aa2b1d1d1ee8541c2b2c169b34728afb06a08ca39e5f2d5a4ed145636440eec
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b36993de8613368e7fb3b9034501d00d0d5c4413d3dd501c90938f53638a6be
6b69de612111c26b096a1f30502688185e5bd0fcb1681c9fd7a9a1b89fa9d82e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e812de1cc1532c1ea126c92d765596050775f2b55aafe6123be3b5e6662e1cb
6ec8af825756b9e093443f78a11f7a159654fcf3328609035ff777ff30fa4fca
6ed37e392b16dc80c3fe4470e3e48eb831b86dc84531de828b734190073d8062
703dd3e688e7899681a6392e30559611bc0bd9ed7d09e27208192b4806ba6d03
7136c66ee0037c19d886ae33c804a00e61ea5f4a8850cff98c88c54e4263fa51
71850ae0bf8353e8cfad7f285270c0b527a3499a815b13f79665d7952d920678
722a661c4475066b1e8751262c656312e821c990f771f601231c9d7970b723f5
7243ea95b6a327c78dcf6d651ac4fda9e4024e0b4f09f735a7c0f66f9c2f6c02
729c279083a19981997f6db25eda196dd3951005d347edb26cd6cdbddd45e674
72e06114678dd28f5768b813c0eecaa6f56f022a513f5893b7f90981094ef57f
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74df6a6e6baba23c158bc44b03c0e68cd743edffbf10942864e70e1414936b48
756d6295a51b2f869d5f76a1e0b9a3dbc98480e1f5d4280308ec377ab356cd0d
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
79630baf8eba8c670928b2e0294631c73fd3b0fffb8873c00969ed920313e505
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
7a5419d4e7c7489df1ffee0bd3782e43948ac0becbb3984bda63d49d201f37e6
7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c
7de5a2cafafe8dce046705c7fa7394e2f6afa1f101f8b6e52251a0d69ebfc115
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
7fd7424a4c35368a1f74b59332c21ad08e4570bf827d921c0af2dda5cec60bfd
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
85846963c1b2759630628514ee385e0682d7f871250ae95e5291f84333742a2a
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
870028f088733265a28509511a09579ac83710b15ab1141ac8a58fe625cb2eb8
879c194b3db8616e1df26d44c2d9e10f81c2679c2a8b9e81ffff240b2637b4ef
89a2c18a9c0051a71dd486033b913d41a16aca4d404cd156c5af17918ec1da78
8a23c44de48fb21cbcd562cdf009d5d3049c6e064dea597c2e00f4539487909d
8b0256741fe94eceb488a73ce12f09f7e7ed179ecefbaeae216bf56e6a6511af
8d0318f0cb951dbe7dd97e3b06aac6b49d432d610e7eb245830192f68de424f4
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
8e93349045c292abefc8570cfd48917319ff51e567f1192982e6187d56f8bc13
9000ac6e87387641c9ef778db9586e320bf451e28815384c5e72b689876bcc90
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
9498b377973f729d312661890a576be9de50d311efe0e31d970ebcb7ca6d30ce
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
971fa0f0cc4b635db2c872b97545a403a51db7b36f71a81cc58c6fae8d215b53
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
993c44a103075c6fb2ed65d00b213d5ca98034e3431fff18c5f4217cb35edb66
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9bfb4a2c4f974120f57a48cc57f7937f8045abe2bfb1f78b6683dab126091464
9cbe12bf9a32cb52e0aaf1e6062bf167fd669f54da59af89bb2a0ee6d94b7221
9e24506222cd71cb414ead7082ba5cdc064fb854152749c63190f1f25c1ee74a
9fb252a7b0f03225554f0781925db4039148977f4731567d3d161a7b2f8bac64
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a2416ebef0116f2d6abaf238f4fa0b49ee53abf00cdb113bdb7d90a414058f
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2db9dbe9e508943befef93ba539d3675a5e2c5701ce0671d5f2baab3070a116
a3720dddf8a432ae45248a890d6fbc494326637aca97e247ae90e35b513dc44e
a481ca181e9d6f64e4b75c4b87779e08aa375d45e1ea2ad9c21a7d8e38f361b2
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6528d76a385bf0d4983787d085cf29e4bd66c40d08f4ea1a57c89ead58afce0
a69ce83f86f2e80772d4e867c6d46d9aac905c7554a9300222eefa80e34c24bf
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a80d1993e63c25da02fc8722f0f8245299792aa67545d94dad859d216fb24e62
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
aa05997ea2c6a549852ad57323ba29ddf9cc361a636871be8fe52617d1b2cd7c
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad4ea703f8ea456c70f0a5c5870d04f25083a39360509c26de5a45e3883867cd
afbdec04ad5fc1d3ed9c4c73d86a04c594c5b296fb7cb84baf21486dca75a364
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b09a549527767efb3c3ac41ff655b357526653a1c1486afbe7f799b2df79a1dd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b398ca5776a86c9873f15b54b0e4f51a30b844915c2286630072d2410f4ced00
b3abc1a9cc78e57fdddbdf16ba1cab73e97cbce4cd6af76da6a847c3626f505c
b6b4fd69d2dfe3bff77049e56659a60ea8cae09d4cfa046b9cc071711294d1ab
b73c21de842ec4bbd1b8f2766c4b6d664e246de974333bcac518b1d5e7240339
b786ef46c905136a59658f17751ec61b3795356eb12ad91c70a855f021d9ca0f
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b8c52071640408d26c3a5eda0769602a22f180c5a560985c355626bd05487427
b8ee3a5190db871f74e9cd3ce5888d30627b19659b825302c5eb1c2f043d40c8
b97bd70e65d13ee703d75cc21cb905ee2a417ee419c611d72ff99f657dc84bd9
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bd563965819028a1730d5f21588a5eba6ca26a77b0342f3ee6d3f9ac64b08252
c16a1f54128050a2c4334fe3155151163bc9165334fb0c5f97af87c405a982a8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c234a499d9c862e37a5f552c5f6c17e2a5a4e8484a39ef54f6618dea3ebbdb71
c2d8433c388c8128f98e5b9a0ee1b8f6b086fc247272c0cbd0463f81d5128f2d
c42bcb3cd4ce1c3ee33a4c7d2ef9364769e4ff10d1528c292b1896c433cb3618
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c839e610b32512b98076bdfc62ef6142e48e93cb1f7bceeafeac2cdcec2b9646
c99db44c082e11064426559cd34190be5989a7449fa6d0798f822fe64f0fe26d
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb33747e8dab3b26fddab0a939985ceafedcd610415bf7d2a41575e4ed42c9a2
cbbab7d0fd6218e4604d656040aa6c3ca65da1a18bd1c340f4ca808c394146c3
cd4ad2e7d257986d3a0c3877268db59347197d1c90fa6a3af56542c6ec61f38a
ce262f4b0fa67c46246b270fbeecfe27321ddd237fca33ca4384620a5ad7a170
ce8ecb25fb7765df11714fea733df00b792bed5d2b6db5d635d2bf91d49cf488
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d225412d4de2978e3faabc8d18cba1d5a4dd79689d1c643ac9f56a72e70a73ec
d3111d3e4c0634518a5fe1141b90e486a4b1f4d588dd1b5d862a23f39c22eae1
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d554bbf9b61e074fec1c764cbabc959881519d1baf824e86b6b93ab443621f0d
d571c7385908a3acc2b81723560e805eebe45fbe619fbffed1966fc42262e9fd
d64ea5e6641af452874ed7b43dd988e1e3d0ebb113e6f4dde1598f2c1b506705
d74d69d4842705d8028bb151c7e535af6508f7141401b6c44c1634fa8b39882c
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
daad2a8861de7ca7cf5d9dd6a62be235b8e66505ad544229c82c2536a664394c
dac0856b4317c096d6e138d2a109030e07fe8e4c62a59432a49e9c9696a82e22
dac08fd3eb7d2adf333d36ea5e35d4f4dc25c7dd705cbf99682707b2d95f9031
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db474dcae6035d74edd4ebc274e72dfd03922a986af20695b13e292c817b78c7
dbcc22c848bef73d3265276f7ed7d6cfce134ae0fd4ab7dfd2c5c5b0388ffcb5
dc0b8df366a8235deb10e29959393515342ca346cb4b8ce720ba88cd5369e9c9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5bb57668506d7e274a2a73f94769eaa8557fea9fcd627f027d4c0302c7cc22
dff214826d02cea31c4b4f789a44367318666c184420226ad5439ea3b45d0d16
e1e04b876d769e39d9b54e88e20e60a1258ec858473a8f216c76ce19daba9ebc
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e634eb4bc8fc909bd1ea389002b9036063e2fe86f1a423fb2eb577baaf7e1c
e4412c70ec3e9a934ee15025f48bc9e567038a6d712619e2fdd7232d9fa6cea1
e79923a6bf3023c41b587390a8b3651a2acc6fa717f9c2b421639625a596a6a9
e83d5f80aa75a1579e8ec1fa50bc77dae46c2f099655f49a359cacba4bb85ea1
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea08e4586cd7b908b32366b97bfa2172c495859f7571f375f51a7615cf5706e4
ebcc871f8f7aff9137cd9552ffd1344010c3608753057a3eb09a2a97b37855d7
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ec76b9e915f11475950c65e692a89abfd245de03985b87cd6db83fc54e2c5fbc
eddd5530bb19ac89c4c79678d7a2e6d1d17cef003139428583aba7a5bc1ffa79
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef545107e05d08ac455ec0a3b36290ef3d3a5e7b49d2ed8f5f1499398b58fc43
f11dfc92c5735cc0f65cce140837aa55ac1a908570e4777a936b012ff9c3e6e3
f22df16f24cee7e1182cd5906bfec8a230c94fd33f90d9caf29e6f98548360e4
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38
f55801a1bcf48fde762f206e6a75929aeaac77908ff06e5ac4ebcdd2cdab310b
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fbfea16fc4457f6479e5190631345ba462bf54d44c2552e8314e71b53b81e268
fca1b23045b6c777d30be22aea1e625ed8240bbc298886c7f3c1fce209ebbac2
fd2c680964b28dc283f3518e21720cd2f886e7bdb8d2f5b47809ef836c337d52
fd8817c4d57193a7a32d38cf44152b33af3836180b0b491b26f9444ecf5b0cb4
fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c