urlscan.io logo urlscan.io
SecurityTrails logo

www.usmagazine.com Open in urlscan Pro
192.0.66.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm9...
Effective URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Submission: On June 28 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 219 IPs in 13 countries across 172 domains to perform 1010 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.usmagazine.com. The Cisco Umbrella rank of the primary domain is 32654.
TLS certificate: Issued by R3 on May 6th 2023. Valid for: 3 months.
This is the only time www.usmagazine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
22 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
53 192.0.66.2 2635 (AUTOMATTIC)
1 2600:9000:202... 16509 (AMAZON-02)
2 104.19.149.54 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
4 2600:9000:220... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 108.138.106.49 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 13.35.93.117 16509 (AMAZON-02)
2 2600:9000:23c... 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:21e... 16509 (AMAZON-02)
1 18.164.116.117 16509 (AMAZON-02)
2 23.196.185.74 16625 (AKAMAI-AS)
13 2606:4700:440... 13335 (CLOUDFLAR...)
1 14 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
3 9 18.164.96.18 16509 (AMAZON-02)
2 2600:9000:24f... 16509 (AMAZON-02)
1 34.149.46.168 15169 (GOOGLE)
5 35.169.202.51 14618 (AMAZON-AES)
1 13.35.93.111 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 168.61.164.192 8075 (MICROSOFT...)
16 2607:f8b0:400... 15169 (GOOGLE)
1 13.35.93.98 16509 (AMAZON-02)
3 108.138.107.138 16509 (AMAZON-02)
3 2600:9000:24f... 16509 (AMAZON-02)
3 5 2600:9000:220... 16509 (AMAZON-02)
11 2600:9000:21d... 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
11 16 68.67.160.186 29990 (ASN-APPNEX)
10 34.107.254.252 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.128.41 16509 (AMAZON-02)
5 54.230.163.84 16509 (AMAZON-02)
1 13.33.60.74 16509 (AMAZON-02)
1 18.164.96.87 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
3 2600:141b:e80... 20940 (AKAMAI-ASN1)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 52.1.91.70 14618 (AMAZON-AES)
4 130.211.23.194 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
4 10 142.250.65.198 15169 (GOOGLE)
2 54.235.104.91 14618 (AMAZON-AES)
1 16 3.232.217.213 14618 (AMAZON-AES)
2 54.82.148.84 14618 (AMAZON-AES)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 44.230.98.130 16509 (AMAZON-02)
1 18.164.116.116 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
5 5 68.67.179.164 29990 (ASN-APPNEX)
18 32 15.197.193.217 16509 (AMAZON-02)
13 35 162.248.18.37 62713 (AS-PUBMATIC)
10 14 69.173.151.100 26667 (RUBICONPR...)
6 10 34.111.113.62 396982 (GOOGLE-CL...)
17 24 142.250.80.98 15169 (GOOGLE)
15 15 199.127.204.171 26120 (RHYTHMONE)
5 9 198.148.27.140 19189 (PULSEPOINT)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
4 8 34.237.133.75 14618 (AMAZON-AES)
1 2600:9000:220... 16509 (AMAZON-02)
13 13.226.34.28 16509 (AMAZON-02)
5 5 52.20.224.27 14618 (AMAZON-AES)
2 2 44.240.237.7 16509 (AMAZON-02)
6 22 192.40.39.223 27381 (CASALE-MEDIA)
7 8 216.200.232.249 30419 (MEDIAMATH...)
8 8 64.202.112.159 23352 (SERVERCEN...)
6 8 23.197.21.62 16625 (AKAMAI-AS)
25 26 35.211.178.172 15169 (GOOGLE)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 2 192.132.33.46 18568 (BIDTELLECT)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 108.138.106.5 16509 (AMAZON-02)
3 3 199.38.167.130 54312 (ROCKETFUEL)
1 2 107.178.254.65 396982 (GOOGLE-CL...)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
3 4 74.119.119.150 19750 (AS-CRITEO)
1 1 35.190.90.30 15169 (GOOGLE)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
3 52.85.61.12 16509 (AMAZON-02)
5 6 23.64.106.145 16625 (AKAMAI-AS)
16 23.4.226.82 16625 (AKAMAI-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 2a04:4e42:200... 54113 (FASTLY)
1 34.120.253.250 396982 (GOOGLE-CL...)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 18.164.124.103 16509 (AMAZON-02)
2 2600:9000:214... 16509 (AMAZON-02)
3 18.164.96.22 16509 (AMAZON-02)
1 23.42.197.166 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.39.14.50 16509 (AMAZON-02)
8 34.98.72.95 396982 (GOOGLE-CL...)
1 152.199.5.228 15133 (EDGECAST)
2 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.116.78 16509 (AMAZON-02)
2 13.225.223.78 16509 (AMAZON-02)
1 13.226.34.6 16509 (AMAZON-02)
2 52.85.61.76 16509 (AMAZON-02)
2 3.132.99.154 16509 (AMAZON-02)
5 18.164.98.157 16509 (AMAZON-02)
16 54.145.58.176 14618 (AMAZON-AES)
1 184.29.143.136 20940 (AKAMAI-ASN1)
5 5 8.43.72.98 26667 (RUBICONPR...)
4 2602:803:c002... 26667 (RUBICONPR...)
4 23.200.197.46 16625 (AKAMAI-AS)
3 20 147.28.129.37 54825 (PACKET)
4 2620:100:a001... 19750 (AS-CRITEO)
4 199.250.161.129 26459 (TTD-ASN-01)
3 34.193.67.70 14618 (AMAZON-AES)
1 54.230.163.120 16509 (AMAZON-02)
1 162.19.138.118 16276 (OVH)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 5 2600:1f18:4e9... 14618 (AMAZON-AES)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 32 52.46.143.56 16509 (AMAZON-02)
1 2 67.220.224.144 16509 (AMAZON-02)
1 34.202.96.43 14618 (AMAZON-AES)
3 108.138.106.37 16509 (AMAZON-02)
8 10 141.95.33.111 16276 (OVH)
2 2a04:4e42:600... 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 13.225.214.128 16509 (AMAZON-02)
6 209.54.181.15 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
8 213.239.211.175 24940 (HETZNER-AS)
3 108.139.29.21 16509 (AMAZON-02)
2 44.198.229.175 14618 (AMAZON-AES)
1 35.211.171.209 19527 (GOOGLE-2)
1 54.225.108.234 14618 (AMAZON-AES)
3 104.36.115.111 62713 (AS-PUBMATIC)
1 192.35.249.143 11742 (SPOTX-IAD)
1 2600:9000:251... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
7 44.209.177.129 14618 (AMAZON-AES)
1 44.205.39.228 14618 (AMAZON-AES)
1 2 34.196.5.17 14618 (AMAZON-AES)
8 8 44.193.243.239 14618 (AMAZON-AES)
2 6 104.36.115.113 62713 (AS-PUBMATIC)
2 7 23.92.190.68 10913 (INTERNAP-BLK)
3 3 52.73.23.114 14618 (AMAZON-AES)
1 1 23.222.224.22 16625 (AKAMAI-AS)
1 1 195.244.31.11 63140 (IGUANA-WO...)
1 1 2600:9000:220... 16509 (AMAZON-02)
3 3 34.171.234.26 396982 (GOOGLE-CL...)
5 5 185.167.164.37 198622 (ADFORM)
5 13.225.214.57 16509 (AMAZON-02)
6 10 35.244.159.8 15169 (GOOGLE)
5 5 23.105.12.142 30633 (LEASEWEB-...)
8 8 2606:ae80:145... 25751 (VALUECLICK)
1 17 108.138.106.110 16509 (AMAZON-02)
3 4 23.92.190.74 10913 (INTERNAP-BLK)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 2 108.138.128.83 16509 (AMAZON-02)
8 54.84.209.63 14618 (AMAZON-AES)
5 23.196.184.208 16625 (AKAMAI-AS)
7 52.203.194.180 14618 (AMAZON-AES)
7 8 34.200.65.202 14618 (AMAZON-AES)
18 3.227.148.228 14618 (AMAZON-AES)
2 3 35.71.139.29 16509 (AMAZON-02)
1 19 3.213.224.199 14618 (AMAZON-AES)
2 3 107.20.114.132 14618 (AMAZON-AES)
3 4 70.42.32.223 13789 (INTERNAP-...)
4 4 2620:116:800b... 14618 (AMAZON-AES)
2 2 52.54.173.81 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 2 169.197.150.7 398989 (DEEPINTENT)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 52.20.42.167 14618 (AMAZON-AES)
13 2600:9000:24f... 16509 (AMAZON-02)
1 36 52.7.22.188 14618 (AMAZON-AES)
1 174.137.133.32 27257 (WEBAIR-IN...)
2 3 151.101.2.49 54113 (FASTLY)
4 4 207.198.113.86 13768 (COGECO-PEER1)
2 74.119.119.139 19750 (AS-CRITEO)
4 4 35.207.24.140 15169 (GOOGLE)
1 1 213.19.162.80 26667 (RUBICONPR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
8 13 162.248.18.32 62713 (AS-PUBMATIC)
5 9 162.248.18.34 62713 (AS-PUBMATIC)
1 1 67.202.105.24 32748 (STEADFAST)
1 1 44.207.72.204 14618 (AMAZON-AES)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
1 2 23.49.100.28 16625 (AKAMAI-AS)
3 3 35.214.143.153 15169 (GOOGLE)
1 1 69.166.1.10 27630 (AS-XFERNET)
1 1 63.251.28.234 13789 (INTERNAP-...)
1 1 202.241.208.55 4694 (IDCF IDC ...)
2 80.77.87.161 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 51.222.39.184 16276 (OVH)
1 1 151.101.2.132 54113 (FASTLY)
1 104.112.8.161 16625 (AKAMAI-AS)
1 108.139.47.92 16509 (AMAZON-02)
2 4 44.205.30.65 14618 (AMAZON-AES)
2 4 54.148.15.162 16509 (AMAZON-02)
4 6 35.190.60.146 15169 (GOOGLE)
1 104.21.60.205 13335 (CLOUDFLAR...)
2 34.194.96.29 14618 (AMAZON-AES)
8 52.204.149.108 14618 (AMAZON-AES)
3 3 2600:9000:23c... 16509 (AMAZON-02)
40 3.91.171.231 14618 (AMAZON-AES)
28 2600:1f18:1ac... 14618 (AMAZON-AES)
1 151.101.193.108 54113 (FASTLY)
1 2 3.219.128.143 14618 (AMAZON-AES)
1 1 142.234.204.77 396362 (LEASEWEB-...)
4 108.139.29.102 16509 (AMAZON-02)
2 142.250.72.98 15169 (GOOGLE)
1 2 34.196.240.12 14618 (AMAZON-AES)
1 1 50.116.194.21 6336 (TURN-US-ASN)
2 18.164.116.55 16509 (AMAZON-02)
43 54.230.163.20 16509 (AMAZON-02)
3 142.251.40.170 15169 (GOOGLE)
6 54.221.229.84 14618 (AMAZON-AES)
17 34.111.8.32 396982 (GOOGLE-CL...)
3 199.250.162.129 26459 (TTD-ASN-01)
3 185.151.204.50 61273 (ADJUST-NL)
11 11 3.17.219.121 16509 (AMAZON-02)
11 3.132.38.97 16509 (AMAZON-02)
5 23.77.173.47 16625 (AKAMAI-AS)
1 35.244.193.51 15169 (GOOGLE)
1 34.120.155.137 396982 (GOOGLE-CL...)
1 1 3.219.198.131 14618 (AMAZON-AES)
2 4 35.207.10.239 15169 (GOOGLE)
1 104.19.158.19 13335 (CLOUDFLAR...)
12 23.77.174.20 16625 (AKAMAI-AS)
2 104.76.101.242 16625 (AKAMAI-AS)
2 2 143.204.146.2 16509 (AMAZON-02)
2 44.213.0.41 14618 (AMAZON-AES)
2 2 13.33.60.71 16509 (AMAZON-02)
2 52.217.226.41 16509 (AMAZON-02)
1 1 193.122.128.135 31898 (ORACLE-BM...)
1 1 23.105.12.173 30633 (LEASEWEB-...)
1 54.204.174.60 14618 (AMAZON-AES)
1 52.212.6.190 16509 (AMAZON-02)
2 23.37.123.209 20940 (AKAMAI-ASN1)
2 2 173.231.178.77 32475 (SINGLEHOP...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 35.186.193.173 15169 (GOOGLE)
1 1 172.105.221.240 63949 (AKAMAI-LI...)
1 1 20.85.134.6 8075 (MICROSOFT...)
1 162.55.120.196 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
2 2 23.220.11.204 16625 (AKAMAI-AS)
1 3.215.162.236 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 134.122.57.34 14061 (DIGITALOC...)
1 1 172.67.154.71 13335 (CLOUDFLAR...)
2 2 37.157.5.132 198622 (ADFORM)
2 2 188.42.34.64 7979 (SERVERS-COM)
1 8.28.7.105 62713 (AS-PUBMATIC)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 34.117.228.201 396982 (GOOGLE-CL...)
1 108.138.128.91 16509 (AMAZON-02)
1 2 54.205.176.242 14618 (AMAZON-AES)
3 4 35.169.232.116 14618 (AMAZON-AES)
2 75.2.13.80 16509 (AMAZON-02)
1 34.120.32.33 396982 (GOOGLE-CL...)
2 104.18.24.185 13335 (CLOUDFLAR...)
1010 219
3    2607:f8b0:4006:80c::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
news.google.com
1    2607:f8b0:4006:80e::200a (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4006:820::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
22    2607:f8b0:4006:820::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2607:f8b0:4006:80d::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:824::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
apis.google.com
5    2607:f8b0:4006:80e::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
play.google.com
53    192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
www.usmagazine.com
sso.ami-admin.com
1    2600:9000:202c:9400:e:a5e8:ab40:21 (United States)

ASN16509 (AMAZON-02, US)
d17tqr44y57o31.cloudfront.net
2    104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
7    2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
4    2600:9000:2209:3c00:1c:15e:8d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
d3jdulus8lb392.cloudfront.net
2    2606:4700::6812:1c26 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net
static.hotjar.com
2    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
3    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.35.93.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-117.jfk50.r.cloudfront.net
launcher.spot.im
2    2600:9000:23cb:4000:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
1    2606:4700:20::681a:832 (United States)

ASN13335 (CLOUDFLARENET, US)
americanmediainc-com.videoplayerhub.com
2    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2600:9000:21ea:5e00:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
1    18.164.116.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-117.jfk50.r.cloudfront.net
cdn.blueconic.net
2    23.196.185.74 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-185-74.deploy.static.akamaitechnologies.com
s.ntv.io
13    2606:4700:4400::ac40:97de (United States)

ASN13335 (CLOUDFLARENET, US)
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
14    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
p.ad.gt
ids.ad.gt
pixels.ad.gt
3    2606:4700:10::6816:39ae (United States)

ASN13335 (CLOUDFLARENET, US)
users.api.jeeng.com
telemetries.jeeng.com
9    18.164.96.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-18.jfk50.r.cloudfront.net
sb.scorecardresearch.com
2    2600:9000:24f1:f200:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    34.149.46.168 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 168.46.149.34.bc.googleusercontent.com
asset.fwpub1.com
5    35.169.202.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-202-51.compute-1.amazonaws.com
tags.srv.stackadapt.com
1    13.35.93.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-111.jfk50.r.cloudfront.net
launchpad-wrapper.privacymanager.io
2    2606:4700:20::ac43:4887 (United States)

ASN13335 (CLOUDFLARENET, US)
static.trueanthem.com
1    168.61.164.192 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dot.dm-io.com
16    2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
1    13.35.93.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-98.jfk50.r.cloudfront.net
cdn.adsafeprotected.com
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
3    2600:9000:24f1:8c00:15:d134:4e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
ovp.iris.tv
5    2600:9000:2209:ca00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
11    2600:9000:21dd:5a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co
16    68.67.160.186 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
10    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    108.138.128.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-41.jfk50.r.cloudfront.net
direct-events-collector.spot.im
5    54.230.163.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-84.ewr53.r.cloudfront.net
static-cdn.spot.im
1    13.33.60.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-74.ewr52.r.cloudfront.net
publisher-assets.spot.im
1    18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net
script.hotjar.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
3    2600:141b:e800:138d::3b8f (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
widget.engageya.com
1    2600:1f18:730:b130:6259:cdb:fde4:77dc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    52.1.91.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-91-70.compute-1.amazonaws.com
rp4.liadm.com
4    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
4    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
10    142.250.65.198 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net
ad.doubleclick.net
2    54.235.104.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-104-91.compute-1.amazonaws.com
americanmedia.blueconic.net
16    3.232.217.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-217-213.compute-1.amazonaws.com
jadserve.postrelease.com
2    54.82.148.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-148-84.compute-1.amazonaws.com
ping.chartbeat.net
4    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    44.230.98.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-98-130.us-west-2.compute.amazonaws.com
p2.fwpixel.com
1    18.164.116.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-116.jfk50.r.cloudfront.net
launchpad.privacymanager.io
2    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
5    68.67.179.164 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
32    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
35    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
14    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
10    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
tapestry.tapad.com
24    142.250.80.98 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
cm.g.doubleclick.net
15    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
9    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    2607:f8b0:4006:817::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
8    34.237.133.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-133-75.compute-1.amazonaws.com
i.liadm.com
1    2600:9000:2209:fa00:1b:f238:9640:93a1 (United States)

ASN16509 (AMAZON-02, US)
sli.usmagazine.com
13    13.226.34.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-28.ewr53.r.cloudfront.net
bc.usmagazine.com
5    52.20.224.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-224-27.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    44.240.237.7 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-237-7.us-west-2.compute.amazonaws.com
www.storygize.net
22    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
8    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    64.202.112.159 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
8    23.197.21.62 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-21-62.deploy.static.akamaitechnologies.com
stags.bluekai.com
x.dlx.addthis.com
tags.bluekai.com
26    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com
bttrack.com
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
2    108.138.106.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-5.jfk50.r.cloudfront.net
live.rezync.com
3    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
1    2600:1f18:ed:550e:4106:3062:270c:cbbd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
3    52.85.61.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-12.ewr53.r.cloudfront.net
geo.privacymanager.io
6    23.64.106.145 (Englewood, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-106-145.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
micro.rubiconproject.com
16    23.4.226.82 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-226-82.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2606:4700:20::681a:aa4 (United States)

ASN13335 (CLOUDFLARENET, US)
b.trueanthem.com
1    2606:4700::6812:fcc (United States)

ASN13335 (CLOUDFLARENET, US)
recs.engageya.com
12    2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
prd.jwpltx.com
assets-jpcust.jwpsrv.com
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
1    2606:4700:e2::ac40:8104 (United States)

ASN13335 (CLOUDFLARENET, US)
8fby8peddod4qetsz.ay.delivery
1    18.164.124.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-103.jfk50.r.cloudfront.net
get.s-onetag.com
2    2600:9000:2140:2400:13:6a46:aa00:93a1 (United States)

ASN16509 (AMAZON-02, US)
socialcanvas-cdn.kargo.com
3    18.164.96.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-22.jfk50.r.cloudfront.net
api-2-0.spot.im
1    23.42.197.166 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-42-197-166.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    52.39.14.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-14-50.us-west-2.compute.amazonaws.com
analytics.audioeye.com
8    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
1    152.199.5.228 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2607:f8b0:4006:81f::200a (Flushing, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    18.164.116.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-78.jfk50.r.cloudfront.net
ats-wrapper.privacymanager.io
2    13.225.223.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-78.jfk51.r.cloudfront.net
onetag-geo.s-onetag.com
1    13.226.34.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-6.ewr53.r.cloudfront.net
signal-beacon.s-onetag.com
2    52.85.61.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-76.ewr53.r.cloudfront.net
signal-segments.s-onetag.com
2    3.132.99.154 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-99-154.us-east-2.compute.amazonaws.com
socialcanvas-api.kargo.com
5    18.164.98.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-98-157.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
16    54.145.58.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-58-176.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    184.29.143.136 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-29-143-136.deploy.static.akamaitechnologies.com
storage.cloud.kargo.com
5    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    2602:803:c002:200::42 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    23.200.197.46 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-197-46.deploy.static.akamaitechnologies.com
a.teads.tv
20    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
4    199.250.161.129 (United States)

ASN26459 (TTD-ASN-01, US)
direct.adsrvr.org
3    34.193.67.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-67-70.compute-1.amazonaws.com
krk2.kargo.com
1    54.230.163.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-120.ewr53.r.cloudfront.net
context.iris.tv
1    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    2607:f8b0:4006:822::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
877745acab893034cef8127367b52c02.safeframe.googlesyndication.com
5    2600:1f18:4e9:5a01:989d:4d6a:f0:57ab (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
32    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    67.220.224.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    34.202.96.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-96-43.compute-1.amazonaws.com
idx.liadm.com
3    108.138.106.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-37.jfk50.r.cloudfront.net
aa.agkn.com
10    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
2    2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
1    2607:f8b0:4006:821::2006 (Flushing, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    13.225.214.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-128.ewr50.r.cloudfront.net
trx-hub.com
6    209.54.181.15 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax-us-east.amazon-adsystem.com
4    2607:f8b0:4006:80a::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    213.239.211.175 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.239.211.175.clients.your-server.de
api.assertcom.de
3    108.139.29.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-21.jfk50.r.cloudfront.net
dfp-gateway.s-onetag.com
2    44.198.229.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-229-175.compute-1.amazonaws.com
prebid-server.rubiconproject.com
1    35.211.171.209 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 209.171.211.35.bc.googleusercontent.com
grid.bidswitch.net
1    54.225.108.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-108-234.compute-1.amazonaws.com
krk.kargo.com
3    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    192.35.249.143 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
search.spotxchange.com
1    2600:9000:2511:c400:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
3    2607:f8b0:4006:81c::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    44.209.177.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-177-129.compute-1.amazonaws.com
crb.kargo.com
1    44.205.39.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-39-228.compute-1.amazonaws.com
cma.kargo.com
2    34.196.5.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-5-17.compute-1.amazonaws.com
rtb.gumgum.com
8    44.193.243.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-243-239.compute-1.amazonaws.com
match.prod.bidr.io
6    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    23.92.190.68 (Houston, United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
3    52.73.23.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-23-114.compute-1.amazonaws.com
ice.360yield.com
ad.360yield.com
1    23.222.224.22 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-224-22.deploy.static.akamaitechnologies.com
cs.media.net
1    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
1    2600:9000:2209:1c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    34.171.234.26 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.234.171.34.bc.googleusercontent.com
um.simpli.fi
5    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
5    13.225.214.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-57.ewr50.r.cloudfront.net
ms-cookie-sync.presage.io
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
5    23.105.12.142 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
8    2606:ae80:1451:20::1720 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
yieldmo-match.dotomi.com
pubmatic-match.dotomi.com
17    108.138.106.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-110.jfk50.r.cloudfront.net
usr.undertone.com
evt.undertone.com
4    23.92.190.74 (Houston, United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    108.138.128.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-83.jfk50.r.cloudfront.net
ads.undertone.com
8    54.84.209.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-209-63.compute-1.amazonaws.com
prebid-a.rubiconproject.com
5    23.196.184.208 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-184-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    52.203.194.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-194-180.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-openx.ads.yieldmo.com
sync-iqzone.ads.yieldmo.com
sync-eq.ads.yieldmo.com
sync-beeswax.ads.yieldmo.com
sync-adform.ads.yieldmo.com
sync-pm.ads.yieldmo.com
8    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
18    3.227.148.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-148-228.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
3    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
19    3.213.224.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-224-199.compute-1.amazonaws.com
usersync.gumgum.com
3    107.20.114.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-114-132.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
4    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
4    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    52.54.173.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-173-81.compute-1.amazonaws.com
sync.ipredictive.com
1    2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    52.20.42.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-42-167.compute-1.amazonaws.com
pm.w55c.net
13    2600:9000:24f1:c800:1b:83f3:bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.yieldmo.com
36    52.7.22.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-22-188.compute-1.amazonaws.com
ads.yieldmo.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
gum.criteo.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    213.19.162.80 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
13    162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
9    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    67.202.105.24 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    44.207.72.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-72-204.compute-1.amazonaws.com
match.sharethrough.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    23.49.100.28 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-49-100-28.deploy.static.akamaitechnologies.com
contextual.media.net
3    35.214.143.153 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 153.143.214.35.bc.googleusercontent.com
csync.loopme.me
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    63.251.28.234 (United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
1    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    51.222.39.184 (Canada)

ASN16276 (OVH, FR)
PTR: ip184.ip-51-222-39.net
onetag-sys.com
1    151.101.2.132 (United States)

ASN54113 (FASTLY, US)
p.placed.com
1    104.112.8.161 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-112-8-161.deploy.static.akamaitechnologies.com
cw.addthis.com
1    108.139.47.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-92.jfk50.r.cloudfront.net
ads.scorecardresearch.com
4    44.205.30.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-30-65.compute-1.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
4    54.148.15.162 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-15-162.us-west-2.compute.amazonaws.com
dpm.demdex.net
6    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
1    104.21.60.205 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    34.194.96.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-96-29.compute-1.amazonaws.com
beacon.krxd.net
8    52.204.149.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-149-108.compute-1.amazonaws.com
ads.sparkflow.net
3    2600:9000:23ca:8000:1e:fdf8:aac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
matchadsrvr.yieldmo.com
40    3.91.171.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-171-231.compute-1.amazonaws.com
kinesis.us-east-1.amazonaws.com
28    2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    3.219.128.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-128-143.compute-1.amazonaws.com
rtb.adentifi.com
1    142.234.204.77 (Edison, United States)

ASN396362 (LEASEWEB-USA-NYC, US)
xsync.iqzone.com
4    108.139.29.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-102.jfk50.r.cloudfront.net
check.analytics.rlcdn.com
2    142.250.72.98 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
pagead2.googlesyndication.com
2    34.196.240.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-240-12.compute-1.amazonaws.com
thrtle.com
1    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
ad.turn.com
2    18.164.116.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-55.jfk50.r.cloudfront.net
ops-cdn.undertone.com
43    54.230.163.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-20.ewr53.r.cloudfront.net
creative-p.undertone.com
3    142.251.40.170 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f10.1e100.net
ajax.googleapis.com
6    54.221.229.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-229-84.compute-1.amazonaws.com
rtr.innovid.com
17    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
contextual-analytics.wunderkind.co
events.bouncex.net
dfp.bouncex.net
3    199.250.162.129 (United States)

ASN26459 (TTD-ASN-01, US)
va6-bid.adsrvr.org
3    185.151.204.50 (United States)

ASN61273 (ADJUST-NL, DE)
view.adjust.com
11    3.17.219.121 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-17-219-121.us-east-2.compute.amazonaws.com
s.innovid.com
11    3.132.38.97 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-38-97.us-east-2.compute.amazonaws.com
ag.innovid.com
5    23.77.173.47 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-173-47.deploy.static.akamaitechnologies.com
s-static.innovid.com
1    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    3.219.198.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-198-131.compute-1.amazonaws.com
usermatch.krxd.net
4    35.207.10.239 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 239.10.207.35.bc.googleusercontent.com
ssp.behave.com
1    104.19.158.19 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
12    23.77.174.20 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-174-20.deploy.static.akamaitechnologies.com
px.moatads.com
obo.moatads.com
2    104.76.101.242 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-101-242.deploy.static.akamaitechnologies.com
dsa.moatads.com
2    143.204.146.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-2.ewr52.r.cloudfront.net
secure-gl.imrworldwide.com
2    44.213.0.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-0-41.compute-1.amazonaws.com
qmbrjc9n6lrr5ruhopjnqljhxhf4e1687975178.darnuid.imrworldwide.com
9d8u0rnshxrn411z5jbukvbvbefsa1687975178.darnuid.imrworldwide.com
2    13.33.60.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-71.ewr52.r.cloudfront.net
imtwjwoasak.com
2    52.217.226.41 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com
1    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    23.105.12.173 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    54.204.174.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-174-60.compute-1.amazonaws.com
sync.bfmio.com
1    52.212.6.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-6-190.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
2    23.37.123.209 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-37-123-209.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
2    173.231.178.77 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    172.105.221.240 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-240.members.linode.com
gocm.c.appier.net
1    20.85.134.6 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    23.220.11.204 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-11-204.deploy.static.akamaitechnologies.com
px.owneriq.net
1    3.215.162.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-162-236.compute-1.amazonaws.com
bpi.rtactivate.com
2    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    172.67.154.71 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
2    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    8.28.7.105 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
tps.doubleverify.com
1    108.138.128.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-91.jfk50.r.cloudfront.net
pix.spot.im
2    54.205.176.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-176-242.compute-1.amazonaws.com
io.narrative.io
4    35.169.232.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-232-116.compute-1.amazonaws.com
a.audrte.com
2    75.2.13.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
1    34.120.32.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.32.120.34.bc.googleusercontent.com
tps-monitoring-events-ue1.doubleverify.com
2    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
Apex Domain
Subdomains		 Transfer
72 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1036
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 575
image6.pubmatic.com — Cisco Umbrella Rank: 812
ads.pubmatic.com — Cisco Umbrella Rank: 553
image8.pubmatic.com — Cisco Umbrella Rank: 738
image4.pubmatic.com — Cisco Umbrella Rank: 1305
simage2.pubmatic.com — Cisco Umbrella Rank: 797
simage4.pubmatic.com — Cisco Umbrella Rank: 1338
ow.pubmatic.com — Cisco Umbrella Rank: 2451
63 KB
65 undertone.com
cdn.undertone.com — Cisco Umbrella Rank: 4360
usr.undertone.com — Cisco Umbrella Rank: 2845
ads.undertone.com — Cisco Umbrella Rank: 6347
evt.undertone.com — Cisco Umbrella Rank: 5734
ops-cdn.undertone.com — Cisco Umbrella Rank: 45114
creative-p.undertone.com — Cisco Umbrella Rank: 13291
2 MB
63 usmagazine.com
www.usmagazine.com — Cisco Umbrella Rank: 32654
sli.usmagazine.com — Cisco Umbrella Rank: 91280
bc.usmagazine.com — Cisco Umbrella Rank: 76870
2 MB
59 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 6641
static.yieldmo.com — Cisco Umbrella Rank: 2645
ads.yieldmo.com — Cisco Umbrella Rank: 688
matchadsrvr.yieldmo.com — Cisco Umbrella Rank: 3043
sync-openx.ads.yieldmo.com — Cisco Umbrella Rank: 6381
sync-iqzone.ads.yieldmo.com — Cisco Umbrella Rank: 7138
sync-eq.ads.yieldmo.com — Cisco Umbrella Rank: 6907
sync-beeswax.ads.yieldmo.com — Cisco Umbrella Rank: 6891
sync-adform.ads.yieldmo.com — Cisco Umbrella Rank: 9184
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 7055
747 KB
56 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 652
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1160
eus.rubiconproject.com — Cisco Umbrella Rank: 616
micro.rubiconproject.com — Cisco Umbrella Rank: 3115
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1199
fastlane.rubiconproject.com — Cisco Umbrella Rank: 552
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 999
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2939
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2423
236 KB
56 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3771
static.adsafeprotected.com — Cisco Umbrella Rank: 624
pixel.adsafeprotected.com — Cisco Umbrella Rank: 743
dt.adsafeprotected.com — Cisco Umbrella Rank: 542
517 KB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
ad.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
204 KB
48 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 353
aax.amazon-adsystem.com — Cisco Umbrella Rank: 438
s.amazon-adsystem.com — Cisco Umbrella Rank: 333
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025
aax-us-east.amazon-adsystem.com — Cisco Umbrella Rank: 1059
188 KB
42 amazonaws.com
kinesis.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1365
imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com — Cisco Umbrella Rank: 5008
12 KB
39 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 383
direct.adsrvr.org — Cisco Umbrella Rank: 3794
insight.adsrvr.org — Cisco Umbrella Rank: 603
va6-bid.adsrvr.org — Cisco Umbrella Rank: 1971
21 KB
33 innovid.com
rtr.innovid.com — Cisco Umbrella Rank: 1709
s.innovid.com — Cisco Umbrella Rank: 1795
ag.innovid.com — Cisco Umbrella Rank: 1782
s-static.innovid.com — Cisco Umbrella Rank: 1990
1 MB
27 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 359
grid.bidswitch.net — Cisco Umbrella Rank: 1134
13 KB
27 gstatic.com
www.gstatic.com
fonts.gstatic.com
669 KB
24 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1357
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
dsum.casalemedia.com — Cisco Umbrella Rank: 1666
as-sec.casalemedia.com — Cisco Umbrella Rank: 2024
28 KB
22 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
secure.adnxs.com — Cisco Umbrella Rank: 469
acdn.adnxs.com — Cisco Umbrella Rank: 587
39 KB
21 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1769
usersync.gumgum.com — Cisco Umbrella Rank: 2074
6 KB
21 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 988
c3.a-mo.net Failed
assets.a-mo.net — Cisco Umbrella Rank: 2228
10 KB
18 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 4317
cs.yellowblue.io — Cisco Umbrella Rank: 3297
9 KB
17 kargo.com
socialcanvas-cdn.kargo.com — Cisco Umbrella Rank: 10019
socialcanvas-api.kargo.com — Cisco Umbrella Rank: 9152
storage.cloud.kargo.com — Cisco Umbrella Rank: 6083
krk2.kargo.com — Cisco Umbrella Rank: 4948
krk.kargo.com — Cisco Umbrella Rank: 3372
crb.kargo.com — Cisco Umbrella Rank: 1783
cma.kargo.com — Cisco Umbrella Rank: 28962
161 KB
16 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1262
10 KB
16 ad.gt
a.ad.gt — Cisco Umbrella Rank: 3028
p.ad.gt — Cisco Umbrella Rank: 3562
ids.ad.gt — Cisco Umbrella Rank: 2351
id.hadron.ad.gt — Cisco Umbrella Rank: 2437
pixels.ad.gt — Cisco Umbrella Rank: 3384
19 KB
14 moatads.com
px.moatads.com — Cisco Umbrella Rank: 528
dsa.moatads.com — Cisco Umbrella Rank: 4614
obo.moatads.com — Cisco Umbrella Rank: 5808
4 KB
14 audioeye.com
wsmcdn.audioeye.com — Cisco Umbrella Rank: 7569
wsv3cdn.audioeye.com — Cisco Umbrella Rank: 5056
analytics.audioeye.com — Cisco Umbrella Rank: 5945
312 KB
14 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 2981
rp.liadm.com — Cisco Umbrella Rank: 1832
rp4.liadm.com — Cisco Umbrella Rank: 7077
i.liadm.com — Cisco Umbrella Rank: 697
i6.liadm.com — Cisco Umbrella Rank: 2150
idx.liadm.com — Cisco Umbrella Rank: 3223
26 KB
13 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2117
dfp.bouncex.net — Cisco Umbrella Rank: 4848
1 KB
12 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
5 KB
12 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 3189
assets.bounceexchange.com — Cisco Umbrella Rank: 2133
api.bounceexchange.com — Cisco Umbrella Rank: 2474
207 KB
12 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 608
bidder.criteo.com — Cisco Umbrella Rank: 719
gum.criteo.com — Cisco Umbrella Rank: 405
mug.criteo.com — Cisco Umbrella Rank: 2102
10 KB
12 spot.im
launcher.spot.im — Cisco Umbrella Rank: 5013
direct-events-collector.spot.im — Cisco Umbrella Rank: 4093
static-cdn.spot.im — Cisco Umbrella Rank: 4026
publisher-assets.spot.im — Cisco Umbrella Rank: 4296
api-2-0.spot.im — Cisco Umbrella Rank: 2725
pix.spot.im — Cisco Umbrella Rank: 4368
94 KB
12 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2805
api.permutive.com — Cisco Umbrella Rank: 2037
146 KB
12 google.com
news.google.com — Cisco Umbrella Rank: 5509
apis.google.com — Cisco Umbrella Rank: 195
play.google.com — Cisco Umbrella Rank: 58
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 113
262 KB
11 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 428
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4408
api.rlcdn.com — Cisco Umbrella Rank: 1051
3 KB
11 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1060
ap.lijit.com — Cisco Umbrella Rank: 782
11 KB
11 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 808
id5-sync.com — Cisco Umbrella Rank: 423
40 KB
11 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4437
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6009
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6314
signal-segments.s-onetag.com — Cisco Umbrella Rank: 12267
dfp-gateway.s-onetag.com — Cisco Umbrella Rank: 17237
connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 4425
signal-metrics-collector-beta.s-onetag.com — Cisco Umbrella Rank: 4677
33 KB
10 openx.net
u.openx.net — Cisco Umbrella Rank: 769
us-u.openx.net — Cisco Umbrella Rank: 496
2 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
877745acab893034cef8127367b52c02.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
42 KB
10 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 613
7 KB
10 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 524
tapestry.tapad.com — Cisco Umbrella Rank: 1547
2 KB
10 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3188
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
9 KB
10 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 162
ads.scorecardresearch.com — Cisco Umbrella Rank: 3681
58 KB
9 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 651
8 KB
8 sparkflow.net
ads.sparkflow.net — Cisco Umbrella Rank: 12636
26 KB
8 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5931
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 9077
yieldmo-match.dotomi.com
pubmatic-match.dotomi.com
3 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 610
4 KB
8 assertcom.de
api.assertcom.de — Cisco Umbrella Rank: 11760
2 KB
8 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2791
375 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 573
5 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 577
4 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
cm.adform.net — Cisco Umbrella Rank: 1276
dmp.adform.net — Cisco Umbrella Rank: 3542
3 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 407
133 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
23 KB
6 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 8420
ssbsync.smartadserver.com — Cisco Umbrella Rank: 922
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1820
1 KB
6 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 597
tags.bluekai.com — Cisco Umbrella Rank: 662
3 KB
6 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3867
launchpad.privacymanager.io — Cisco Umbrella Rank: 3466
geo.privacymanager.io — Cisco Umbrella Rank: 2056
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3017
41 KB
6 btloader.com
btloader.com — Cisco Umbrella Rank: 1077
api.btloader.com — Cisco Umbrella Rank: 1148
14 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
imasdk.googleapis.com — Cisco Umbrella Rank: 500
ajax.googleapis.com — Cisco Umbrella Rank: 433
414 KB
5 presage.io
ms-cookie-sync.presage.io — Cisco Umbrella Rank: 9423
4 KB
5 turn.com
d.turn.com — Cisco Umbrella Rank: 1745
ad.turn.com — Cisco Umbrella Rank: 1067
2 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1372
3 KB
5 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 4080
50 KB
5 cloudfront.net
d17tqr44y57o31.cloudfront.net
d3jdulus8lb392.cloudfront.net
100 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2962
3 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 482
tps.doubleverify.com — Cisco Umbrella Rank: 510
tps-monitoring-events-ue1.doubleverify.com
108 KB
4 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1625
qmbrjc9n6lrr5ruhopjnqljhxhf4e1687975178.darnuid.imrworldwide.com
9d8u0rnshxrn411z5jbukvbvbefsa1687975178.darnuid.imrworldwide.com
2 KB
4 behave.com
ssp.behave.com — Cisco Umbrella Rank: 3383
2 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 218
4 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 955
bcp.crwdcntrl.net — Cisco Umbrella Rank: 959
1 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1197
1 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 756
3 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 862
2 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 778
1 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
224 KB
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1500
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
249 B
4 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1168
2 KB
4 engageya.com
widget.engageya.com — Cisco Umbrella Rank: 21716
recs.engageya.com — Cisco Umbrella Rank: 21142
48 KB
4 iris.tv
ovp.iris.tv — Cisco Umbrella Rank: 20435
context.iris.tv — Cisco Umbrella Rank: 14057
49 KB
4 ami-admin.com
sso.ami-admin.com — Cisco Umbrella Rank: 70542
609 B
3 adjust.com
view.adjust.com — Cisco Umbrella Rank: 3036
3 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 620
usermatch.krxd.net — Cisco Umbrella Rank: 1662
911 B
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1061
704 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 796
902 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1044
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 893
s.tribalfusion.com — Cisco Umbrella Rank: 1946
1 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1667
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 422
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 981
2 KB
3 media.net
cs.media.net — Cisco Umbrella Rank: 1653
contextual.media.net — Cisco Umbrella Rank: 675
2 KB
3 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2478
ad.360yield.com — Cisco Umbrella Rank: 670
1 KB
3 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 3128
121 B
3 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3783
65 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 533
2 KB
3 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1609
cw.addthis.com — Cisco Umbrella Rank: 3217
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 977
3 KB
3 trueanthem.com
static.trueanthem.com — Cisco Umbrella Rank: 81865
b.trueanthem.com — Cisco Umbrella Rank: 72752
12 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1447
mab.chartbeat.com — Cisco Umbrella Rank: 2501
25 KB
3 jeeng.com
users.api.jeeng.com — Cisco Umbrella Rank: 28300
telemetries.jeeng.com — Cisco Umbrella Rank: 18681
156 KB
3 blueconic.net
cdn.blueconic.net — Cisco Umbrella Rank: 12911
americanmedia.blueconic.net — Cisco Umbrella Rank: 88604
42 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
240 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
237 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 5233
643 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
30 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1863
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 6888
967 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1921
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1657
1013 B
2 imtwjwoasak.com
imtwjwoasak.com — Cisco Umbrella Rank: 3575
723 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1499
688 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1366
456 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 494
701 B
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1124
199 B
2 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1203
lexicon.33across.com — Cisco Umbrella Rank: 1949
749 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1137
598 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1634
4 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1072
1019 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 568
59 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 926
859 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1580
2 KB
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 995
604 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5907
750 B
2 storygize.net
www.storygize.net — Cisco Umbrella Rank: 2622
768 B
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2616
19 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1242
402 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1323
104 B
2 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3677
158 KB
2 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2357
3 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 753
script.hotjar.com — Cisco Umbrella Rank: 1081
73 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678
559 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2470
398 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2864
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4898
467 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1922
110 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7105
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8281
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4755
351 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2649
436 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6589
370 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3199
309 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1453
674 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 3037
397 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1596
425 B
1 wunderkind.co
contextual-analytics.wunderkind.co — Cisco Umbrella Rank: 3323
322 B
1 iqzone.com
xsync.iqzone.com — Cisco Umbrella Rank: 6977
468 B
1 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 4141
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1538
274 B
1 placed.com
p.placed.com — Cisco Umbrella Rank: 2611
366 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 857
815 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1109
838 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 643
493 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1113
754 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 566
560 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2276
174 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1435
192 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 822
534 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1006
353 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 706
1 KB
1 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 6717
464 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 325
17 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
516 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1098
405 B
1 jwplayer.com
entitlements.jwplayer.com — Cisco Umbrella Rank: 3628
250 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1443
17 KB
1 ay.delivery
8fby8peddod4qetsz.ay.delivery — Cisco Umbrella Rank: 61938
22 KB
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1251
640 B
1 fwpixel.com
p2.fwpixel.com — Cisco Umbrella Rank: 9784
143 B
1 prmutv.co
410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co — Cisco Umbrella Rank: 120233
396 B
1 dm-io.com
dot.dm-io.com — Cisco Umbrella Rank: 55621
195 B
1 fwpub1.com
asset.fwpub1.com — Cisco Umbrella Rank: 13942
131 KB
1 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 6748
36 KB
1 videoplayerhub.com
americanmediainc-com.videoplayerhub.com — Cisco Umbrella Rank: 89057
479 B
0 zqtk.net Failed
aps.zqtk.net Failed
1010 172
Domain Requested by
49 www.usmagazine.com www.gstatic.com
www.usmagazine.com
cdn.cookielaw.org
d17tqr44y57o31.cloudfront.net
43 creative-p.undertone.com d17tqr44y57o31.cloudfront.net
creative-p.undertone.com
ajax.googleapis.com
40 kinesis.us-east-1.amazonaws.com static.yieldmo.com
36 ads.yieldmo.com 1 redirects www.usmagazine.com
sync-amz.ads.yieldmo.com
d17tqr44y57o31.cloudfront.net
ads.yieldmo.com
static.yieldmo.com
32 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
d17tqr44y57o31.cloudfront.net
s.amazon-adsystem.com
rtb.gumgum.com
u.openx.net
ms-cookie-sync.presage.io
ssum-sec.casalemedia.com
bh.contextweb.com
crb.kargo.com
ce.lijit.com
sync-amz.ads.yieldmo.com
cs-server-s2s.yellowblue.io
ads.yieldmo.com
ads.pubmatic.com
28 dt.adsafeprotected.com
26 x.bidswitch.net 25 redirects
24 cm.g.doubleclick.net 17 redirects eus.rubiconproject.com
u.openx.net
rtb.gumgum.com
sync-amz.ads.yieldmo.com
ads.yieldmo.com
23 simage2.pubmatic.com 9 redirects s.amazon-adsystem.com
ads.pubmatic.com
22 www.gstatic.com news.google.com
www.gstatic.com
d17tqr44y57o31.cloudfront.net
21 match.adsrvr.org 18 redirects www.usmagazine.com
20 prebid.a-mo.net 3 redirects d17tqr44y57o31.cloudfront.net
ads.pubmatic.com
19 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
16 pixel.adsafeprotected.com news.google.com
16 eus.rubiconproject.com s.ntv.io
eus.rubiconproject.com
s.amazon-adsystem.com
ms-cookie-sync.presage.io
rtb.gumgum.com
cs-server-s2s.yellowblue.io
news.google.com
d17tqr44y57o31.cloudfront.net
16 jadserve.postrelease.com 1 redirects d17tqr44y57o31.cloudfront.net
eus.rubiconproject.com
16 ib.adnxs.com 11 redirects cdn.permutive.com
acdn.adnxs.com
15 securepubads.g.doubleclick.net cdn.cookielaw.org
d17tqr44y57o31.cloudfront.net
news.google.com
13 image8.pubmatic.com 8 redirects ads.pubmatic.com
13 static.yieldmo.com news.google.com
static.yieldmo.com
www.usmagazine.com
d17tqr44y57o31.cloudfront.net
13 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
13 bc.usmagazine.com cdn.blueconic.net
d17tqr44y57o31.cloudfront.net
12 events.bouncex.net
12 image2.pubmatic.com 4 redirects s.amazon-adsystem.com
ads.pubmatic.com
12 wsv3cdn.audioeye.com d17tqr44y57o31.cloudfront.net
11 ag.innovid.com www.usmagazine.com
11 s.innovid.com 11 redirects
11 insight.adsrvr.org www.usmagazine.com
11 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
11 usr.undertone.com 1 redirects www.usmagazine.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
11 static.adsafeprotected.com cdn.cookielaw.org
news.google.com
www.usmagazine.com
10 px.moatads.com www.usmagazine.com
10 id5-sync.com 8 redirects
10 sync.1rx.io 10 redirects
10 ids.ad.gt 1 redirects
10 ad.doubleclick.net 4 redirects btloader.com
www.usmagazine.com
10 api.permutive.com cdn.permutive.com
9 pixel.rubiconproject.com 6 redirects eus.rubiconproject.com
9 bh.contextweb.com 5 redirects s.amazon-adsystem.com
bh.contextweb.com
9 pixel.tapad.com 6 redirects sync-amz.ads.yieldmo.com
s.amazon-adsystem.com
9 sb.scorecardresearch.com 3 redirects www.usmagazine.com
8 ads.sparkflow.net news.google.com
www.usmagazine.com
8 prebid-a.rubiconproject.com
8 match.prod.bidr.io 8 redirects
8 api.assertcom.de 8fby8peddod4qetsz.ay.delivery
8 assets.bounceexchange.com d17tqr44y57o31.cloudfront.net
8 ssl.p.jwpcdn.com d17tqr44y57o31.cloudfront.net
8 b1sync.zemanta.com 8 redirects
8 sync.mathtag.com 7 redirects i.liadm.com
8 i.liadm.com 4 redirects d17tqr44y57o31.cloudfront.net
i.liadm.com
7 us-u.openx.net 4 redirects u.openx.net
s.amazon-adsystem.com
7 ups.analytics.yahoo.com 6 redirects ads.yieldmo.com
7 ce.lijit.com 2 redirects s.amazon-adsystem.com
ce.lijit.com
7 crb.kargo.com d17tqr44y57o31.cloudfront.net
crb.kargo.com
s.amazon-adsystem.com
7 cdn.cookielaw.org www.usmagazine.com
cdn.cookielaw.org
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
d17tqr44y57o31.cloudfront.net
6 rtr.innovid.com news.google.com
www.usmagazine.com
6 idsync.rlcdn.com 4 redirects ads.yieldmo.com
6 evt.undertone.com www.usmagazine.com
6 image4.pubmatic.com 5 redirects sync-amz.ads.yieldmo.com
6 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
rtb.gumgum.com
news.google.com
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
6 aax-us-east.amazon-adsystem.com d17tqr44y57o31.cloudfront.net
www.usmagazine.com
6 pagead2.googlesyndication.com news.google.com
tpc.googlesyndication.com
5 s-static.innovid.com www.usmagazine.com
5 cs.yellowblue.io cs-server-s2s.yellowblue.io
eus.rubiconproject.com
5 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
d17tqr44y57o31.cloudfront.net
5 ms-cookie-sync.presage.io s.amazon-adsystem.com
ms-cookie-sync.presage.io
eus.rubiconproject.com
5 pr-bh.ybp.yahoo.com 3 redirects u.openx.net
s.amazon-adsystem.com
5 pixel-us-east.rubiconproject.com 5 redirects
5 aax.amazon-adsystem.com
5 secure-assets.rubiconproject.com 5 redirects
5 stags.bluekai.com 4 redirects ads.yieldmo.com
5 sync.srv.stackadapt.com 5 redirects
5 sync.targeting.unrulymedia.com 5 redirects
5 token.rubiconproject.com 4 redirects
5 secure.adnxs.com 5 redirects
5 static-cdn.spot.im launcher.spot.im
d17tqr44y57o31.cloudfront.net
5 content.jwplatform.com 3 redirects cdn.cookielaw.org
content.jwplatform.com
5 tags.srv.stackadapt.com news.google.com
d17tqr44y57o31.cloudfront.net
tags.srv.stackadapt.com
5 play.google.com
5 fonts.gstatic.com news.google.com
4 a.audrte.com 3 redirects
4 ssp.behave.com 2 redirects
4 check.analytics.rlcdn.com
4 dpm.demdex.net 2 redirects www.usmagazine.com
ssum-sec.casalemedia.com
4 ad.turn.com 4 redirects
4 rtb.mfadsrvr.com 4 redirects
4 pixel-sync.sitescout.com 4 redirects
4 cms.quantserve.com 4 redirects
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 ap.lijit.com 3 redirects
4 c1.adform.net 4 redirects
4 www.googletagservices.com d17tqr44y57o31.cloudfront.net
4 direct.adsrvr.org
4 bidder.criteo.com
4 a.teads.tv
4 fastlane.rubiconproject.com
4 dis.criteo.com 3 redirects i.liadm.com
4 www.facebook.com
4 ad-delivery.net btloader.com
4 api.btloader.com d17tqr44y57o31.cloudfront.net
americanmediainc-com.videoplayerhub.com
4 sso.ami-admin.com inline
4 d3jdulus8lb392.cloudfront.net www.usmagazine.com
cdn.cookielaw.org
d17tqr44y57o31.cloudfront.net
3 simage4.pubmatic.com ads.pubmatic.com
3 view.adjust.com www.usmagazine.com
3 va6-bid.adsrvr.org www.usmagazine.com
3 api.bounceexchange.com d17tqr44y57o31.cloudfront.net
3 ajax.googleapis.com news.google.com
creative-p.undertone.com
3 matchadsrvr.yieldmo.com 3 redirects
3 sync.crwdcntrl.net 2 redirects
3 csync.loopme.me 3 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 pm.w55c.net 3 redirects
3 ssbsync.smartadserver.com 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 eb2.3lift.com 2 redirects s.amazon-adsystem.com
3 gum.criteo.com 1 redirects d17tqr44y57o31.cloudfront.net
3 u.openx.net 2 redirects s.amazon-adsystem.com
3 um.simpli.fi 3 redirects
3 tpc.googlesyndication.com d17tqr44y57o31.cloudfront.net
3 hbopenbid.pubmatic.com
3 dfp-gateway.s-onetag.com d17tqr44y57o31.cloudfront.net
3 prd.jwpltx.com
3 assets-jpcust.jwpsrv.com
3 aa.agkn.com d17tqr44y57o31.cloudfront.net
www.usmagazine.com
ads.yieldmo.com
3 krk2.kargo.com
3 api-2-0.spot.im d17tqr44y57o31.cloudfront.net
3 geo.privacymanager.io d17tqr44y57o31.cloudfront.net
3 p.rfihub.com 3 redirects
3 ssum.casalemedia.com 3 redirects
3 widget.engageya.com d17tqr44y57o31.cloudfront.net
3 ovp.iris.tv cdn.cookielaw.org
d17tqr44y57o31.cloudfront.net
3 c.amazon-adsystem.com cdn.cookielaw.org
c.amazon-adsystem.com
3 connect.facebook.net news.google.com
connect.facebook.net
d17tqr44y57o31.cloudfront.net
3 www.googletagmanager.com news.google.com
www.usmagazine.com
www.googletagmanager.com
3 news.google.com news.google.com
2 as-sec.casalemedia.com
2 io.narrative.io 1 redirects
2 cdnjs.cloudflare.com ajax.googleapis.com
2 ads.betweendigital.com 2 redirects
2 cm.adform.net 2 redirects
2 pmp.mxptint.net 1 redirects
2 px.owneriq.net 2 redirects
2 cm.adgrx.com 2 redirects
2 cdn.doubleverify.com d17tqr44y57o31.cloudfront.net
news.google.com
2 pubmatic-match.dotomi.com 2 redirects
2 imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com www.usmagazine.com
2 imtwjwoasak.com 2 redirects
2 secure-gl.imrworldwide.com 2 redirects
2 obo.moatads.com www.usmagazine.com
2 dsa.moatads.com www.usmagazine.com
2 ops-cdn.undertone.com d17tqr44y57o31.cloudfront.net
2 thrtle.com 1 redirects s.amazon-adsystem.com
2 yieldmo-match.dotomi.com 2 redirects
2 rtb.adentifi.com 1 redirects ads.yieldmo.com
2 beacon.krxd.net www.usmagazine.com
2 creativecdn.com 2 redirects
2 cs.admanmedia.com rtb.gumgum.com
ads.yieldmo.com
2 contextual.media.net 1 redirects cs-server-s2s.yellowblue.io
2 pulsepoint-match.dotomi.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 ad.360yield.com 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 ads.undertone.com 1 redirects d17tqr44y57o31.cloudfront.net
2 amazon-tam-match.dotomi.com 2 redirects
2 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
2 prebid-server.rubiconproject.com
2 static.criteo.net d17tqr44y57o31.cloudfront.net
2 aax-eu.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 socialcanvas-api.kargo.com
2 signal-segments.s-onetag.com d17tqr44y57o31.cloudfront.net
2 onetag-geo.s-onetag.com d17tqr44y57o31.cloudfront.net
2 imasdk.googleapis.com d17tqr44y57o31.cloudfront.net
2 socialcanvas-cdn.kargo.com d17tqr44y57o31.cloudfront.net
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 pippio.com 1 redirects i.liadm.com
2 live.rezync.com 2 redirects
2 id.hadron.ad.gt cdn.hadronid.net
2 bttrack.com 2 redirects
2 pool.admedo.com 2 redirects
2 www.storygize.net 2 redirects
2 www.google.com d17tqr44y57o31.cloudfront.net
2 cdn.hadronid.net d17tqr44y57o31.cloudfront.net
2 telemetries.jeeng.com users.api.jeeng.com
2 ping.chartbeat.net
2 americanmedia.blueconic.net d17tqr44y57o31.cloudfront.net
2 i.clean.gg d17tqr44y57o31.cloudfront.net
2 static.trueanthem.com www.googletagmanager.com
d17tqr44y57o31.cloudfront.net
2 static.chartbeat.com news.google.com
www.googletagmanager.com
2 a.ad.gt news.google.com
p.ad.gt
2 s.ntv.io www.googletagmanager.com
d17tqr44y57o31.cloudfront.net
2 btloader.com d17tqr44y57o31.cloudfront.net
2 b-code.liadm.com www.googletagmanager.com
b-code.liadm.com
2 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 cdn.permutive.com www.usmagazine.com
cdn.permutive.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 tps-monitoring-events-ue1.doubleverify.com cdn.doubleverify.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 dmp.adform.net 1 redirects
1 pix.spot.im static-cdn.spot.im
1 tps.doubleverify.com news.google.com
1 9d8u0rnshxrn411z5jbukvbvbefsa1687975178.darnuid.imrworldwide.com www.usmagazine.com
1 ow.pubmatic.com
1 ssbsync-global.smartadserver.com 1 redirects
1 id.a-mx.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 bpi.rtactivate.com
1 bcp.crwdcntrl.net
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com s.amazon-adsystem.com
1 sync.bfmio.com s.amazon-adsystem.com
1 rtb-csync.smartadserver.com 1 redirects
1 qmbrjc9n6lrr5ruhopjnqljhxhf4e1687975178.darnuid.imrworldwide.com www.usmagazine.com
1 dfp.bouncex.net
1 assets.a-mo.net prebid.a-mo.net
1 contextual-analytics.wunderkind.co
1 usermatch.krxd.net 1 redirects
1 api.rlcdn.com
1 lexicon.33across.com
1 sync-pm.ads.yieldmo.com ads.pubmatic.com
1 sync-adform.ads.yieldmo.com ads.yieldmo.com
1 sync-beeswax.ads.yieldmo.com ads.yieldmo.com
1 sync-eq.ads.yieldmo.com ads.yieldmo.com
1 sync-iqzone.ads.yieldmo.com ads.yieldmo.com
1 xsync.iqzone.com 1 redirects
1 sync-openx.ads.yieldmo.com ads.yieldmo.com
1 acdn.adnxs.com d17tqr44y57o31.cloudfront.net
1 p.adsymptotic.com www.usmagazine.com
1 tags.bluekai.com 1 redirects
1 ads.scorecardresearch.com www.usmagazine.com
1 cw.addthis.com www.usmagazine.com
1 pixel.advertising.com 1 redirects
1 tapestry.tapad.com www.usmagazine.com
1 p.placed.com 1 redirects
1 onetag-sys.com cs-server-s2s.yellowblue.io
1 tg.socdm.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 match.sharethrough.com 1 redirects
1 ssc-cms.33across.com 1 redirects
1 tr.blismedia.com ce.lijit.com
1 pixel-eu.rubiconproject.com 1 redirects
1 mug.criteo.com
1 sync.adkernel.com rtb.gumgum.com
1 s.tribalfusion.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 cs.media.net 1 redirects
1 ice.360yield.com 1 redirects
1 cma.kargo.com
1 cdn.undertone.com d17tqr44y57o31.cloudfront.net
1 search.spotxchange.com
1 krk.kargo.com
1 grid.bidswitch.net
1 trx-hub.com
1 s0.2mdn.net d17tqr44y57o31.cloudfront.net
1 idx.liadm.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 877745acab893034cef8127367b52c02.safeframe.googlesyndication.com d17tqr44y57o31.cloudfront.net
1 adservice.google.com d17tqr44y57o31.cloudfront.net
1 lb.eu-1-id5-sync.com
1 context.iris.tv
1 storage.cloud.kargo.com d17tqr44y57o31.cloudfront.net
1 signal-beacon.s-onetag.com d17tqr44y57o31.cloudfront.net
1 ats-wrapper.privacymanager.io d17tqr44y57o31.cloudfront.net
1 entitlements.jwplayer.com content.jwplatform.com
1 analytics.audioeye.com wsv3cdn.audioeye.com
1 cdn.id5-sync.com d17tqr44y57o31.cloudfront.net
1 secure.cdn.fastclick.net d17tqr44y57o31.cloudfront.net
1 micro.rubiconproject.com d17tqr44y57o31.cloudfront.net
1 get.s-onetag.com d17tqr44y57o31.cloudfront.net
1 8fby8peddod4qetsz.ay.delivery d17tqr44y57o31.cloudfront.net
1 tag.bounceexchange.com d17tqr44y57o31.cloudfront.net
1 recs.engageya.com d17tqr44y57o31.cloudfront.net
1 b.trueanthem.com d17tqr44y57o31.cloudfront.net
1 pixels.ad.gt d17tqr44y57o31.cloudfront.net
1 i6.liadm.com i.liadm.com
1 odr.mookie1.com 1 redirects
1 d.turn.com 1 redirects
1 sli.usmagazine.com
1 mab.chartbeat.com static.chartbeat.com
1 p.ad.gt d17tqr44y57o31.cloudfront.net
1 launchpad.privacymanager.io d17tqr44y57o31.cloudfront.net
1 p2.fwpixel.com asset.fwpub1.com
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 script.hotjar.com static.hotjar.com
1 publisher-assets.spot.im launcher.spot.im
1 direct-events-collector.spot.im launcher.spot.im
1 stats.g.doubleclick.net www.google-analytics.com
1 410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co cdn.permutive.com
1 cdn.adsafeprotected.com cdn.cookielaw.org
1 dot.dm-io.com
1 launchpad-wrapper.privacymanager.io www.googletagmanager.com
1 asset.fwpub1.com www.googletagmanager.com
1 users.api.jeeng.com www.googletagmanager.com
1 wsmcdn.audioeye.com news.google.com
1 cdn.blueconic.net www.googletagmanager.com
1 cdn-magiclinks.trackonomics.net news.google.com
1 americanmediainc-com.videoplayerhub.com 1 redirects
1 launcher.spot.im news.google.com
1 static.hotjar.com www.googletagmanager.com
1 d17tqr44y57o31.cloudfront.net www.usmagazine.com
1 apis.google.com www.gstatic.com
1 fonts.googleapis.com news.google.com
0 c3.a-mo.net Failed
0 aps.zqtk.net Failed news.google.com
1010 321
Subject Issuer Validity Valid
*.news.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
usmagazine.com
R3		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
sso.ami-admin.com
R3		 2023-06-23 -
2023-09-21		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-09 -
2024-03-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-07 -
2023-07-06		 3 months crt.sh
*.spot.im
Amazon RSA 2048 M01		 2023-02-21 -
2023-11-01		 8 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-01-30		 a year crt.sh
*.trackonomics.net
Sectigo RSA Domain Validation Secure Server CA		 2022-12-01 -
2023-12-01		 a year crt.sh
*.blueconic.net
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-06		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-10-26		 a year crt.sh
jeeng.com
Cloudflare Inc ECC CA-3		 2022-08-13 -
2023-08-13		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
asset.fwpub1.com
GTS CA 1D4		 2023-06-21 -
2023-09-19		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
dot.dm-io.com
R3		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
iris.tv
Amazon RSA 2048 M02		 2023-02-24 -
2023-09-11		 7 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-25		 10 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
*.prmutv.co
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
api.permutive.com
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.engageya.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-09 -
2024-02-13		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-12-25		 10 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
fwpixel.com
Amazon RSA 2048 M02		 2023-02-08 -
2023-09-12		 7 months crt.sh
hadronid.net
GTS CA 1P5		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
sli.usmagazine.com
Amazon RSA 2048 M02		 2023-03-13 -
2024-04-10		 a year crt.sh
bc.magazineshop.us
Amazon RSA 2048 M02		 2023-02-28 -
2023-11-09		 8 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
tag.bounceexchange.com
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
ay.delivery
GTS CA 1P5		 2023-05-03 -
2023-08-01		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
*.kargo.com
Amazon RSA 2048 M01		 2023-04-30 -
2024-05-28		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
report-prod.audioeye.com
Amazon RSA 2048 M02		 2022-10-17 -
2023-11-15		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2023-05-25 -
2023-08-23		 3 months crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
kargo.com
R3		 2023-05-10 -
2023-08-08		 3 months crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.a-mo.net
R3		 2023-05-22 -
2023-08-20		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.trx-hub.com
Amazon RSA 2048 M02		 2023-01-21 -
2024-02-19		 a year crt.sh
aax-us-east.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-05-07		 a year crt.sh
api.assertcom.de
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.spotxchange.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-01 -
2024-03-15		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-11-09		 9 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-06-07 -
2024-07-06		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.ogury.co
Amazon RSA 2048 M02		 2023-02-21 -
2023-09-16		 7 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
static.yieldmo.com
Amazon RSA 2048 M02		 2023-05-21 -
2024-06-18		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-10-12		 7 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-10-19		 8 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
kinesis.us-east-1.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-06-27 -
2024-07-24		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.innovid.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-04-14		 a year crt.sh
*.wunderkind.co
R3		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.adjust.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2024-04-08		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
truffle.bid
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
ssp.behave.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-07		 a year crt.sh

This page contains 103 frames:

Primary Page: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Frame ID: 32BF846D738505A05F7A361CDB9B0A3B
Requests: 467 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-0138?s=&cim=&ps=true&ls=true&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: A96E148C7D475A7FB257A52D32E84018
Requests: 8 HTTP requests in this frame

Frame: https://s.ntv.io/safeiframe/trp.html
Frame ID: 99D3D1DD60B3944CFF8336A509BF6129
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Frame ID: 916110F543FEE91DF398ADBA4A1C8B7A
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A9ED074A8D78078E957FD57E07AA015D
Requests: 1 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=9e1aa82
Frame ID: BE2F0DB6DBB14DA313D52F53CDED9346
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 22E42F40B4753EEA453D401489C420BC
Requests: 1 HTTP requests in this frame

Frame: https://877745acab893034cef8127367b52c02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0E0AB7CD218FC35023BE9F1628814E1B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift
Frame ID: 893E646882CCF6F1858273561D2FB5F1
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: 7F6EDEA276B148EBEBEE60B151E751E2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscrtjT7vSRkiIcpwShNuCYK0ZOuYv2wGjLATDcWq1cvns__ZqF4DswbJsODrpiAAkeC_1dHiHlO0sPWwsUM1e1dLdUYJANQvELej6oDJmnJLD-7UJY6334J6tqgxSNMaTfMMXuWNE_wAUE4qv3FknUZOtb0EUoDrBIdpNQfsTbcw1Un_Ir7gd26FleY6Ja6rtyiYBw1Ji2TLMmfQMUxU0N0h18F6NQAAklCmNwxSdyg2f5GZw-6_elU3MhzXjQXut8hFOnqaCd8q6Taa_lWtLgdJkqS50TnUWEnifYYLombMf5guEq5fZq1i87yd1Am2Fp8-puVpvusQlvwb1Pn-RudQ&sai=AMfl-YS6GLHubfNNWXqUwaAcEObkU-6DtQZyhzsx9Ms-4xTRA8S_vHHSbrKyx4Cj7InoLhnFRs3Nuv-UcpoD-OVkp3XOrf2VoSPSKO2PDShkeqYq78OqidW7rsQNfJkvzg&sig=Cg0ArKJSzDaVXANUqqf5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3F168862FAD1294667301D53EB2A31BF
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: FAD5A1A442632B3742FFE53882D559C6
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-rnGfimNnkFATHL3-JnpzFaqnqJD_QKp7Y_zMfrUWXzc_hT2PLM89eOhSl_Vym_8WQAZov7botoAE6kd64L3az2oSI2U7HqTV6vfwVW1Vygx7RHe_h1p6bpkHKVdBWdbgbiTWTPl0DLrpZILfLWxjrR5w_an9phOzdNrrPcxOfSEGzKomu_rc8Juc6RyUJhpJR_MUt6tj8xxoxjV7SfcNG71uVMHbvk_VYCxl-NuehVFECKPzDVmFIH4v3rjqENs-jqbUQr472n9q35G-YBlltJiIUQNbEngvf5NIBw7QQ9m81QSS9BzpMwt6XuTuFJRnwdK0HBUr2Zjmn-spU62e4armu2AbwKkzCoeq-BFXXEYqZlY&sai=AMfl-YTg_y5RT27yvmbGudnKV0a0rGAp_yDuJ8O6u5jHuPW34wvnm1iDk5-KMjxyfjWoJIydamMbjyalNAUbqVHMFY8OcQnuuLGb1gOfKKgDuZWWwkqekpLQIbkaC1GHmVY&sig=Cg0ArKJSzHJXElfcppwoEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2B12B0F2969D66592C7D4544408F07FB
Requests: 38 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsync/740dac4c-86fc-4acc-8088-c88f487894cc?gdpr=0&gdpr_consent=&us_privacy=1---&partners=ttd,Dv360,AppNexus,bsw
Frame ID: A5C298C41F19F39DB22FAA2DD7FF4BB9
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPqdPYCNf4ZhnChGz28haqaNdAcNpZimDDevfHoyFadoFwAsIysAhxeQLGpL_NMWRZg3gEZ4UI-2CcZE4sUEoFBaspxX20Ynlc2RuirUqlaQfMYtaY0vTa8A1w6ae6HJMVSYdKznpWK1aIyX1nRGT6pQA_P3t9b0j-Q9ELKNV6sWXga9bWlNRWCsZq-NbJ7dOzUVXecgYljUHc0pKdout_W7GJkjlR2oGrf5M5U1TFATs4wJZyYMoU2MqvFzTqvNF7sI1E8uSJKMVAPMfYtJ1HcVIBgncH4blCO7wMUuaYOeckI_Yl10kM7TlfXwQ0HpkNZtYEQYwJugR4_yE_&sai=AMfl-YRlXfKCZuhRVfOF1PG0GxeKjEYTCMJbVJyvT2HnU1z4ZeqkqLGAB300tYzvDk59HtIUL9aGytsdLT69Gq4YpQF36stsLRS3ONlAuuxiPEM2J6YSDL0_uP0_RKW70Q&sig=Cg0ArKJSzDbMsNX-zvs2EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 106F05BA31864B539DA313BCECD37408
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssejhFlTXekkHAwkLILHaAt2JMoe9T3cNznO6ziAAwcMtNMMm7u76lJYk6jUmZ19Lew6W-tlSp8zYNPOrd_7A39I9PrG88GmoYj7W9OytLNE4FZk8KpNSeTjTrxFAgyG0HDPZGD0BeM3ZDlFVSIuv1R3ZP-i1-cMUf_YJgtHpkQCH7pITo-5OLY1mXZ9LneIZj5ynX8wKg7_GTrcNk3zhGCxoVBivuoF0l4MSjqQB0rVGEkA4jlHUZ99IyV5k57hPoZxkVa7Sq5RgNjRfDvCL_bZC-CAR7uLrWduZAjGwYMLUbVyK6n-qI_qNXs4GuKjJ5w98i1WUq7t13t6grd1vzT9pDxyn0&sai=AMfl-YQ1Nvr5qgwYbu-zxAqkwZLEAd_4dsZdV2QS0uAg4hqGnKTJGmKjgQT4aG0oQ-Rd5QVPMYWpzRGrqF5KlucysrOPmaQz9fXB51B1VI2JoMIkgNZU7NrGrxMagXiG3b8&sig=Cg0ArKJSzKInbqBi7wSZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9E83F73EFD6F925B8608800D1E4590E1
Requests: 4 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928572&campId=970x250&pubId=100784417&chanId=22337608653&placementId=4532524456&pubCreative=138221234125&pubOrder=2214162919&cb=1290752961&custom=leader1&custom2=article&adsafe_par&impId=880022e5-15dd-11ee-aa6a-0ef05de99743
Frame ID: F0598872F1EE03F6ECE252FC9C6B546E
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 7497DD28A6BF2B3763C7A4A0DE14501B
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 479FD286E7B221F60A6A81EC0B63D385
Requests: 10 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Frame ID: 959549E2797D976A9C01DEEB4860651F
Requests: 5 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: AAE2A05158E59DB5C282B30F31B77B27
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6418409603037558770&gdpr=0&gdpr_consent=
Frame ID: A63053CE9803FE1B9728CE68200FDBB1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMBhis0ppIlwM4L4b5AAAAAAA&expiration=1688061573&is_secure=true
Frame ID: 101B650DE7E9FB9464D1E4AA9354007A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=c3d6c5bd03b7435d96ea84c6e29685c3
Frame ID: 4B10D2603841AD043A8BC24C83D4793A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.usmagazine.com
Frame ID: 9AB5B87E02C1B512939C0C97C38E9689
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928572&campId=300x600&pubId=100784417&chanId=22337427983&placementId=4532502385&pubCreative=138221235455&pubOrder=2214117014&cb=2043174966&custom=rr1&custom2=article&adsafe_par&impId=88009817-15dd-11ee-b7c6-029df53a8851
Frame ID: 0816113403BEE42CF80DB6D0E899C6CD
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928572&campId=300x250&pubId=100784417&chanId=22337608605&placementId=4533045107&pubCreative=138221230549&pubOrder=2214355341&cb=1741580274&custom=article-inline-box1&custom2=article&adsafe_par&impId=8804ddcc-15dd-11ee-9373-0a44a7e95f5d
Frame ID: 49C238554D29503D4C74A46ED5CBCF44
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 59E55E3A70661D27062EB3F6B05547FC
Requests: 11 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 34A3AB4E4A9CE1B875EBC181E48AACB2
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 6397FD09529CAF5E9FFEB22CEFDF0659
Requests: 3 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: 47CD2D22E4E84B17AA90D1E99D1B58A9
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1Ua0ZkT1l0RTJ1TGVKUnd5b3g5cG1RQ1FudjJMT1cxUn5B
Frame ID: 798958385B78D8D8F668E9949B0B55CD
Requests: 1 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/dinitsync?partners=A9
Frame ID: D5BCC3355F78BAC33BC138E413B22841
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=239972947338320392&ex=appnexus.com
Frame ID: C8DD0BD82FD4F8FBFA4622A27ECC073E
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: B6DCFF395CB545D30295F3FA13C9C6CB
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: E20E07501F792BB92D073D5888FCF941
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1548623984395205096461
Frame ID: 9BD129CA758D0C9B10D1B68F872D6052
Requests: 1 HTTP requests in this frame

Frame: https://static.yieldmo.com/ym.1.js
Frame ID: 6985A620C74C520812FCC1A604D27F58
Requests: 53 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=4b72649c-7502-4200-9732-0e3f626912f4&gdpr=&gdpr_consent=
Frame ID: C2E32831BDFEFACD74E9ADC6F9CF71F4
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: DFCD7D17A1358E612189C21D43511BBD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZJx1BQAAAOrsJgAz&gdpr=&gdpr_consent=&_test=ZJx1BQAAAOrsJgAz
Frame ID: B6633D09AABB9B92C337960E91FB5255
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9kMTdhMTMwNS0yZGQ0LTQ0NGYtOTg3OC00NWQ4MjgzYjQwNGQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: DE3C2C3CC632C375107834C782AC160C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 535E3ED94A63FF65642EA3736E67B4E4
Requests: 12 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=8caea125-1332-49dd-b4e8-4c16d2f9f136
Frame ID: 4646A34DABD3F1BBA499811DA918D5DD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Frame ID: 7E1506E7E7C1429EEF5054E4D59E4070
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8599A9A22740EC1FE30A8013179F5029
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FA14F05B91D46B52F669D880E27E0805
Requests: 2 HTTP requests in this frame

Frame: https://static.yieldmo.com/ym.1.js
Frame ID: 158C5BD4F225E1694D7A2EBC5E55AF62
Requests: 45 HTTP requests in this frame

Frame: https://static.yieldmo.com/ym.1.js
Frame ID: 4FDAFA55CFEEC80A2FB6C8B918C63EE7
Requests: 25 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZJx1BsCo5tAAAO21GzwAAAAA
Frame ID: 0BA96CAA1254F1697C6C13EAB1F1B85B
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=u_d17a1305-2dd4-444f-9878-45d8283b404d&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 1BEA385D92545566F137E31D3FC526E0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 31D854C999EC9C1DD38680F5F5ADBC62
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=DrY0oVYN8sevkqz4p13d&pi=gumgum&tc=1
Frame ID: 4A1886A667B7A1B3823B944663697F57
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 56D4BD4AEA629DB8000D0353DC311087
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: A27A83E58201EBE8355CF3FDBE4DBB73
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: C712591FF0E34D3AF3F9FE9D6A0D3AE3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776&gdpr=0&gdpr_consent=
Frame ID: EB639DD64A1251C8E938D8F1D67B0106
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 50B17D55E5E46F7E8637A05AA1DA1AD7
Requests: 10 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928572&campId=1x1&pubId=18820937&chanId=22684479945&placementId=5692923351&pubCreative=138349712489&pubOrder=2140378470&cb=1019241747&custom=interSpot&custom2=article&adsafe_par&impId=8801d091-15dd-11ee-9e95-028169c47751
Frame ID: C8E93AEEB361D354D08361C7D2094688
Requests: 2 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: E69A2B797D79A525689F3DDA16A9DFB1
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: E4D78F287D6D368E2784323977896027
Requests: 27 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 505A479D0CDA498C0C8854817757A94B
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 0F11179AC7A64209C8B6A255C5C5A422
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 37FB6E734D426356E7E41F111B9A6053
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6255B76CEA1061A075B682CF4E6CF59B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BD195BDF34C96BE4F319E50C340DA86E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160545
Frame ID: 9227A09CB249993216A4F35ED7A909B3
Requests: 6 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3CF0D6FF0E5467585CE77F74D544429F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A55EBF72073051DB2605707F0797118E
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 722C339F7C0575CF8BF5B7FE3CEE8D83
Requests: 1 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
Frame ID: 5B2A7147FECD89E06369740DC6ACA1DF
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDE63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Frame ID: EDD227A8C1C491EA0418BA286C063820
Requests: 1 HTTP requests in this frame

Frame: https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
Frame ID: 63C90D743DE72AA1ABAC5E69370AC8AD
Requests: 49 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B348495F85BCF06D14E72C31FE457416
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: FC4E64FA3FA3EEE9043649915BB2BF38
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 746117CB681F7C6CAD8CC75E2653186F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: ABEE4E3FF019F9BE609A28B2C09C8583
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&redir=true&gdpr=0&gdpr_consent=
Frame ID: 620A61B99BCE9B0D59356BFCB096837F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADmZ07JOOoAACE6kkaYJA&gdpr=0&gdpr_consent=
Frame ID: BD6DF7D68755B3727BFA5AC71940FBC7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4b72649c-7502-4200-9732-0e3f626912f4&gdpr=0&gdpr_consent=
Frame ID: 55019918B4D2951278086B032D4A0C19
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_7b2d4bfb26e7466ea3d74
Frame ID: 5504392AE320AE0FFE6F0FBF82FD0EAF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=239972947338320392&gdpr=0&gdpr_consent=
Frame ID: 0BB0E60E5D5F6ABB82A4D4F559631FC0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Frame ID: 1CCC58851B573373879277B8B1CD2E2E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_4YJDP6HAFrk0wZc8dYdXquGUVfkhAcL_Iu-kH9t
Frame ID: A974856CAD028063B9AE4C2069EA1AED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8cbab7b4-15dd-11ee-a8ee-3b17880e0cb5
Frame ID: 09285682B70FE167E6AC9CE6FEEF145B
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Frame ID: B359F72BF6565B40CEEF604766C8098D
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Frame ID: BA871720EE6DF5C29BDCFD4D018E0247
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Frame ID: 9EC0ECB1ECD420FD1AB7BAEFE6381718
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 0B2CCF7A1205FB50DAD073D87C5C142D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=794911503444
Frame ID: 20FD54213B3874911DDA8EB35140A888
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: CD70D86F7111E1A21DDB2715524077C2
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: F6A1C24BCD9A8954915E08424F1AF422
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 2E5BA5CBA68D1C88DBDFAB6362E4D0E7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Frame ID: 1DAA7DE497FD1C83D5AFADD333E8E3CD
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2A43CAAFCBEAAEE57180D63800FF615D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=_w2-TtISCO-eZA0eCnWcZA
Frame ID: A3B8520376EBBCC5EDA2D1323CDE794E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=08b1545e-1485-473b-8a76-8967631d1b03
Frame ID: A163D0F1C4F57D1FCC7186F8E36CB970
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 922C8BFE4715D7FB7F6286493683F1BA
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 3FF5AD199F2030F7F897D4E90049038E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7412615781708265177
Frame ID: EF94EC099C0E4B921B27C448CCEB1CE3
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 4824597E6B617F493F709F1704C13318
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4050.js
Frame ID: 0A790F052E5D9ABF45C3B9CCEF5BB40C
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 084099ADCA28E7E1ECE1457C35D73DAA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gwyneth Paltrow's Son Moses Is Chris Martin's Twin in New PhotoBack ButtonSearch IconFilter Iconclose carousel

Page URL History Show full URLs

  1. https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3M... Page URL
  2. https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

1010
Requests

80 %
HTTPS

25 %
IPv6

172
Domains

321
Subdomains

219
IPs

13
Countries

12283 kB
Transfer

38343 kB
Size

351
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen Page URL
  2. https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104
  • https://americanmediainc-com.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=americanmediainc-com&upapi=true
Request Chain 111
  • https://sb.scorecardresearch.com/cs/6036076/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 159
  • https://rp.liadm.com/j?dtstmp=1687975169162&aid=a-0138&se=e30&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&tna=v2.7.2&pu=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&us_privacy=1---&wpn=lc-bundle&refr=https%3A%2F%2Fnews.google.com%2F&c=PHRpdGxlPkd3eW5ldGggUGFsdHJvdydzIFNvbiBNb3NlcyBJcyBDaHJpcyBNYXJ0aW4ncyBUd2luIGluIE5ldyBQaG90bzwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9Ikd3eW5ldGggUGFsdHJvdyBhbmQgZXggQ2hyaXMgTWFydGluJ3Mga2lkcywgQXBwbGUgYW5kIE1vc2VzLCBhcmUga25vd24gZm9yIHNoYXJpbmcgYSBzdHJvbmcgcmVzZW1ibGFuY2Ugd2l0aCB0aGVpciBjZWxlYiBwYXJlbnRzIOKAlCBkZXRhaWxzIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNtYWdhemluZS5jb20vY2VsZWJyaXR5LW1vbXMvbmV3cy9nd3luZXRoLXBhbHRyb3dzLXNvbi1tb3Nlcy1pcy1jaHJpcy1tYXJ0aW5zLXR3aW4taW4tbmV3LXBob3RvLyI-PGgxIGNsYXNzPSJjb250ZW50LXRpdGxlIj5Hd3luZXRoIFBhbHRyb3figJlzIDE3LVllYXItT2xkIFNvbiBNb3NlcyBMb29rcyBJZGVudGljYWwgdG8gRGFkIENocmlzIE1hcnRpbiBpbiBOZXcgUGhvdG88L2gxPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPg HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1687975169162&aid=a-0138&se=e30&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&tna=v2.7.2&pu=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&us_privacy=1---&wpn=lc-bundle&refr=https%3A%2F%2Fnews.google.com%2F&c=PHRpdGxlPkd3eW5ldGggUGFsdHJvdydzIFNvbiBNb3NlcyBJcyBDaHJpcyBNYXJ0aW4ncyBUd2luIGluIE5ldyBQaG90bzwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9Ikd3eW5ldGggUGFsdHJvdyBhbmQgZXggQ2hyaXMgTWFydGluJ3Mga2lkcywgQXBwbGUgYW5kIE1vc2VzLCBhcmUga25vd24gZm9yIHNoYXJpbmcgYSBzdHJvbmcgcmVzZW1ibGFuY2Ugd2l0aCB0aGVpciBjZWxlYiBwYXJlbnRzIOKAlCBkZXRhaWxzIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNtYWdhemluZS5jb20vY2VsZWJyaXR5LW1vbXMvbmV3cy9nd3luZXRoLXBhbHRyb3dzLXNvbi1tb3Nlcy1pcy1jaHJpcy1tYXJ0aW5zLXR3aW4taW4tbmV3LXBob3RvLyI-PGgxIGNsYXNzPSJjb250ZW50LXRpdGxlIj5Hd3luZXRoIFBhbHRyb3figJlzIDE3LVllYXItT2xkIFNvbiBNb3NlcyBMb29rcyBJZGVudGljYWwgdG8gRGFkIENocmlzIE1hcnRpbiBpbiBOZXcgUGhvdG88L2gxPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPg&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMjo2NDhjOmViOTk6ZTFi&n3pc=true
Request Chain 179
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&adnxs_id=239972947338320392&gdpr=0
Request Chain 180
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001687975169-EQ0AXQT1-0EUL&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001687975169-EQ0AXQT1-0EUL&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=8caea125-1332-49dd-b4e8-4c16d2f9f136&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
Request Chain 181
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
Request Chain 183
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=501914cb-ae0d-46ea-848b-e9fb36399716%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001687975169-EQ0AXQT1-0EUL%252526tapad_id%25253D501914cb-ae0d-46ea-848b-e9fb36399716%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8caea125-1332-49dd-b4e8-4c16d2f9f136&ttd_puid=501914cb-ae0d-46ea-848b-e9fb36399716%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001687975169-EQ0AXQT1-0EUL%2526tapad_id%253D501914cb-ae0d-46ea-848b-e9fb36399716%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&tapad_id=501914cb-ae0d-46ea-848b-e9fb36399716
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&google_gid=CAESEF9j33IREXkcAZjF-GIXbfw&google_cver=1&google_ula=450542624,0
Request Chain 185
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4Nzk3NTE2OS1FUTBBWFFUMS0wRVVM
Request Chain 186
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL%26unruly_id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL%26unruly_id%3D%5BRX_UUID%5D&cb=1687975169527 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL%26unruly_id%3DRX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005 HTTP 302
  • https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&unruly_id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Request Chain 188
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL HTTP 302
  • https://ids.ad.gt/api/v1/ppnt_match?uid=Aghol5ZjA95W&ev=1&pid=562316&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
Request Chain 190
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036076&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687975169449&ns_c=UTF-8&comscorekw=&c7=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&c8=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&c9=https%3A%2F%2Fnews.google.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036076&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687975169449&ns_c=UTF-8&comscorekw=&c7=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&c8=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&c9=https%3A%2F%2Fnews.google.com%2F
Request Chain 211
  • https://sync.srv.stackadapt.com/sync?nid=91 HTTP 302
  • https://jadserve.postrelease.com/suid/1003?vk=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134
Request Chain 212
  • https://www.storygize.net/ccm/9efa73dd-7739-46a4-a010-c587103e1f2f HTTP 302
  • https://www.storygize.net/csr?r=https%3A%2F%2Fjadserve.postrelease.com%2Fsuid%2F1009%3Fvk%3Db4c9cb8b-0477-4b6d-bd91-a0a4d6f27a56 HTTP 302
  • https://jadserve.postrelease.com/suid/1009?vk=b4c9cb8b-0477-4b6d-bd91-a0a4d6f27a56
Request Chain 213
  • https://ssum.casalemedia.com/usermatchredir?s=190025&cb=https%3A%2F%2Fjadserve.postrelease.com%2Fsuid%2F1054%3Fvk%3D&prx_referrer=https%3A%2F%2Fnews.google.com%2F&ntv_it HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fjadserve.postrelease.com%2Fsuid%2F1054%3Fvk%3D&ntv_it=&prx_referrer=https%3A%2F%2Fnews.google.com%2F&s=190025&C=1 HTTP 302
  • https://jadserve.postrelease.com/suid/1054?vk=ZJx1AqyAB4e5NDZqrk0bIAAA%261381
Request Chain 214
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=qg0stl0&ttd_tpi=1 HTTP 302
  • https://jadserve.postrelease.com/suid/1007?vk=8caea125-1332-49dd-b4e8-4c16d2f9f136
Request Chain 215
  • https://sync.mathtag.com/sync/img?mt_exid=114&redir=https%3A%2F%2Fjadserve.postrelease.com%2Fsuid%2F1042%3Fvk%3D%5BMM_UUID%5D%20&prx_referrer=https%3A%2F%2Fnews.google.com%2F&ntv_it HTTP 302
  • https://jadserve.postrelease.com/suid/1042?vk=d9a7649c-7502-4200-a06d-d1c53a000c1d%20
Request Chain 216
  • https://b1sync.zemanta.com/usersync/nativo/?puid=0889790c-caa5-4b98-a28e-ac136bb5afe5&cb=https%3A%2F%2Fjadserve.postrelease.com%2Fsuid%2F1006%3Fvk%3D__ZUID__&prx_referrer=https%3A%2F%2Fnews.google.com%2F&ntv_it HTTP 302
  • https://stags.bluekai.com/site/23178?id=GgTZoJOdf55amNPZ-F1y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS62TBMRZWK4TWMUXHA33TORZGK3DFMFZWKLTDN5WS643VNFSC6MJQGA3D6ZLYMNUGC3THMU6W4YLUNF3G6JTWNM6UOZ2ULJXUUT3EMY2TKYLNJZIFULKGGF4Q HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS62TBMRZWK4TWMUXHA33TORZGK3DFMFZWKLTDN5WS643VNFSC6MJQGA3D6ZLYMNUGC3THMU6W4YLUNF3G6JTWNM6UOZ2ULJXUUT3EMY2TKYLNJZIFULKGGF4Q HTTP 302
  • https://jadserve.postrelease.com/suid/1006?vk=GgTZoJOdf55amNPZ-F1y
Request Chain 217
  • https://bh.contextweb.com/bh/rtset?pid=560921&ev=1&rurl=https://jadserve.postrelease.com/suid/1010?vk=%%VGUID%%&prx_referrer=https%3A%2F%2Fnews.google.com%2F&ntv_it HTTP 302
  • https://jadserve.postrelease.com/suid/1010?vk=Aghol5ZjA95W&ev=1&prx_referrer=https://news.google.com/&pid=560921
Request Chain 218
  • https://x.bidswitch.net/sync?ssp=nativo&gdpr=0/gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=nativo&gdpr=0/gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=nativo&bsw_custom_parameter=e5909bf2-71a8-45a7-b91d-17324c9598fd HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=nativo&bsw_custom_parameter=e5909bf2-71a8-45a7-b91d-17324c9598fd HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3822b5f9-f8c8-4207-9fcb-af17502becbc&user_group=1&ssp=nativo&bsw_param=e5909bf2-71a8-45a7-b91d-17324c9598fd HTTP 302
  • https://jadserve.postrelease.com/suid/1011?vk=e5909bf2-71a8-45a7-b91d-17324c9598fd
Request Chain 219
  • https://bttrack.com/pixel/cookiesync?source=3b452dcb-0cd7-47c7-b4d7-167ed732230d&secure=1&gdpr=0/gdpr_consent= HTTP 302
  • https://jadserve.postrelease.com/suid/1001?vk=77c88898-7a4b-4d09-b363-5fe491a39eef
Request Chain 223
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=0297515d-8802-451a-a73a-7b68eb95dabd&us_privacy=1--- HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=608b91da-7f77-43b5-bf6a-4fb5dd438242%3A1687975170.0883946&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D608b91da-7f77-43b5-bf6a-4fb5dd438242%253A1687975170.0883946%26pid%3D500040%26it%3D1%26iv%3D608b91da-7f77-43b5-bf6a-4fb5dd438242%253A1687975170.0883946%26_%3D1687975170.092228&cb=1687975170.0922709 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477416032030645&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D608b91da-7f77-43b5-bf6a-4fb5dd438242%253A1687975170.0883946%26pid%3D500040%26it%3D1%26iv%3D608b91da-7f77-43b5-bf6a-4fb5dd438242%253A1687975170.0883946%26_%3D1687975170.092228 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=608b91da-7f77-43b5-bf6a-4fb5dd438242%3A1687975170.0883946&pid=500040&it=1&iv=608b91da-7f77-43b5-bf6a-4fb5dd438242%3A1687975170.0883946&_=1687975170.092228 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1687975170.092228&iv=608b91da-7f77-43b5-bf6a-4fb5dd438242:1687975170.0883946
Request Chain 224
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3425623714870498952&us_privacy=1--- HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1---
Request Chain 225
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=0297515d-8802-451a-a73a-7b68eb95dabd&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=0297515d-8802-451a-a73a-7b68eb95dabd&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=e5909bf2-71a8-45a7-b91d-17324c9598fd HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=0297515d-8802-451a-a73a-7b68eb95dabd HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e5909bf2-71a8-45a7-b91d-17324c9598fd&ssp=liveintent&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594084812182436387&ssp=liveintent&gdpr=&gdpr_consent= HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e5909bf2-71a8-45a7-b91d-17324c9598fd
Request Chain 226
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=8caea125-1332-49dd-b4e8-4c16d2f9f136 HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=8caea125-1332-49dd-b4e8-4c16d2f9f136
Request Chain 228
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=0297515d-8802-451a-a73a-7b68eb95dabd&us_privacy=1--- HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=0297515d-8802-451a-a73a-7b68eb95dabd&us_privacy=1---&rd=Y
Request Chain 229
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=AvJBb6OycRk4Dp_JIEkA&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DF4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5IF3EUQTCGZHXSY2SNM2EI4C7JJEUK22BEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK3TUEZ2XGX3QOJUXMYLDPE6TCLJNFU&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=F4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5IF3EUQTCGZHXSY2SNM2EI4C7JJEUK22BEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK3TUEZ2XGX3QOJUXMYLDPE6TCLJNFU HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=AvJBb6OycRk4Dp_JIEkA&us_privacy=1---
Request Chain 236
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=16156&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Request Chain 244
  • https://sb.scorecardresearch.com/c2/plugins/streamingtag_plugin_jwplayer.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/streamingtag_plugin_jwplayer.js
Request Chain 308
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16156&khaos=LJG0U0S1-Q-EBQ2 HTTP 302
  • https://jadserve.postrelease.com/suid/1005?vk=LJG0U0S1-Q-EBQ2
Request Chain 340
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/N0YZdsRUCxxY8LxRX6rbiw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VaCkPJtE2oJIl2i9NkGQ2VAjpp7DqyGnvPheow--~A
Request Chain 341
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJG0U0S1-Q-EBQ2
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEParF2U7z69OqlqIvT9sqVY&google_cver=1
Request Chain 343
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8caea125-1332-49dd-b4e8-4c16d2f9f136&gdpr=0&gdpr_consent=&expires=30
Request Chain 344
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=g3EMusOiSB-mfci-L2dgnw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=g3EMusOiSB-mfci-L2dgnw
Request Chain 345
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmQ0NjY5OTliZGExZDljNzU1NmI0YjNkZTljODQwYWQyYmMzYTRkZQ
Request Chain 346
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 347
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpHMFUwUzEtUS1FQlEy HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ1AmbVq_QBy7de_akcDIK0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpHMFUwUzEtUS1FQlEy&google_push=
Request Chain 366
  • https://content.jwplatform.com/tracks/Hy6JDxMR.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/tracks/Hy6JDxMR.vtt
Request Chain 368
  • https://content.jwplatform.com/strips/RdEySYYI-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/RdEySYYI-120.vtt
Request Chain 402
  • https://id5-sync.com/i/1036/8.gif?id5id=ID5*R7EhQmcazCwxaPrbQLrrQ9KzuKDUkRJpqDh9k7cQ5LlSNoDAUe7ruNL0qnrUPjXIUjeLSAVg4IWjAes3O4D--A&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ace8QciIVhe6vqFmaK859GH82vJDVhOO6jnpkcKgww&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F1036%2F3%2F7%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1036/3/7/2.gif?puid=4b72649c-7502-4200-9732-0e3f626912f4&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1036%2F441%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1036/441/6/3.gif?puid=u_d17a1305-2dd4-444f-9878-45d8283b404d&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AADmZ07JOOoAACE6kkaYJA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1036%2F429%2F4%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/1036/429/4/5.gif?puid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1036%2F1242%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/1036/1242/3/6.gif?puid=G5H3cSZHuSINuM55Tu6cBHSs&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AADmZ07JOOoAACE6kkaYJA&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1036%2F1241%2F2%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/1036/1241/2/7.gif?puid=G5H3cSZHuSINuM55Tu6cBHSs&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=8caea125-1332-49dd-b4e8-4c16d2f9f136&ttl=%%TTL%% HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ace8QciIVhe6vqFmaK859GH82vJDVhOO6jnpkcKgww&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1036%2F124%2F0%2F9.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/1036/124/0/9.gif?puid=eda7d366-b8cc-463a-956a-6b796dc0cb7e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 408
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3309767730813480000V10
Request Chain 409
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=4e59a8badc0f0e92fea2abcf6533ab8a
Request Chain 410
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7244e3d5
Request Chain 411
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=2C656F80C1374931A3DC1E683CAACB1C&ex=simpli.fi&status=ok
Request Chain 412
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=0889790c-caa5-4b98-a28e-ac136bb5afe5
Request Chain 416
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=3wvez9v&ttd_tpi=1&ttd_puid=e7ccadfc-ee86-4adc-977c-fa2def473355_411d0d9b-3ba6-321f-0cd5-e5386014c5a3 HTTP 302
  • https://crb.kargo.com/api/v1/sync/ttd?qp=cbid&exid=8caea125-1332-49dd-b4e8-4c16d2f9f136&cbid=e7ccadfc-ee86-4adc-977c-fa2def473355_411d0d9b-3ba6-321f-0cd5-e5386014c5a3
Request Chain 417
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2FAppNexus%2F411d0d9b-3ba6-321f-0cd5-e5386014c5a3%3Frid%3De7ccadfc-ee86-4adc-977c-fa2def473355%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26exid%3D$UID HTTP 302
  • https://crb.kargo.com/api/v1/sync/AppNexus/411d0d9b-3ba6-321f-0cd5-e5386014c5a3?rid=e7ccadfc-ee86-4adc-977c-fa2def473355&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&exid=239972947338320392
Request Chain 418
  • https://x.bidswitch.net/sync?ssp=kargo&redir_url=e7ccadfc-ee86-4adc-977c-fa2def473355_411d0d9b-3ba6-321f-0cd5-e5386014c5a3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=kargo HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=kargo HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4662830998819244376&ssp=kargo HTTP 302
  • https://crb.kargo.com/api/v1/bswsync?bsw_uuid=e5909bf2-71a8-45a7-b91d-17324c9598fd&dsp_uuid=&dsp_id=&krg_ids=e7ccadfc-ee86-4adc-977c-fa2def473355_411d0d9b-3ba6-321f-0cd5-e5386014c5a3&gdpr=&gdpr_consent=&us_privacy=
Request Chain 427
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 428
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6418409603037558770&gdpr=0&gdpr_consent=
Request Chain 429
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4dcdb25de00b21d8&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMBhis0ppIlwM4L4b5AAAAAAA&expiration=1688061573&is_secure=true
Request Chain 430
  • https://usr.undertone.com/userPixel/syncr?partnerid=49&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=c3d6c5bd03b7435d96ea84c6e29685c3
Request Chain 431
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 436
  • https://content.jwplatform.com/strips/RdEySYYI-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/RdEySYYI-120.jpg
Request Chain 450
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1Ua0ZkT1l0RTJ1TGVKUnd5b3g5cG1RQ1FudjJMT1cxUn5B
Request Chain 452
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=239972947338320392&ex=appnexus.com
Request Chain 453
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Request Chain 455
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1548623984395205096461
Request Chain 456
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=239972947338320392
Request Chain 457
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_d17a1305-2dd4-444f-9878-45d8283b404d&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e5909bf2-71a8-45a7-b91d-17324c9598fd HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=940c2b41-f2d9-4620-97d9-28b02417b871&ssp=gumgum2&bsw_param=e5909bf2-71a8-45a7-b91d-17324c9598fd HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=&gdpr_consent=&us_privacy=
Request Chain 458
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28J-NwjesJFNOb3yYSuf2veWLW6enMHHkMoP-rsVqVCfy0PGmfYQM3Re_5rnFXBTA7%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28J-NwjesJFNOb3yYSuf2veWLW6enMHHkMoP-rsVqVCfy0PGmfYQM3Re_5rnFXBTA7%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_d17a1305-2dd4-444f-9878-45d8283b404d&obuid=ENC(J-NwjesJFNOb3yYSuf2veWLW6enMHHkMoP-rsVqVCfy0PGmfYQM3Re_5rnFXBTA7) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid=J-NwjesJFNOb3yYSuf2veWLW6enMHHkMoP-rsVqVCfy0PGmfYQM3Re_5rnFXBTA7&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=J-NwjesJFNOb3yYSuf2veWLW6enMHHkMoP-rsVqVCfy0PGmfYQM3Re_5rnFXBTA7&uid=8kbckfNH1cfpE9PB_BbIw6ZGhMrpRNKW8UtOXr_k
Request Chain 459
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=5b662e55-88f2-0e8f-08ed-c7c820761e62
Request Chain 460
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134
Request Chain 461
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-pp_PxGZE2pcD1JLIPIUKDbbaaD_36uEwGyq7~A
Request Chain 462
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=265f29b0-d998-4d0c-9f19-b770d7a10271
Request Chain 463
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=2C61E9DF353D4A649FEA6028B8CD8B11
Request Chain 465
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_d17a1305-2dd4-444f-9878-45d8283b404d&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=GgTZoJOdf55amNPZ-F1y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVDWOVC2N5FE6ZDGGU2WC3KOKBNC2RRRPE HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVDWOVC2N5FE6ZDGGU2WC3KOKBNC2RRRPE HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=GgTZoJOdf55amNPZ-F1y
Request Chain 466
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=eda7d366-b8cc-463a-956a-6b796dc0cb7e
Request Chain 467
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=Aghol5ZjA95W&ev=1&pid=558355
Request Chain 468
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6418409603037558770
Request Chain 473
  • https://match.adsrvr.org/track/cmf/openx?oxid=ac5b8a25-a0e7-36d9-6f96-d725e8261f24&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8caea125-1332-49dd-b4e8-4c16d2f9f136&ttd_puid=ac5b8a25-a0e7-36d9-6f96-d725e8261f24&gdpr=0&gdpr_consent=
Request Chain 475
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENW01gu2BA-4a3trBLAYZpE&google_cver=1
Request Chain 480
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZJx1AqyAB4e5NDZqrk0bIAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENR1-Mp-3M2yD6BReTakcC0&google_cver=1
Request Chain 481
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEM1UvtVm5eMlkHbktzYD__o&google_cver=1
Request Chain 482
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8caea125-1332-49dd-b4e8-4c16d2f9f136&expiration=1690567173&gdpr=0&gdpr_consent=
Request Chain 484
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=suw107PtPIWpuTqDvLwhgebsbYip7jvUseGltmzX
Request Chain 485
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZJx1AqyAB4e5NDZqrk0bIAAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZJx1AqyAB4e5NDZqrk0bIAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662096628127738
Request Chain 486
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=239972947338320392
Request Chain 487
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=jDeRK2Xd1Qezs15
Request Chain 498
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=4b72649c-7502-4200-9732-0e3f626912f4&gdpr=&gdpr_consent=
Request Chain 500
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZJx1BQAAAOrsJgAz HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZJx1BQAAAOrsJgAz&gdpr=&gdpr_consent=&_test=ZJx1BQAAAOrsJgAz
Request Chain 503
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=8caea125-1332-49dd-b4e8-4c16d2f9f136
Request Chain 504
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=SElZaUpuaFpQMWtGckl6UGVaS2g4QQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEH7L6j1ycPjAfPvKg05xK_c&google_cver=1
Request Chain 505
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=4d4fddcb1c3e21d8&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAInviS_9rlTAMR0oBrAAAAAAA&expiration=1688061573&nuid=&is_secure=true
Request Chain 506
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&gdpr_in_effect=0&gdpr_consent=
Request Chain 509
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Request Chain 510
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=usmagazine.com&sn=ChromeSyncframe&so=0&topUrl=www.usmagazine.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=XpQjf3wyTWcrNDRoQno2V3dTS0U0d1FZekNrRDRhbW5yR1FFckVYemhyQnV0QndRTFlJcTlKV0xxR0JnOE5udnRIY0MzS3VlUDdMNk9PWVVBWE9NVTZDcXZZOEdKOWl5Uy9rSFg3d1BRQjNEclBuUFRKbytCdkl5Q1NLMzhabk9meHZLSmc4WFIydXNXcVNKVGxvNUZlNjdjMExPZFJ4SW14OXFPblRVbzZMV0RtazMvUm1NbU04SDdXV0lvRWNKUjNnRVRTZTg3NjZncWttc1hvOFpCL1Byd2dBWU9PcFczU1l5WGNWcXNQc3REU0prOHBDZnlOc2FwSUc4SktmWjN3NkdYaE5lZmloWVI4bkx1b0FDVFNRMDdQaEp2aHAxWkIxL1h0Z0hBYVRHck5ZYz18&cppv=2
Request Chain 513
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=4dfdf087-7a88-42e9-8537-c91bdeaab859
Request Chain 514
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LJG0U0S1-Q-EBQ2&gdpr=0
Request Chain 515
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=TsQVy5XhU41iMArRnN9PSgW16oY&user_group=1&ssp=fmx&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=
Request Chain 517
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=239972947338320392&gdpr=0&gdpr_consent=
Request Chain 528
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTYzREEwQzktRDFGQS00OTlCLTlFMDEtNUJDRjNBN0I2NjdF&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cbWNa5VE2uUlRghyY3V02Cxv_KAIic0-~A&gdpr=0
Request Chain 529
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=239972947338320392&pn_id=an
Request Chain 530
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEFSJCU21F4tLYmhUmHEwdQc&google_cver=1
Request Chain 531
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=ge4d6940eec1a82772f4 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D501914cb-ae0d-46ea-848b-e9fb36399716%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=239972947338320392&pt=501914cb-ae0d-46ea-848b-e9fb36399716%2C%2C
Request Chain 532
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=e5909bf2-71a8-45a7-b91d-17324c9598fd
Request Chain 533
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=6418409603037558770&gdpr=0&gdpr_consent=
Request Chain 534
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212196038153722
Request Chain 535
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=1244ecb3-1fde-4a02-8e06-5183c7ad1028&gdpr=0
Request Chain 536
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=350811512 HTTP 302
  • https://sync.1rx.io/usersync/turn/3425623714870498952?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Request Chain 538
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=239972947338320392&gdpr=0&gdpr_consent=
Request Chain 539
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=22135efb-d39f-4c12-8b25-96a8360f6a50&gdpr_consent=null&gdpr=0
Request Chain 540
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=Aghol5ZjA95W&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 541
  • https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5946695555 HTTP 302
  • https://sync.1rx.io/usersync/turn/3425623714870498952?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Request Chain 542
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=445b96b3-7708-0b9c-24d1-8bb7c98fcb67
Request Chain 543
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=35dfa2c2-f9f1-430b-9666-f957c6f4bec5
Request Chain 544
  • https://ups.analytics.yahoo.com/ups/58760/sync?redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11591&id=y-F.WkOO1E2uLZ41MlwRkLIgcbo5fmrtUx~A&gdpr_in_effect=0
Request Chain 545
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=ge4d6940eec1a82772f4&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 546
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=9f7af5f0be739ea15fea914e9542278d&gdpr_consent=&gdpr=0
Request Chain 547
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB
Request Chain 548
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Request Chain 551
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZJx1BsCo5tAAAO21GzwAAAAA
Request Chain 554
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=DrY0oVYN8sevkqz4p13d&pi=gumgum&tc=1
Request Chain 555
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 558
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 562
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776&gdpr=0&gdpr_consent=
Request Chain 566
  • https://ad.doubleclick.net/ddm/trackimp/N46002.271389UNDERTONE.COM6/B29730455.364790415;dc_trk_aid=556689325;dc_trk_cid=185189264;ord=8dccae1c1d9a4c73a444a871c9729cd6;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=0;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N46002.271389UNDERTONE.COM6/B29730455.364790415;dc_pre=CJnEhMXF5v8CFYnKyAodfrcEOg;dc_trk_aid=556689325;dc_trk_cid=185189264;ord=8dccae1c1d9a4c73a444a871c9729cd6;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=0;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 567
  • https://p.placed.com/api/v2/sync/impression?partner=undertone&version=1.0&plaid=spacecoastmaysept&payload_campaign_identifier=339664&payload_timestamp=e2197b5c8f9f439d96f89bdb03895d94&payload_type=impression&t_cluster=0_25&xr=tapad HTTP 302
  • https://tapestry.tapad.com/tapestry/1?ta_partner_id=1862&ta_partner_did=undertone-d3fd4e11-acf8-462f-bf34-d19828afd165&ta_format=png
Request Chain 568
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=239972947338320392
Request Chain 569
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=e736ed02-a048-0aba-0513-c8e21f8a3f76
Request Chain 570
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ehLOIPpE2uEbk6TtmAK70p4Rb3HoyBz5~A
Request Chain 571
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LJG0U0S1-Q-EBQ2&gdpr=0
Request Chain 572
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=8caea125-1332-49dd-b4e8-4c16d2f9f136&ttl=1690567173
Request Chain 573
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DE63DA0C9-D1FA-499B-9E01-5BCF3A7B667E HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Request Chain 576
  • https://tags.bluekai.com/site/15597?id=4hvb6axf4rznsspn3pq4j7jkc&redir=https://ads.undertone.com/u?dp=1%26uid=$BK_UUID HTTP 302
  • https://ads.undertone.com/u?dp=1&uid=3CJXwZ5Z99eFujhA HTTP 307
  • https://evt.undertone.com/u?dp=1&uid=3CJXwZ5Z99eFujhA
Request Chain 577
  • https://ups.analytics.yahoo.com/ups/58545/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-LLEoLINE2uHcvWSuZg75RZgiclcHyPjZKEewfV8-~A&gdpr=0
Request Chain 578
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553
Request Chain 580
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=4hvb6axf4rznsspn3pq4j7jkc HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=4hvb6axf4rznsspn3pq4j7jkc
Request Chain 581
  • https://idsync.rlcdn.com/403716.gif?partner_uid=4hvb6axf4rznsspn3pq4j7jkc HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CITSGBIlCiEIARCakQEaGTRodmI2YXhmNHJ6bnNzcG4zcHE0ajdqa2MQABoNCIXq8aQGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=77be8789db0a5bbd3d99e741f37c3c0b91669b015d13d4371d3a1125856bd755791426b5417dce21&_=2 HTTP 307
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=00759824
Request Chain 591
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZJx1AqyAB4e5NDZqrk0bIAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENR1-Mp-3M2yD6BReTakcC0&google_cver=1
Request Chain 592
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEM1UvtVm5eMlkHbktzYD__o&google_cver=1
Request Chain 593
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8caea125-1332-49dd-b4e8-4c16d2f9f136&expiration=1690567174&gdpr=0&gdpr_consent=
Request Chain 595
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=239972947338320392
Request Chain 596
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3425623714870498952
Request Chain 597
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477416032030645
Request Chain 605
  • https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json HTTP 302
  • https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
Request Chain 610
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LJG0U0S1-Q-EBQ2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LJG0U0S1-Q-EBQ2&ex=d-rubiconproject.com&status=ok
Request Chain 611
  • https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json HTTP 302
  • https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
Request Chain 616
  • https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json HTTP 302
  • https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
Request Chain 628
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=themediagrid&ssp_user_id=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-Q2SklDBE2pmeQzjb5s0nGQxgZp0ys6i2TiKwog--~A&expires=5&ssp=themediagrid
Request Chain 630
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=ge4d6940eec1a82772f4 HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=8caea125-1332-49dd-b4e8-4c16d2f9f136
Request Chain 631
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LJG0U0S1-Q-EBQ2
Request Chain 632
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5389792780 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/8caea125-1332-49dd-b4e8-4c16d2f9f136 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Request Chain 635
  • https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1 HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=77c88898-7a4b-4d09-b363-5fe491a39eef&pn_id=b
Request Chain 637
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=8e2e216241b185d&is_secure=true&networkId=42851&version=1 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAIp9pPnAgDQAN2cqNUAAAAAAA&expiration=1688061588&is_secure=true
Request Chain 638
  • https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=MTgbSzA5Eh0qbRQbP2gPGWU4QxAqOhVMMjWIr3ab HTTP 302
  • https://ads.yieldmo.com/sync?userid=e5909bf2-71a8-45a7-b91d-17324c9598fd&pn_id=bsw&extinit=&gdpr=0&gdpr_consent=
Request Chain 639
  • https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=607e9990-e2f4-465c-b434-147e953d38a5
Request Chain 640
  • https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D HTTP 302
  • https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c8501938-32e3-0cf8-32f3-cb4b14cd0aba
Request Chain 641
  • https://sync.mathtag.com/sync/img?mt_exid=76&redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fmm_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://ads.yieldmo.com/v000/sync?mm_user_id=4b72649c-7502-4200-9732-0e3f626912f4
Request Chain 642
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=TsQVy5XhU41iMArRnN9PSgW16oY&gdpr=&gdpr_consent=
Request Chain 643
  • https://idsync.rlcdn.com/397286.gif?partner_uid=ge4d6940eec1a82772f4 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f99df543-6da0-00b9-30ef-57d6d1bd7efc
Request Chain 644
  • https://xsync.iqzone.com/psync?t=s&e=366&cb=https%3A%2F%2Fsync-iqzone.ads.yieldmo.com%2Fsync%3Fpn_id%3Diqzone%26id%3D%25USER_ID%25 HTTP 307
  • https://sync-iqzone.ads.yieldmo.com/sync?pn_id=iqzone&id=375f7fd0-4f51-4599-a9e6-22f5fc28fccd
Request Chain 645
  • https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-eq.ads.yieldmo.com/sync?pn_id=eq&id=6418409603037558770&gdpr=0&gdpr_consent=
Request Chain 647
  • https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=3309767730813480000V10
Request Chain 648
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=4dfdf087-7a88-42e9-8537-c91bdeaab859&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 650
  • https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=GgTZoJOdf55amNPZ-F1y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6YLEOMXHS2LFNRSG23ZOMNXW2L3WGAYDAL3TPFXGGP3FPBRWQYLOM5ST26LJMVWGI3LPEZYG4X3JMQ6XUJTVONSXE2LEHVDWOVC2N5FE6ZDGGU2WC3KOKBNC2RRRPE HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6YLEOMXHS2LFNRSG23ZOMNXW2L3WGAYDAL3TPFXGGP3FPBRWQYLOM5ST26LJMVWGI3LPEZYG4X3JMQ6XUJTVONSXE2LEHVDWOVC2N5FE6ZDGGU2WC3KOKBNC2RRRPE HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=z&userid=GgTZoJOdf55amNPZ-F1y
Request Chain 652
  • https://match.prod.bidr.io/cookie-sync/mo HTTP 303
  • https://sync-beeswax.ads.yieldmo.com/sync?pn_id=beeswax&ext=1&id=AADmZ07JOOoAACE6kkaYJA
Request Chain 653
  • https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D HTTP 307
  • https://ads.yieldmo.com/sync?pn_id=loopme&id=22135efb-d39f-4c12-8b25-96a8360f6a50
Request Chain 655
  • https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
  • https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=4662830998819244376
Request Chain 667
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=ogury&gdpr_consent=undefined&gdpr_consent=undefined&khaos=LJG0U0S1-Q-EBQ2 HTTP 302
  • https://ms-cookie-sync.presage.io/user-sync?magnite_id=LJG0U0S1-Q-EBQ2&gdpr_consent=undefined
Request Chain 676
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LJG0U0S1-Q-EBQ2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LJG0U0S1-Q-EBQ2
Request Chain 677
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LJG0U0S1-Q-EBQ2 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LJG0U0S1-Q-EBQ2
Request Chain 686
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477416032030645 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DE63DA0C9-D1FA-499B-9E01-5BCF3A7B667E%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
Request Chain 688
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5j2gydH6SZueAVvPOntmfg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 689
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=501914cb-ae0d-46ea-848b-e9fb36399716&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D501914cb-ae0d-46ea-848b-e9fb36399716%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=78738974830512867113324223811627894363&pt=501914cb-ae0d-46ea-848b-e9fb36399716%2C%2C
Request Chain 691
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&vxii_pid=12&vxii_pid1=10067&vxii_rcid=376abe3f-d3c5-4dec-b30b-62e299479154
Request Chain 692
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHsYcRaCGRGABKdBgob6gW8&google_cver=1
Request Chain 693
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2C656F80C1374931A3DC1E683CAACB1C
Request Chain 694
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3425623714870498952&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 695
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8caea125-1332-49dd-b4e8-4c16d2f9f136&gdpr=0&gdpr_consent=
Request Chain 715
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr=0&gdpr_consent=&gdpr=0&khaos=LJG0U0S1-Q-EBQ2 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LJG0U0S1-Q-EBQ2&gdpr=0
Request Chain 732
  • https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=235010;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_pre=CODatcbF5v8CFTYOiAkdpAIF7w;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=235010;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 734
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26ivc_p%3DNS4xODEuMjM0LjEzNA%3D%3D%26ivc_u%3DTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzY%3D%26ivc_ts%3DMTY4Nzk3NTE3NjE3NA%3D%3D%26ivc_r%3DdmlyZ2luaWE%3D%26ivc_al%3DTm9fQWNjZXB0X0xhbmd1YWdlX0hlYWRlcg%3D%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26ivc_p%3DNS4xODEuMjM0LjEzNA%3D%3D%26ivc_u%3DTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzY%3D%26ivc_ts%3DMTY4Nzk3NTE3NjE3NA%3D%3D%26ivc_r%3DdmlyZ2luaWE%3D%26ivc_al%3DTm9fQWNjZXB0X0xhbmd1YWdlX0hlYWRlcg%3D%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Request Chain 738
  • https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=925631;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_pre=CNXUtsbF5v8CFa1FcgodtV8GpQ;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=925631;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 740
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Request Chain 761
  • https://id.a-mx.com/sync/?tagId=&ref=https://news.google.com/&u=https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/&tl=https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/&nf=0&rt=true&v=7.50.0&av=2.0&vg=pbjs&us_privacy=1---&am=null&gdpr=0&gdpr_consent= HTTP 302
  • https://c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D
Request Chain 766
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=8caea125-1332-49dd-b4e8-4c16d2f9f136 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=PpIrlgHl&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=8caea125-1332-49dd-b4e8-4c16d2f9f136 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=8caea125-1332-49dd-b4e8-4c16d2f9f136
Request Chain 774
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbouncex%26bsw_param%3De5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=4b72649c-7502-4200-9732-0e3f626912f4&expires=30&ssp=bouncex&bsw_param=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=&gdpr_consent= HTTP 302
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=e5909bf2-71a8-45a7-b91d-17324c9598fd
Request Chain 783
  • https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=996260;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_pre=CMvh5MbF5v8CFcOQnwodEXcFhg;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=996260;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 785
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Request Chain 802
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=play&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=play&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Request Chain 807
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn339829&cr=crtve&ce=thetradedesk&pc=thetradedesk_plc0001&ci=nlsnci750&am=3&at=view&rt=banner&st=image&cy=0&r=1687975176174 HTTP 302
  • https://qmbrjc9n6lrr5ruhopjnqljhxhf4e1687975178.darnuid.imrworldwide.com/dar?url=
Request Chain 808
  • https://imtwjwoasak.com/trk?CNTRY=USA&SID=2500015828&TFID=10022&CMP_ID=112769&PUB_ID=1271&CTE=1029985&PLC_ID=3198042&RND_NUM=1687975176174 HTTP 302
  • https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
Request Chain 817
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEbVowN0pPT29BQUNFNmtrYVlKQQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADmZ07JOOoAACE6kkaYJA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADmZ07JOOoAACE6kkaYJA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6418409603037558770&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADmZ07JOOoAACE6kkaYJA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6418409603037558770%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6418409603037558770&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AADmZ07JOOoAACE6kkaYJA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADmZ07JOOoAACE6kkaYJA&gdpr=0&gdpr_consent=
Request Chain 818
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4b72649c-7502-4200-9732-0e3f626912f4&gdpr=0&gdpr_consent=
Request Chain 819
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_7b2d4bfb26e7466ea3d74
Request Chain 820
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=239972947338320392&gdpr=0&gdpr_consent=
Request Chain 827
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=24dc5a52ec4821d8&is_secure=true&networkId=17100&version=1&nuid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMBhis0ppL9QMqDmBvAAAAAAA&expiration=1688061588&nuid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 828
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_8aaddd70-15dd-11ee-a3c3-1297b61989fd&gdpr=0
Request Chain 829
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=265f29b0-d998-4d0c-9f19-b770d7a10271&gdpr=0&gdpr_consent=
Request Chain 830
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4dfdf087-7a88-42e9-8537-c91bdeaab859&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 838
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_4YJDP6HAFrk0wZc8dYdXquGUVfkhAcL_Iu-kH9t
Request Chain 839
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8cbab7b4-15dd-11ee-a8ee-3b17880e0cb5
Request Chain 840
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dpubmatic%26uid%3DE63DA0C9-D1FA-499B-9E01-5BCF3A7B667E HTTP 302
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Request Chain 841
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jDeRK2Xd1Qezs15&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dpubmatic%26uid%3DE63DA0C9-D1FA-499B-9E01-5BCF3A7B667E HTTP 302
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Request Chain 842
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=940c2b41-f2d9-4620-97d9-28b02417b871&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Request Chain 843
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TsQVy5XhU41iMArRnN9PSgW16oY&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 844
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=794911503444
Request Chain 846
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 847
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 848
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=4533086837 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/1508/4b72649c-7502-4200-9732-0e3f626912f4?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Request Chain 850
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=_w2-TtISCO-eZA0eCnWcZA
Request Chain 851
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=08b1545e-1485-473b-8a76-8967631d1b03
Request Chain 854
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7412615781708265177&uid=Q7412615781708265177&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7412615781708265177
Request Chain 855
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2C656F80C1374931A3DC1E683CAACB1C&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 856
  • https://idsync.rlcdn.com/712188.gif?partner_uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMSmdZ1QAWxGvi9lz2LRp40&google_cver=1
Request Chain 860
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&gdpr=0&gdpr_consent=
Request Chain 861
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_104FCD7C0_8F0FC0C0&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 862
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4662830998819244376
Request Chain 863
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=239972947338320392 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 864
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:88f634e2-74e7-4900-a02a-59eda86628c9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 871
  • https://id.a-mx.com/usync?uid=e7e5b395-f284-45fc-a66e-d2fd1994f7da&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/cchain/0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F465%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dappnexus%26cbx%3D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/465?gdpr=&gdpr_consent=&us_privacy=&A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=appnexus&cbx=&uid=239972947338320392 HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F465%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dadform%26cbx%3D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/1/465?gdpr=&gdpr_consent=&us_privacy=&A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=adform&cbx=&uid=4662830998819244376 HTTP 302
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=e7e5b395-f284-45fc-a66e-d2fd1994f7da&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-V_62sWQ-KjWVYdMfS-YWz9cWBj0nwVT1Hor_DA&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 872
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=e7e5b395-f284-45fc-a66e-d2fd1994f7da&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=15cf37cc-83b0-52b3-b26c-ed5ad6f09850&ssp=adaptmx&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 873
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=e7e5b395-f284-45fc-a66e-d2fd1994f7da HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-LLEoLINE2uHcvWSuZg75RZgiclcHyPjZKEewfV8-~A&gdpr=0
Request Chain 874
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LJG0U0S1-Q-EBQ2&gdpr=0
Request Chain 875
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=adform&uid=4662830998819244376
Request Chain 876
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=smartadserver&uid=6418409603037558770
Request Chain 877
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253De7e5b395-f284-45fc-a66e-d2fd1994f7da%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dpubmatic%26uid%3DE63DA0C9-D1FA-499B-9E01-5BCF3A7B667E HTTP 302
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Request Chain 878
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=index_rtb&uid=ZJx1AqyAB4e5NDZqrk0bIAAA%261381
Request Chain 879
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=sovrn&uid=G5H3cSZHuSINuM55Tu6cBHSs
Request Chain 880
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=appnexus&uid=239972947338320392
Request Chain 891
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn339829&cr=crtve&ce=thetradedesk&pc=thetradedesk_plc0001&ci=nlsnci750&am=3&at=view&rt=banner&st=image&cy=0&r=1687975176174 HTTP 302
  • https://9d8u0rnshxrn411z5jbukvbvbefsa1687975178.darnuid.imrworldwide.com/dar?url=
Request Chain 893
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=play&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=play&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Request Chain 898
  • https://imtwjwoasak.com/trk?CNTRY=USA&SID=2500015828&TFID=10022&CMP_ID=112769&PUB_ID=1271&CTE=1029985&PLC_ID=3192555&RND_NUM=1687975176174 HTTP 302
  • https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
Request Chain 952
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=8d7f25e0-15dd-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Request Chain 953
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWVhQVpsZ1dJQklSTWlTVnExdU5NSEN2Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4662830998819244376&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 961
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=vpoint&event_id=percent&event_value=25&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=vpoint&event_id=percent&event_value=25&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Request Chain 968
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=vpoint&event_id=percent&event_value=25&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=vpoint&event_id=percent&event_value=25&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Request Chain 1002
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=vpoint&event_id=percent&event_value=50&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=vpoint&event_id=percent&event_value=50&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Request Chain 1006
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=vpoint&event_id=percent&event_value=50&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=vpoint&event_id=percent&event_value=50&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Request Chain 1015
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=vpoint&event_id=percent&event_value=75&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=vpoint&event_id=percent&event_value=75&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Request Chain 1019
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=vpoint&event_id=percent&event_value=75&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=vpoint&event_id=percent&event_value=75&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0

1010 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlY...
news.google.com/articles/ 		1 MB
218 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6bf02cf0f3f022066a5f59449174dfacc1cb9690ea07a64a1afd8223aa7c3900
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eRTYA6lwG4DzHTkR4OYEpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://maps.googleapis.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-eRTYA6lwG4DzHTkR4OYEpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://maps.googleapis.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
date
Wed, 28 Jun 2023 17:59:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
0
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700,400i,500i,700i
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf933a19179b4733c5ec68640d966cae7d022c97cd4fcd3929f9e1d9556f66d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Jun 2023 17:59:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 17:58:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Jun 2023 17:59:27 GMT
cspreport
news.google.com/_/DotsSplashUi/ 		0
203 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/DotsSplashUi/cspreport
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UcxgJj7SQDuZg_rZNPKF1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://maps.googleapis.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 28 Jun 2023 17:59:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-UcxgJj7SQDuZg_rZNPKF1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://maps.googleapis.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin-allow-popups
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SYGF1G18MM
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf3ceba52c194d664480f9b1f8823079746f69ea73f5604d3d48ff0869182643
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78272
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Jun 2023 17:59:27 GMT
m=n73qwf,UUJqVe,MpJwZc
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=_b,_r,_tp/excm=_b,_r,... 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=n73qwf,UUJqVe,MpJwZc
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87e0632e1c0a0f23950354ebcf0b783cb9accd4ba93a2bb43e4f06c36fc8446a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4381
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
m=ws9Tlc,IZT63,e5qFLc,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,WO9ee,gkizLe,lwOjSb,ryNBp,JntzAe,CLDLad,FSc7tf,m9oV,Whpzpe,mI3LFb,O6y8ed,PrPYRd,LEikZe,NwH0H,OmgaI...
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=MpJwZc,UUJqVe,_b,_r,_... 		535 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=MpJwZc,UUJqVe,_b,_r,_tp,n73qwf/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=ws9Tlc,IZT63,e5qFLc,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,WO9ee,gkizLe,lwOjSb,ryNBp,JntzAe,CLDLad,FSc7tf,m9oV,Whpzpe,mI3LFb,O6y8ed,PrPYRd,LEikZe,NwH0H,OmgaI,hT8rr,YV1Fke,OmccEb,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,fFdwef,k3XnTe,s39S4,xsFqcf,duFQFc,lwddkf,gychg,w9hDv,zSKCpd,EEDORb,RMhBfe,XGmYob,SdcwHb,aW3pY,pw70Gc,aXyUec,EFQ78c,Ulmmrd,ZfAoz,BeJYtf,xQtZb,JNoxi,kWgXee,BVgquf,QIhFr,ovKuLd,yDVVkb,hc6Ubd,SpsfSb,KG2eXe,Z5uLle,BBI74,VwDzFe,UXJhUd,zthM6,MdUzUe,A7fCU,EBW0uc,RLw19,eYnyH,zbML3c,zr1jrb,H4RQsd,mdR7q,oovi3d,MI6k7c,kjKdXe,Uas9Hd,hKSk3e,pjICDe
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6c40b8281ef6fc867e005ab5f0b1d206bfb41a600d7786bd725eb9fadbca79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166995
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
googlelogo_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 03:02:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
140207
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
663
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 26 Jun 2024 03:02:40 GMT
pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v9/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/productsans/v9/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 21:13:10 GMT
x-content-type-options
nosniff
age
506777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31568
x-xss-protection
0
last-modified
Mon, 15 Aug 2016 20:30:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Jun 2024 21:13:10 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 16:14:59 GMT
x-content-type-options
nosniff
age
351868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jun 2024 16:14:59 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v14/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 00:53:35 GMT
x-content-type-options
nosniff
age
61552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21700
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:43:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2024 00:53:35 GMT
m=U4Hp0d,SF88Ef,rCcCxc,mzzZzc,gJzDyc,CkDnH,nYRqfb,thFYTd,MxVzvd,hep7xb,Iake0,ShAjaf,FbcxRc
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A7fCU,BBI74,BVgquf,Be... 		146 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,EBW0uc,EEDORb,EFQ78c,FSc7tf,H4RQsd,IZT63,JNoxi,JntzAe,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PrPYRd,QIhFr,RLw19,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,gkizLe,gychg,hKSk3e,hT8rr,hc6Ubd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,oovi3d,ovKuLd,pjICDe,pw70Gc,ryNBp,s39S4,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zSKCpd,zbML3c,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=U4Hp0d,SF88Ef,rCcCxc,mzzZzc,gJzDyc,CkDnH,nYRqfb,thFYTd,MxVzvd,hep7xb,Iake0,ShAjaf,FbcxRc
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1328f9689391077bcb56ba764a9be242430668e6cec738f37bd1bc0faa69042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50206
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
rs=AA2YrTuPH0k374gbykWvq6OH1fPu-EfqIg
www.gstatic.com/og/_/js/k=og.qtm.en_US.CsKRqICxnU0.2019.O/rt=j/m=q_dnp,q_sf,q_pc,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3... 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/js/k=og.qtm.en_US.CsKRqICxnU0.2019.O/rt=j/m=q_dnp,q_sf,q_pc,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTuPH0k374gbykWvq6OH1fPu-EfqIg
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61a07a268d52ba6e66be18663ef7fa1a2a1f99469b180224a083fbf0e4013f37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 14:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55160
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 07:51:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
vary
Accept-Encoding, Origin
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Jun 2024 14:19:11 GMT
rs=AA2YrTskQVuI_RegvjB3vE2uQHtwf-5cGg
www.gstatic.com/og/_/ss/k=og.qtm.gdDckMx1Njs.L.W.O/m=q_sf,qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc... 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/ss/k=og.qtm.gdDckMx1Njs.L.W.O/m=q_sf,qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTskQVuI_RegvjB3vE2uQHtwf-5cGg
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2aa94f22b40ca14999fba3161150f2b059a8fd8ab3043cfc17162232de20a81e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 07:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
868
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 01:39:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
vary
Accept-Encoding, Origin
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Jun 2024 07:31:14 GMT
m=K99qY,i5dxUd,i5H9N,Mq9n0c,RAnnUd,PHUIyb,uu7UOe,wg1P6b,soHxf,qNG0Fc,ywOR5c
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A7fCU,BBI74,BVgquf,Be... 		104 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EEDORb,EFQ78c,FSc7tf,FbcxRc,H4RQsd,IZT63,Iake0,JNoxi,JntzAe,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,MxVzvd,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PrPYRd,QIhFr,RLw19,RMhBfe,SF88Ef,SdcwHb,ShAjaf,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,gJzDyc,gkizLe,gychg,hKSk3e,hT8rr,hc6Ubd,hep7xb,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nYRqfb,oovi3d,ovKuLd,pjICDe,pw70Gc,rCcCxc,ryNBp,s39S4,thFYTd,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zSKCpd,zbML3c,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=K99qY,i5dxUd,i5H9N,Mq9n0c,RAnnUd,PHUIyb,uu7UOe,wg1P6b,soHxf,qNG0Fc,ywOR5c
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
277a5f10cd787e21ddacc4e059e4386ddfa5475c0004165bd296ae43c1bd5b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31868
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
m=NnCtjc,t5lJYe,MM4v8d
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A7fCU,BBI74,BVgquf,Be... 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EEDORb,EFQ78c,FSc7tf,FbcxRc,H4RQsd,IZT63,Iake0,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,MxVzvd,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PHUIyb,PrPYRd,QIhFr,RAnnUd,RLw19,RMhBfe,SF88Ef,SdcwHb,ShAjaf,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,gJzDyc,gkizLe,gychg,hKSk3e,hT8rr,hc6Ubd,hep7xb,i5H9N,i5dxUd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nYRqfb,oovi3d,ovKuLd,pjICDe,pw70Gc,qNG0Fc,rCcCxc,ryNBp,s39S4,soHxf,thFYTd,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,ywOR5c,zSKCpd,zbML3c,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=NnCtjc,t5lJYe,MM4v8d
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43c284f12003f53aa676e6ebc29031ae0f735af7148f0e0bcb1f444f2e27c8cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23155
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-SYGF1G18MM&gtm=45je36q0&_p=1210947882&cid=1301839818.1687975168&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687975167&sct=1&seg=0&dl=https%3A%2F%2Fnews.google.com%2Farticles%2FCBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw%3Fhl%3Den-US%26gl%3DUS%26ceid%3DUS%253Aen&dt=Google%20News%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SYGF1G18MM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.google.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=A4UTCb,VXdfxd,zbPkme
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A7fCU,BBI74,BVgquf,Be... 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EEDORb,EFQ78c,FSc7tf,FbcxRc,H4RQsd,IZT63,Iake0,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MM4v8d,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,MxVzvd,NnCtjc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PHUIyb,PrPYRd,QIhFr,RAnnUd,RLw19,RMhBfe,SF88Ef,SdcwHb,ShAjaf,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,gJzDyc,gkizLe,gychg,hKSk3e,hT8rr,hc6Ubd,hep7xb,i5H9N,i5dxUd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nYRqfb,oovi3d,ovKuLd,pjICDe,pw70Gc,qNG0Fc,rCcCxc,ryNBp,s39S4,soHxf,t5lJYe,thFYTd,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,ywOR5c,zSKCpd,zbML3c,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=A4UTCb,VXdfxd,zbPkme
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b62820bd62341ace748acaaa792d187d5c51df0b2b9f72d2bb7852759579a578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3967
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uwHuQY_gg44.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_V1jKXTs4TkQZGty4n4aTwpK1Z_Q/ 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uwHuQY_gg44.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_V1jKXTs4TkQZGty4n4aTwpK1Z_Q/cb=gapi.loaded_0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.CsKRqICxnU0.2019.O/rt=j/m=q_dnp,q_sf,q_pc,qmd,qcwid,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTuPH0k374gbykWvq6OH1fPu-EfqIg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b577857c178a06510ed5a51ef48205d61a43b7107be350535a41b08c8b870e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 06:54:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40799
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 15:23:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 06:54:16 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BV... 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EEDORb,EFQ78c,FSc7tf,FbcxRc,H4RQsd,IZT63,Iake0,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MM4v8d,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,MxVzvd,NnCtjc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PHUIyb,PrPYRd,QIhFr,RAnnUd,RLw19,RMhBfe,SF88Ef,SdcwHb,ShAjaf,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,gJzDyc,gkizLe,gychg,hKSk3e,hT8rr,hc6Ubd,hep7xb,i5H9N,i5dxUd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nYRqfb,oovi3d,ovKuLd,pjICDe,pw70Gc,qNG0Fc,rCcCxc,ryNBp,s39S4,soHxf,t5lJYe,thFYTd,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,ywOR5c,zSKCpd,zbML3c,zbPkme,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=RqjULd
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5dba343fb6b60d15c583612204f9553fb97f076394803bc291bc3c7f5ae9da5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6215
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
m=HNUyHc,hECoeb
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BV... 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EEDORb,EFQ78c,FSc7tf,FbcxRc,H4RQsd,IZT63,Iake0,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MM4v8d,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,MxVzvd,NnCtjc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PHUIyb,PrPYRd,QIhFr,RAnnUd,RLw19,RMhBfe,RqjULd,SF88Ef,SdcwHb,ShAjaf,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,gJzDyc,gkizLe,gychg,hKSk3e,hT8rr,hc6Ubd,hep7xb,i5H9N,i5dxUd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nYRqfb,oovi3d,ovKuLd,pjICDe,pw70Gc,qNG0Fc,rCcCxc,ryNBp,s39S4,soHxf,t5lJYe,thFYTd,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,ywOR5c,zSKCpd,zbML3c,zbPkme,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=HNUyHc,hECoeb
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d086075e90e6b2ee708c049b87ff8474fdb1f76048d83c01ae9330b896207d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4900
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BV... 		1 KB
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EEDORb,EFQ78c,FSc7tf,FbcxRc,H4RQsd,HNUyHc,IZT63,Iake0,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MM4v8d,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,MxVzvd,NnCtjc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PHUIyb,PrPYRd,QIhFr,RAnnUd,RLw19,RMhBfe,RqjULd,SF88Ef,SdcwHb,ShAjaf,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,i5H9N,i5dxUd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nYRqfb,oovi3d,ovKuLd,pjICDe,pw70Gc,qNG0Fc,rCcCxc,ryNBp,s39S4,soHxf,t5lJYe,thFYTd,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,ywOR5c,zSKCpd,zbML3c,zbPkme,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=bm51tf
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef677d1010d4d038eee45ecea5ccbc017ebb90e7a8c596cabf15c6f70e55c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
706
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,EBW0uc,EEDORb,EFQ78c,FSc7tf,H4RQsd,IZT63,JNoxi,JntzAe,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PrPYRd,QIhFr,RLw19,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,gkizLe,gychg,hKSk3e,hT8rr,hc6Ubd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,n73qwf,oovi3d,ovKuLd,pjICDe,pw70Gc,ryNBp,s39S4,w9hDv,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,zSKCpd,zbML3c,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=U4Hp0d,SF88Ef,rCcCxc,mzzZzc,gJzDyc,CkDnH,nYRqfb,thFYTd,MxVzvd,hep7xb,Iake0,ShAjaf,FbcxRc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22e090a2f77aea11ff438e0a8f620a6e93a6c386291ea9c88b31c35adbc18d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34921
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 00:36:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 18:10:46 GMT
m=sOXFj,q0xTif,xhgKH
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BV... 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EEDORb,EFQ78c,FSc7tf,FbcxRc,H4RQsd,HNUyHc,IZT63,Iake0,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MM4v8d,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,MxVzvd,NnCtjc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PHUIyb,PrPYRd,QIhFr,RAnnUd,RLw19,RMhBfe,RqjULd,SF88Ef,SdcwHb,ShAjaf,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,bm51tf,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,i5H9N,i5dxUd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nYRqfb,oovi3d,ovKuLd,pjICDe,pw70Gc,qNG0Fc,rCcCxc,ryNBp,s39S4,soHxf,t5lJYe,thFYTd,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xsFqcf,yDVVkb,ywOR5c,zSKCpd,zbML3c,zbPkme,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=sOXFj,q0xTif,xhgKH
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b25ee381fa576e7799e5f5246c684cc7fa32364548dd177e6fef33836843a03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3502
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
m=VkjdHd
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BV... 		2 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EEDORb,EFQ78c,FSc7tf,FbcxRc,H4RQsd,HNUyHc,IZT63,Iake0,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MM4v8d,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,MxVzvd,NnCtjc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PHUIyb,PrPYRd,QIhFr,RAnnUd,RLw19,RMhBfe,RqjULd,SF88Ef,SdcwHb,ShAjaf,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,bm51tf,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,i5H9N,i5dxUd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nYRqfb,oovi3d,ovKuLd,pjICDe,pw70Gc,q0xTif,qNG0Fc,rCcCxc,ryNBp,s39S4,sOXFj,soHxf,t5lJYe,thFYTd,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xhgKH,xsFqcf,yDVVkb,ywOR5c,zSKCpd,zbML3c,zbPkme,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=VkjdHd
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecffe388d0956d3936af2501056981473c5bc56906a8383a709e9a53dc6f0065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
829
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
m=g2JDKf
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BV... 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EEDORb,EFQ78c,FSc7tf,FbcxRc,H4RQsd,HNUyHc,IZT63,Iake0,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MM4v8d,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,MxVzvd,NnCtjc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PHUIyb,PrPYRd,QIhFr,RAnnUd,RLw19,RMhBfe,RqjULd,SF88Ef,SdcwHb,ShAjaf,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VkjdHd,VwDzFe,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,bm51tf,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,i5H9N,i5dxUd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nYRqfb,oovi3d,ovKuLd,pjICDe,pw70Gc,q0xTif,qNG0Fc,rCcCxc,ryNBp,s39S4,sOXFj,soHxf,t5lJYe,thFYTd,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xhgKH,xsFqcf,yDVVkb,ywOR5c,zSKCpd,zbML3c,zbPkme,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=g2JDKf
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfa55833ab25056c2ba2d9dd70ee9f890d388bd8cd0b7daf600b0853ea2d0bab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4570
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
log
play.google.com/ 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 Jun 2023 17:59:28 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 Jun 2023 17:59:28 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
batchexecute
news.google.com/_/DotsSplashUi/data/ 		150 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=xZTw2c&source-path=%2Farticles%2FCBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw&f.sid=4249814056713858751&bl=boq_dotssplashserver_20230623.11_p0&hl=en-US&gl=US&soc-app=140&soc-platform=1&soc-device=1&_reqid=64768&rt=c
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3cfed6b2c524f2008653df00fa67fe38219166b97319c613bd9d296db3dc069
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin-allow-popups
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
log
play.google.com/ 		131 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
m=WxkY9
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BV... 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EEDORb,EFQ78c,FSc7tf,FbcxRc,H4RQsd,HNUyHc,IZT63,Iake0,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MM4v8d,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,MxVzvd,NnCtjc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PHUIyb,PrPYRd,QIhFr,RAnnUd,RLw19,RMhBfe,RqjULd,SF88Ef,SdcwHb,ShAjaf,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VkjdHd,VwDzFe,WO9ee,Whpzpe,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,bm51tf,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,g2JDKf,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,i5H9N,i5dxUd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nYRqfb,oovi3d,ovKuLd,pjICDe,pw70Gc,q0xTif,qNG0Fc,rCcCxc,ryNBp,s39S4,sOXFj,soHxf,t5lJYe,thFYTd,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xhgKH,xsFqcf,yDVVkb,ywOR5c,zSKCpd,zbML3c,zbPkme,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=WxkY9
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79a829f1d45fd93bf0174167e84bd25aca0dd835921bd0e0e007fde039e268e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2067
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:07 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BV... 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EEDORb,EFQ78c,FSc7tf,FbcxRc,H4RQsd,HNUyHc,IZT63,Iake0,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MM4v8d,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,MxVzvd,NnCtjc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PHUIyb,PrPYRd,QIhFr,RAnnUd,RLw19,RMhBfe,RqjULd,SF88Ef,SdcwHb,ShAjaf,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VkjdHd,VwDzFe,WO9ee,Whpzpe,WxkY9,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,bm51tf,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,g2JDKf,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,i5H9N,i5dxUd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nYRqfb,oovi3d,ovKuLd,pjICDe,pw70Gc,q0xTif,qNG0Fc,rCcCxc,ryNBp,s39S4,sOXFj,soHxf,t5lJYe,thFYTd,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xhgKH,xsFqcf,yDVVkb,ywOR5c,zSKCpd,zbML3c,zbPkme,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8836f7088f21cc8795aab140702293fe50af82c1a3ac87ce4b44db22915f374e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2754
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:10 GMT
m=gNYsTc,bTi8wc,EF8pe,yRXbo
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BV... 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=A4UTCb,A7fCU,BBI74,BVgquf,BeJYtf,CLDLad,COQbmf,CkDnH,EBW0uc,EEDORb,EFQ78c,FCpbqb,FSc7tf,FbcxRc,H4RQsd,HNUyHc,IZT63,Iake0,JNoxi,JntzAe,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MM4v8d,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,MxVzvd,NnCtjc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmccEb,OmgaI,PHUIyb,PrPYRd,QIhFr,RAnnUd,RLw19,RMhBfe,RqjULd,SF88Ef,SdcwHb,ShAjaf,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,UXJhUd,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VkjdHd,VwDzFe,WO9ee,WhJNk,Whpzpe,Wt6vjf,WxkY9,XGmYob,XVMNvd,YV1Fke,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aXyUec,aurFic,bm51tf,byfTOb,duFQFc,e5qFLc,eYnyH,fFdwef,fKUV3e,g2JDKf,gJzDyc,gkizLe,gychg,hECoeb,hKSk3e,hT8rr,hc6Ubd,hep7xb,hhhU8,i5H9N,i5dxUd,k3XnTe,kWgXee,kjKdXe,lazG7b,lsjVmc,lwOjSb,lwddkf,m9oV,mI3LFb,mdR7q,mzzZzc,n73qwf,nYRqfb,oovi3d,ovKuLd,pjICDe,pw70Gc,q0xTif,qNG0Fc,rCcCxc,ryNBp,s39S4,sOXFj,soHxf,t5lJYe,thFYTd,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xhgKH,xsFqcf,yDVVkb,ywOR5c,zSKCpd,zbML3c,zbPkme,zr1jrb,zthM6/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=gNYsTc,bTi8wc,EF8pe,yRXbo
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/am=AEGAYAOas4AGYA/d=1/excm=_b,_r,_tp,article/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2NjLehT_3BrOeZbaoso-GgCj70isg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b03abaa8e91951bd4276a92f07ed693275365d30ba1dea84c6c6fe404593d83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 15:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9248
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 03:44:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 15:31:10 GMT
kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 18:05:11 GMT
x-content-type-options
nosniff
age
431657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162924
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:15:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Jun 2024 18:05:11 GMT
Primary Request /
www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/ 		295 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_US.azWnjHVzkM0.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.X4NJoKMSv60.L.B1.O/am=AEGAYAOas4AGYA/d=1/exm=MpJwZc,UUJqVe,_b,_r,_tp,n73qwf/excm=_b,_r,_tp,article/ed=1/wt=2/ujg=1/rs=ALs0n2OWOxkrwcY1W-8y9FNY8WSjGiI96Q/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=ws9Tlc,IZT63,e5qFLc,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,WO9ee,gkizLe,lwOjSb,ryNBp,JntzAe,CLDLad,FSc7tf,m9oV,Whpzpe,mI3LFb,O6y8ed,PrPYRd,LEikZe,NwH0H,OmgaI,hT8rr,YV1Fke,OmccEb,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,fFdwef,k3XnTe,s39S4,xsFqcf,duFQFc,lwddkf,gychg,w9hDv,zSKCpd,EEDORb,RMhBfe,XGmYob,SdcwHb,aW3pY,pw70Gc,aXyUec,EFQ78c,Ulmmrd,ZfAoz,BeJYtf,xQtZb,JNoxi,kWgXee,BVgquf,QIhFr,ovKuLd,yDVVkb,hc6Ubd,SpsfSb,KG2eXe,Z5uLle,BBI74,VwDzFe,UXJhUd,zthM6,MdUzUe,A7fCU,EBW0uc,RLw19,eYnyH,zbML3c,zr1jrb,H4RQsd,mdR7q,oovi3d,MI6k7c,kjKdXe,Uas9Hd,hKSk3e,pjICDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
4ddf3d67d8c897d55ade9914dc732ad79e863ef84ef6da40d8d1e9b8aee24251
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options sameorigin

Request headers

Referer
https://news.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1067
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-length
56498
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 28 Jun 2023 17:59:28 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.usmagazine.com/wp-json/>; rel="https://api.w.org/" <https://www.usmagazine.com/wp-json/wp/v2/posts/3328688>; rel="alternate"; type="application/json" <https://www.usmagazine.com/?p=3328688>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache
hit
x-frame-options
sameorigin
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
jfk2 85 188 443
log
play.google.com/ 		0
0
log
play.google.com/ Frame 		0
0
script.js
d17tqr44y57o31.cloudfront.net/ 		125 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d17tqr44y57o31.cloudfront.net/script.js
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:9400:e:a5e8:ab40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbae90311d9ffbdf7c45ab8a8ffdab26972a5b1b92871ac3ac6d400f60223ec9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:52:34 GMT
content-encoding
gzip
via
1.1 c855cfdfac580e3b58f1c68c8d67dcf6.cloudfront.net (CloudFront)
x-amz-version-id
evyhn2VpI5PlF7QBHweK8A5k2AH13mbc
last-modified
Wed, 28 Jun 2023 17:25:50 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C2
age
415
x-amz-server-side-encryption
AES256
etag
W/"87b9afde73f6b0e3f5f7dad85bc0992b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
J2Zhd8WNN3mG911lv5krjD2xJ8MaYXYSVwTTowwZ9q6mzO-ENCfarA==
MuseoSans_300-webfont.woff2
www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/museo-sans/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/museo-sans/MuseoSans_300-webfont.woff2
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f529c3ecc2467d3a337c410fee3c18ff003e9031c36077c789bbccfa749170ac

Request headers

Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 188 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-497c"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
18812
MuseoSans_700-webfont.woff2
www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/museo-sans/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/museo-sans/MuseoSans_700-webfont.woff2
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3aff91166f4a09caf8a8bdc3135c6350e3d7251ed9dede9e0fa9d23fb9aeaf6a

Request headers

Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 188 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-4960"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
18784
FiraSansExtraCondensed-Light.woff2
www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/fira-sans/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/fira-sans/FiraSansExtraCondensed-Light.woff2
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
26c558e4ade6f748267832defc2199e478079c29415448f960e40009f80da800

Request headers

Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 188 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-55dc"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21980
FiraSansExtraCondensed-Medium.woff2
www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/fira-sans/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/fira-sans/FiraSansExtraCondensed-Medium.woff2
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9960ddb8c6047b822f90adf3e6647b8129c04fcd9899ce86c61db6e1485ddc1f

Request headers

Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 187 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-576c"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22380
FiraSansExtraCondensed-SemiBold.woff2
www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/fira-sans/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/fira-sans/FiraSansExtraCondensed-SemiBold.woff2
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4014155aa81a7bb4765e2c7bf877691d928a8556cec568eb95715a024d36ce64

Request headers

Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 187 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-5b74"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
23412
FiraSansExtraCondensed-Bold.woff2
www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/fira-sans/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/fira-sans/FiraSansExtraCondensed-Bold.woff2
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
92004eb87a165e75d840e47a209328e8bec1bd2ddd5f2c3c54c06171bd9e9082

Request headers

Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 187 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-5be0"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
23520
410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
cdn.permutive.com/ 		412 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdcdd31e20a40aaa485d085c34aaa0dff1ef13690e25cd6376d00d00a5bc38e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
410f7cce-1402-4d0e-8d36-f430b2eb2066
age
0
x-guploader-uploadid
ADPycdvXdZ7Gf9cUgOclq_iVwQoLy9Unb3ObrZ4TEe6ydD7mW1l9PPSUHQrFUrhIOR87aJwZrp2tcS1iqBF1X-0f84E3iw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Mon, 26 Jun 2023 16:29:57 GMT
server
cloudflare
etag
W/"dfc8d7401a4bd397289bda8d1fb3427b"
vary
Accept-Encoding
x-goog-generation
1687796997411202
content-type
application/javascript
x-goog-hash
crc32c=DbE/yg==, md5=38jXQBpL05com9qNH7NCew==
cache-control
public, max-age=900
x-goog-stored-content-length
122186
timing-allow-origin
*
cf-ray
7de7d2e248b61865-EWR
expires
Wed, 28 Jun 2023 18:14:28 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ss3gfiwT9vXTSvNlfc+4JQ==
age
84051
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6820
x-ms-lease-status
unlocked
last-modified
Mon, 26 Jun 2023 18:15:29 GMT
server
cloudflare
etag
0x8DB7671529D7907
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f7f39f14-f01e-0180-5767-a83d19000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de7d2e17be443af-EWR
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 17:59:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
6238
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7de7d2e17be643af-EWR
/
www.usmagazine.com/_static/ 		819 B
475 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/_static/??/wp-content/mu-plugins/jetpack-12.2/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css,/wp-includes/css/classic-themes.min.css?m=1687933509
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ff5299bac8d99b98915f626ae498fb6c2fdf8be5441637e614c3b9426a18a7bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 187 443
last-modified
Wed, 28 Jun 2023 06:25:09 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
/
www.usmagazine.com/_static/ 		500 KB
117 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c85d2b35d842845882e0f7cedc77535f8df6d37d737edf45e2e31e049f49d1f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 188 443
last-modified
Wed, 28 Jun 2023 14:49:05 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
/
www.usmagazine.com/_static/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/_static/??-eJyFzs0OgjAQBOAXsm38Az0YH4WUsoGFdhfZbRCfXjQejBeTSebyZTJuHk1gUiB12kECccGPlSemJXGWKjAPCJXgA2wvG7d6pBBzs8p+zS3DtHzKJqS/yCRsJ6/wjX8eZDEzwBAX50VA3xsNirqIbac133e2ztTE16NrumyLU3ku9uXh2D8BMLZNEg==
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cb61c16f39c2271f3045eadea699f7a9f00ac5116cf08c6c747c5167f3a93df7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 188 443
last-modified
Wed, 28 Jun 2023 14:49:05 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
main.css
d3jdulus8lb392.cloudfront.net/ami/us-weekly/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3jdulus8lb392.cloudfront.net/ami/us-weekly/main.css
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:3c00:1c:15e:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d89eb465a5d0e02d640a53fd29b910c7895199cb951824fd3434d3774ae5996

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
nsTnUlc9xNa9ogvDR22r3wOAJkzRzGg3
content-encoding
br
via
1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 17:39:30 GMT
x-amz-cf-pop
EWR53-P1
age
1199
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 26 Jun 2023 20:57:22 GMT
server
AmazonS3
etag
W/"1a876f915360096ddb86f8939a94d26e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=9600
x-amz-cf-id
yfudZo7D831HsTO3E4vRuUSNfztzK1KsU5kqEHE4-bTF754WUYIgaQ==
default-usweekly-square.svg
www.usmagazine.com/wp-content/themes/us-weekly/assets/img/placeholders/ 		314 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/img/placeholders/default-usweekly-square.svg
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
de62a8f0353d9cc0e19e21b644243bc8e880ab5303c3ef2157d5972b962ec69d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 187 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-13a"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
314
Gwyneth-Paltrows-17-Year-Old-Son-Moses-Is-a-Spitting-Image-of-Dad-Chis-Martin-in-New-Photo.jpg
www.usmagazine.com/wp-content/uploads/2023/06/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2023/06/Gwyneth-Paltrows-17-Year-Old-Son-Moses-Is-a-Spitting-Image-of-Dad-Chis-Martin-in-New-Photo.jpg?w=700&quality=86&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
feb6f791e087fb2511ce562a5527eb43d74bfffc2e2d838f9c00d858498230f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 98 226 443
last-modified
Wed, 28 Jun 2023 15:08:04 GMT
server
nginx
etag
"072f9c066685ca9a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
75244
default-usweekly.svg
www.usmagazine.com/wp-content/themes/us-weekly/assets/img/placeholders/ 		354 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/img/placeholders/default-usweekly.svg
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
47a3ca7fb0b14b6f8cfa3cf2f2a9112c35023e800206d6269c8298994082f78e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 188 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-162"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
354
amazon-hally-fluffy-g-hair-gloss-brunettes.jpg
www.usmagazine.com/wp-content/uploads/2023/06/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2023/06/amazon-hally-fluffy-g-hair-gloss-brunettes.jpg?crop=0px%2C115px%2C1977px%2C1117px&resize=300%2C169&quality=86&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
621db7d5171e697c90a37877b2a9b5f17e7a9e8a95837b5239112287232b2d9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 98 228 443
last-modified
Wed, 28 Jun 2023 16:38:35 GMT
server
nginx
etag
"a58812214e214333"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13656
/
www.usmagazine.com/_static/ 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/_static/??/wp-includes/js/underscore.min.js,/wp-includes/js/wp-util.min.js,/wp-content/themes/us-weekly/assets/js/dist/global.bundle.js?m=1687963745j
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f94baedbd7fdb13d99a0e70b929c77ddcbcb9f8374d874f35c8ac71ce9673386

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 188 443
last-modified
Wed, 28 Jun 2023 14:49:05 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
/
www.usmagazine.com/_static/ 		130 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/_static/??-eJydzD0OwjAMBtALkZo/FRgQ4ihpYhVHrlPlc8T1Yeve6W2PvmtI1ZzNKan8CUsPq/ZZDIRPbJwpAuygAsoCp1nrFPWt3BzD1C0rDwUH2lE1TtJS1+hSbbtey/M03m+Py/E8XssPC7Q8pA==
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
730ffd08e76b713e3f7a7c909456513b7b3ac7db307e7914cc21276bc50f6ccc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 187 443
last-modified
Wed, 28 Jun 2023 05:31:04 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
9987f750-83cb-4f92-8a6e-e5100729691b.json
cdn.cookielaw.org/consent/9987f750-83cb-4f92-8a6e-e5100729691b/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/9987f750-83cb-4f92-8a6e-e5100729691b/9987f750-83cb-4f92-8a6e-e5100729691b.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5052630a5db0970c0b38d57eb4fa05b24cfbfb605ffb699848c29e7703a640b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jqR7mHp6F049rjDFxlQltw==
age
4960
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1314
x-ms-lease-status
unlocked
last-modified
Tue, 02 Feb 2021 20:50:15 GMT
server
cloudflare
etag
0x8D8C7BC2453CCAA
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
26f79a2b-f01e-0103-20e1-5a9db4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de7d2e1cdee0f41-EWR
expires
Thu, 29 Jun 2023 17:59:28 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		78 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ed37e392b16dc80c3fe4470e3e48eb831b86dc84531de828b734190073d8062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7de7d2e1fee842ce-EWR
vary
Accept-Encoding
content-type
text/javascript
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7de7d2e1fe6243f4-EWR
access-control-allow-headers
Content-Type
/
sso.ami-admin.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sso.ami-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

aa7
https://www.usmagazine.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.usmagazine.com
content-encoding
gzip
content-type
text/plain;charset=utf-8
date
Wed, 28 Jun 2023 17:59:28 GMT
expires
0
pragma
no-cache
server
nginx
vary
Accept-Encoding Origin
x-cache
MISS
x-ups
192.0.85.188:443
gtm.js
www.googletagmanager.com/ 		241 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2866bf72ce855dbae5e97caa1f0bbb15c84c45dc293d7e9fc8f1c21b99bce98d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78066
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 16:10:35 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Jun 2023 17:59:28 GMT
/
sso.ami-admin.com/ 		54 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sso.ami-admin.com/
Requested by
Host: inline
URL: webpack://inline/./js/src/components/backend/SSOBroker.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d258002e6bf5b80e2bd8165e91081fb8fb9a8d28324fb85bb60ec9615901e65d

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-cache
MISS
x-ups
192.0.85.188:443
vip-config1
true
pragma
no-cache
vip-config4
true
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
vip-config3
true
access-control-allow-headers
Content-Type
expires
0
icon-fb-c.svg
www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/ 		464 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/icon-fb-c.svg
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0e74efc84c8fceb64e0a66290ce35d804b5dc34d7f00096ffa0df17692039faa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 188 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-1d0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
464
icon-instagram-c.svg
www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/icon-instagram-c.svg
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
37fef8fb487483e1373356fd998351d4bbf33d0884f0559e545442dfe26a5127

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 188 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
W/"63c0370b-d80"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=31536000
icon-twitter-c.svg
www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/ 		988 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/icon-twitter-c.svg
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c69b28ef543c2f1158d214173763496dfcb493064c6c287d798961768a5ad9d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 188 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
W/"63c0370b-3dc"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=31536000
icon-tiktok-c.svg
www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/icon-tiktok-c.svg
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
575d0178a366f4bbc25406435d041f8918576dcc5cbbbfa08e8d1085babd4b36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 187 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
W/"63c0370b-24f9"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=31536000
icon-youtube-c.svg
www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/ 		372 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/icon-youtube-c.svg
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
243f2bcf2c71d5484856f8734fd03b1d7ffd24f19367a9e23c3b2d614de97be5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 187 443
last-modified
Mon, 08 May 2023 15:10:19 GMT
server
nginx
etag
"645910db-174"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
372
logo-us-grey.svg
www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/ 		1 KB
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/logo-us-grey.svg
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0bcaf98172476797ce63041c15e5900d30de3269b0fa3be41676809e016b0f02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 187 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
W/"63c0370b-590"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=31536000
truncated
/ 		699 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
337573f33a0c9580fe3dde13e786d91978ab1ef9758db8b3316544a27889920a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
icon-info.svg
www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/ 		925 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/img/svg-icons/icon-info.svg
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bc99a2830c935ad0293cdb0a168ceacfec29c81a868182575d30829fd45a8478

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 187 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
W/"63c0370b-39d"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=31536000
truncated
/ 		534 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88fa10448da1b2ec9c240dfba469ffd6952235cbf6cd69cab1a07f6b9200687c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
FiraSansExtraCondensed-Regular.woff2
www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/fira-sans/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/fira-sans/FiraSansExtraCondensed-Regular.woff2
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
83b8bdb351dd1af975cc436c42a00ba73fbdf3db438de3102af2b105ddd3e231

Request headers

Referer
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 187 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-5750"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22352
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d

Request headers

Referer
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/octet-stream
miller-text-italic.woff2
www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/miller-text-italic/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/miller-text-italic/miller-text-italic.woff2
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d41ebc67d9b80d5262ff504fb6e8571e616a092ab4679986de2d587f2abf867a

Request headers

Referer
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 188 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-6588"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
25992
MuseoSans_300_Italic-webfont.woff2
www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/museo-sans/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/museo-sans/MuseoSans_300_Italic-webfont.woff2
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b71806795f93f6f95a14150373bbd9e2c954bb916d757a383849e1ce7a646c14

Request headers

Referer
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 187 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-4d50"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19792
MuseoSans_500-webfont.woff2
www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/museo-sans/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/museo-sans/MuseoSans_500-webfont.woff2
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f90c4f6b8ca2fca86a58c3c34b24002144a803f6aa0c058d35d4150afc5dd549

Request headers

Referer
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 188 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-4a08"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
18952
MuseoSans_700_Italic-webfont.woff2
www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/museo-sans/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/museo-sans/MuseoSans_700_Italic-webfont.woff2
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
53cba7c582aa45b3c0b2d0bf95ca5f294740e4e87afd6ca0d27340a2ec360b3a

Request headers

Referer
https://www.usmagazine.com/_static/??-eJyVj1EKwjAQRC9kurRqqx/iUSQmSxq7SUo3ofT2plIFUaH+7SzzHgyMvVDBR/QRYosOGRKLEbGjCSQzRgbFDNpyBEPhKqnIeQOZs15R0rgUJLc2m7hw1r8qq9VyiFYR/g+6oBMhf4AuiZ6SsZ7hhrGXqhNlVVTPPnArB9RS6+lxWm9WKy55OHBQVpKgYAK/ha/7f6nmGctjZs7uVNaH5lhvm93+Dg1qlwU=
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 188 443
last-modified
Thu, 12 Jan 2023 16:36:27 GMT
server
nginx
etag
"63c0370b-4dc4"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19908
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.13.0/ 		366 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
pY8Rr438h7Vb2adEFDW1VA==
age
49660
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
82575
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:38:02 GMT
server
cloudflare
etag
0x8D8C35FA49267C6
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6a6a4dfe-901e-00bd-20e1-5ace6a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de7d2e29d1d43af-EWR
Gwyneth-Paltrows-17-Year-Old-Son-Moses-Is-a-Spitting-Image-of-Dad-Chis-Martin-in-New-Photo-02.jpg
www.usmagazine.com/wp-content/uploads/2023/06/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2023/06/Gwyneth-Paltrows-17-Year-Old-Son-Moses-Is-a-Spitting-Image-of-Dad-Chis-Martin-in-New-Photo-02.jpg?w=700&quality=86&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7b65e8b75dd036ce71ec20943f147ec54021438d52cf3e6e7ea7df26b3298f41

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 100 143 443
last-modified
Wed, 28 Jun 2023 15:08:06 GMT
server
nginx
etag
"9334ba8b996bf3d2"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
121246
global-alerts
www.usmagazine.com/wp-json/ami/v1/ 		2 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-json/ami/v1/global-alerts
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyFzs0OgjAQBOAXsm38Az0YH4WUsoGFdhfZbRCfXjQejBeTSebyZTJuHk1gUiB12kECccGPlSemJXGWKjAPCJXgA2wvG7d6pBBzs8p+zS3DtHzKJqS/yCRsJ6/wjX8eZDEzwBAX50VA3xsNirqIbac133e2ztTE16NrumyLU3ku9uXh2D8BMLZNEg==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26
x-cache
hit
content-length
22
x-rq
jfk2 85 188 443
server
nginx
allow
GET
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex
link
<https://www.usmagazine.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
posts
www.usmagazine.com/wp-json/wp/v2/ 		643 KB
99 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-json/wp/v2/posts?per_page=20&page=1&exclude=3328688&ami_syndication_exclude=true
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyFzs0OgjAQBOAXsm38Az0YH4WUsoGFdhfZbRCfXjQejBeTSebyZTJuHk1gUiB12kECccGPlSemJXGWKjAPCJXgA2wvG7d6pBBzs8p+zS3DtHzKJqS/yCRsJ6/wjX8eZDEzwBAX50VA3xsNirqIbac133e2ztTE16NrumyLU3ku9uXh2D8BMLZNEg==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1ee7160c3c4c17090073ec7436f22058d54461e105c236af32fb079ccdafa506
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
x-cache
grace
content-length
100831
x-rq
jfk2 85 187 443
server
nginx
x-wp-totalpages
9156
allow
GET
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=60
x-wp-total
183106
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link
<https://www.usmagazine.com/wp-json/wp/v2/posts?per_page=20&page=2&exclude%5B0%5D=3328688&ami_syndication_exclude=true>; rel="next"
Vanderpump-Rules-Producer-Confirms-Its-A-Distinct-Possibility-Alums-Might-Appear-on-Season-11-Conversations-About-Raquel-Leviss-Future-Are-Ongoing.jpg
www.usmagazine.com/wp-content/uploads/2023/06/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2023/06/Vanderpump-Rules-Producer-Confirms-Its-A-Distinct-Possibility-Alums-Might-Appear-on-Season-11-Conversations-About-Raquel-Leviss-Future-Are-Ongoing.jpg?crop=0px%2C111px%2C2000px%2C844px&resize=180%2C76&quality=86&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8ac43d8b47d5b7ae40a6525b796995b9562225ac7da179fe59152a22b9272c1e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 99 172 443
last-modified
Fri, 23 Jun 2023 12:58:22 GMT
server
nginx
etag
"7b943a80cf18450a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5814
Natalie-Portman-Benjamin-Millepieds-Relationship-Timeline-009866.jpg
www.usmagazine.com/wp-content/uploads/2022/06/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2022/06/Natalie-Portman-Benjamin-Millepieds-Relationship-Timeline-009866.jpg?crop=2px%2C27px%2C1198px%2C507px&resize=180%2C76&quality=86&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ae1f2e2fa4f079a9e419c736c99ff0b4f74544ffa06cecafbd175c0ff15da418

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 98 226 443
last-modified
Fri, 23 Jun 2023 12:58:22 GMT
server
nginx
etag
"518ef3074044475b"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2700
Grease-Rise-Pink-Ladies-Everything-Know-00001.jpg
www.usmagazine.com/wp-content/uploads/2023/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2023/02/Grease-Rise-Pink-Ladies-Everything-Know-00001.jpg?crop=0px%2C0px%2C1200px%2C506px&resize=180%2C76&quality=86&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
48f5b52e1517a4d123f9d7840a728c3fdc9e5c2cb054eca1422e18bee7d6da8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 98 228 443
last-modified
Fri, 23 Jun 2023 18:36:40 GMT
server
nginx
etag
"426a303696458999"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5094
November-2020-Gwyneth-Paltrows-Cutest-Photos-With-Daughter-Apple-and-Son-Moses.jpg
www.usmagazine.com/wp-content/uploads/2022/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2022/08/November-2020-Gwyneth-Paltrows-Cutest-Photos-With-Daughter-Apple-and-Son-Moses.jpg?crop=0px%2C0px%2C1440px%2C814px&resize=200%2C113&quality=40&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ce5a952adef5b56217d82720907c3c7f5d68986dfdefb23e17bfa9d5478dbf5a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 98 228 443
last-modified
Tue, 27 Jun 2023 17:34:05 GMT
server
nginx
etag
"326f3577c7989941"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4772
Mortifying-Mom-With-Apple-and-Moses-Gwyneth-Paltrow-Instagram-Gwyneth-Paltrow-Instagram-Gwyneth%E2%80%99s-Paltrow-Greatest-Quotes-About-Parenting.jpg
www.usmagazine.com/wp-content/uploads/2020/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2020/04/Mortifying-Mom-With-Apple-and-Moses-Gwyneth-Paltrow-Instagram-Gwyneth-Paltrow-Instagram-Gwyneth%E2%80%99s-Paltrow-Greatest-Quotes-About-Parenting.jpg?crop=0px%2C89px%2C1080px%2C610px&resize=200%2C113&quality=55&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
929bde64062a8c8f26323edac63c768b6133a3c506194eb112144825b5071986

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 98 228 443
last-modified
Tue, 27 Jun 2023 17:34:05 GMT
server
nginx
etag
"60442baa42138bd9"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3886
en.json
cdn.cookielaw.org/consent/9987f750-83cb-4f92-8a6e-e5100729691b/17765c06-7115-4049-b3a6-d139ea2c53eb/ 		119 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/9987f750-83cb-4f92-8a6e-e5100729691b/17765c06-7115-4049-b3a6-d139ea2c53eb/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
780c7c6515ad27da44fe075ce34d62664980d31778d63dc3fc11d2fbd37a9d9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FVA7Wjy/5DtsxXtMMLi8SQ==
age
4959
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
19616
x-ms-lease-status
unlocked
last-modified
Tue, 02 Feb 2021 20:50:50 GMT
server
cloudflare
etag
0x8D8C7BC39328024
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b3fd6328-901e-00d0-48e1-5a6444000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de7d2e3d82b0f41-EWR
expires
Thu, 29 Jun 2023 17:59:28 GMT
b9c1b634-dfe7-4bdd-b0b8-e750056893c3
https://www.usmagazine.com/ 		122 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.usmagazine.com/b9c1b634-dfe7-4bdd-b0b8-e750056893c3
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a754bc24d22c9c3473f032bb45c4fecbb1d9562ee00399e2c9f11a883a3a4ea

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
124613
Content-Type
Jon-Hamm-and-Fiance-Anna-Osceola-timeline.jpg
www.usmagazine.com/wp-content/uploads/2023/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2023/03/Jon-Hamm-and-Fiance-Anna-Osceola-timeline.jpg?crop=0px%2C16px%2C1334px%2C1334px&resize=100%2C100&quality=86&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
389b852b4654329fedd267a6e75124ba9290509ed61fa8c045bd3e722c932db4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 98 226 443
last-modified
Sun, 25 Jun 2023 21:21:59 GMT
server
nginx
etag
"6a71b3097e84e369"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3496
wayfair-fourth-of-july-clearance.jpg
www.usmagazine.com/wp-content/uploads/2023/06/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2023/06/wayfair-fourth-of-july-clearance.jpg?w=100&h=100&crop=1&quality=86&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9fcf46e6d29ccabdd61a69757b32ff1c27e45333f9ce3bdb4e72c02a98899745

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 102 32 443
last-modified
Wed, 28 Jun 2023 17:18:14 GMT
server
nginx
etag
"b8a7214be610c74c"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3220
Macaulay-Culkin-wants-babies-with-Brenda-Song.jpg
www.usmagazine.com/wp-content/uploads/2018/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2018/08/Macaulay-Culkin-wants-babies-with-Brenda-Song.jpg?crop=0px%2C0px%2C1560px%2C1560px&resize=100%2C100&quality=86&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
09056472c937f1a25d7ea4660cf85a034b824b14934f3ed1f32a200d151be446

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 102 93 443
last-modified
Wed, 28 Jun 2023 17:15:36 GMT
server
nginx
etag
"10b4552444123f89"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3834
Nathan-Kress-Welcomes-3rd-Child-With-Wife-London-Elise-Moore.jpg
www.usmagazine.com/wp-content/uploads/2023/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2023/06/Nathan-Kress-Welcomes-3rd-Child-With-Wife-London-Elise-Moore.jpg?crop=197px%2C121px%2C2434px%2C2435px&resize=100%2C100&quality=86&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
924d41695d2b1f0d463255707d1f8e99069df3fe358888c1659294e4d113493f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 98 226 443
last-modified
Wed, 28 Jun 2023 17:12:12 GMT
server
nginx
etag
"1b8a08d257b49efd"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3856
Celebs-Who-Wore-White-to-Weddings-Featured.jpg
www.usmagazine.com/wp-content/uploads/2023/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/wp-content/uploads/2023/06/Celebs-Who-Wore-White-to-Weddings-Featured.jpg?w=100&h=100&crop=1&quality=86&strip=all
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
94bf4c1ecd3ec3660e2ae5a924d53736f304e22ca504b738dc00bf07bea118a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 98 226 443
last-modified
Wed, 28 Jun 2023 17:10:05 GMT
server
nginx
etag
"40f1ff6f1d9daa3b"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3790
admin-ajax.php
www.usmagazine.com/wp-admin/ 		33 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-admin/admin-ajax.php?action=get_client_id&clientId=1687975168629.6372
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/_static/??-eJyFzs0OgjAQBOAXsm38Az0YH4WUsoGFdhfZbRCfXjQejBeTSebyZTJuHk1gUiB12kECccGPlSemJXGWKjAPCJXgA2wvG7d6pBBzs8p+zS3DtHzKJqS/yCRsJ6/wjX8eZDEzwBAX50VA3xsNirqIbac133e2ztTE16NrumyLU3ku9uXh2D8BMLZNEg==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
81bbfd4874c23a9d489b68553f49c238a6b9bbbcbcba63a942fa207cd22222c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
x-rq
jfk2 85 187 443
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
server
nginx
age
0
x-frame-options
SAMEORIGIN
x-cache
miss
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
accept-ranges
bytes
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
ajax-onload.js
www.usmagazine.com/wp-content/themes/ 		1 KB
531 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/themes/ajax-onload.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
79e0c771ccda3e23329adb2ee69244aebd0e5df9a026f5fe5668ffa12c54b29a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 188 443
last-modified
Thu, 12 Jan 2023 16:36:26 GMT
server
nginx
etag
W/"63c0370a-41e"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
hotjar-2827223.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2827223.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
c811955784aedcb4791d009cba69611364fd270231d2360e37b550ef43f52d3d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 28 Jun 2023 17:59:07 GMT
via
1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
38
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/aac58e3912f3ec831707b57df99cd41b
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
ozJJaJPPO4nGlKJYw0fwkEd9pLhNxCI3qaHY_Kzr1t_GCTS06pPcsw==
0822.js
script.crazyegg.com/pages/scripts/0017/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0017/0822.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e96c585b9021ed98e1a58f73d547f0073023729eea14a56f611a1c2514caf879

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
cf-cache-status
HIT
age
76309
cf-polished
origSize=6063
ce-version
11.5.89
cf-bgj
minify
last-modified
Tue, 27 Jun 2023 20:47:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
7de7d2e45d374246-EWR
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Jun 2023 16:11:08 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6500
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 28 Jun 2023 18:11:08 GMT
fbevents.js
connect.facebook.net/en_US/ 		170 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 28 Jun 2023 17:59:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46730
x-xss-protection
0
pragma
public
x-fb-debug
Kd+3p4kyIMz4EmVsSd9E06pXUK5tfYdM5lSrITOjZzW2oEm1GSXkHk8O0eHKuWqCLOPCzI7EBHrgokavrL1Mmw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
sp_uQNsaV6x
launcher.spot.im/spot/ 		87 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_uQNsaV6x
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-117.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d53949c121ba2d2dacbaf1e2f4d3ca77558e4fbbb520daa18ae08d9f682a82c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
cDjftbqTYYEz0nnzmYSycAb6qYNVyebW
content-encoding
br
via
1.1 827e4274db61b1bc4aa840491aa652a0.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 17:57:28 GMT
x-amz-cf-pop
JFK50-P8
age
120
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22203
last-modified
Wed, 28 Jun 2023 08:13:24 GMT
server
AmazonS3
etag
"613f2d0d13f20d9f2e7db6530d29eed6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
DdBynXxcVABcUIDVqgZjFWybssieIjVqFQInvQVL9rI23j1tz3cN_g==
a-0138.min.js
b-code.liadm.com/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-0138.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:4000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7fa61d8a9642873e198df942f181d6e575e9144b819582d2541d0079ca984941

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:30:18 GMT
content-encoding
gzip
via
1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
37750
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
HbN9eOMTzy-3DfX3ZFjEETj7GqaNLSRtfl1W2pd3eXB22jxGS4d4KQ==
tag
btloader.com/
Redirect Chain
  • https://americanmediainc-com.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=americanmediainc-com&upapi=true
16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=americanmediainc-com&upapi=true
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da2ebf9d6f73baff6598530178f2f356e186e15350b359585453f8810370b6e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Jun 2023 17:45:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
864
etag
W/"b06762ef85c52430fdc112d71b5e9e08"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcOdT%2FLG7XsL3TCVQ7M528nootrhOyvFDT1tajivkoxjUb%2FPgJi2FSQ6gzxa%2B%2F2RyUw62zDHxgg%2F4rFQGuqUzA7IH49P1suV%2FUYMmPWasYzTXnGEaLkKr%2FkO2xFgj1DuVtaOT29srGz5aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7de7d2e49e678c8f-EWR

Redirect headers

date
Wed, 28 Jun 2023 17:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFFwgaK3J4RqBlSJuTIj8k3tbg29yjU9mGNapWHfS3wY1MPTMvXsUZTe70bRLMLrlur1S54C6chcVO%2BFfOLQyOHOdxgkDFLlYi2UOj12fIbQvJDd2uSLA2vuqpwVgyWTVEZAzY56OfDN3%2FAWkITrYHVR7weuDS2liEAHL%2BR1a9%2FPaeZV2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=americanmediainc-com&upapi=true
cache-control
max-age=3600
cf-ray
7de7d2e459978c42-EWR
expires
Wed, 28 Jun 2023 18:59:28 GMT
amilink_t58ukgasdjkf95_us_weekly.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/amilink_t58ukgasdjkf95_us_weekly.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:5e00:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
685c873fc702405efc23927dcb56a06fb9256eca77605fd5056f9ebac23392fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 16:12:43 GMT
content-encoding
gzip
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 08:20:58 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop
EWR50-C1
age
6410
etag
W/"1d12a-5f1d0726d2870"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-id
dOI9RaCHCMud3p2x9sTjU2o7j09k4yj_u0fCBXPVa0PRcwz95XH9pw==
americanmedia.js
cdn.blueconic.net/ 		132 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.blueconic.net/americanmedia.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-117.jfk50.r.cloudfront.net
Software
- /
Resource Hash
ebbdf01fe4620dcaf3b326d54800c5a98bfab1bf53a49a67562125d054a52765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 ae4e162eb9c0a598fcb6475e70daa530.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
JFK50-P6
age
417
x-cache
Hit from cloudfront
content-length
40885
x-xss-protection
1; mode=block
last-modified
Wed, 07 Jun 2023 09:30:16 GMT
server
-
etag
"21168-5fd86c8976fb0-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=600, s-maxage=500
accept-ranges
none
x-robots-tag
noindex, nofollow
x-amz-cf-id
dJ17GoT0r2sR38tUwmyqozBpipP2Z3o9bHIf6KlyksFBU2CRSAuuIg==
load.js
s.ntv.io/serve/ 		575 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.185.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-185-74.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7d69ed536b619975823f9e72c794edd4b7f907c2311d87334c1b67f95a24fd2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:28 GMT
Content-Encoding
gzip
x-amz-request-id
QX1Q48WS958ND8QD
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
fKFRjcdAkSFgxeHUq9r/uPL7l7/0t4UjP0HUNc6LOOS/6HGBFlXuLE01WrZS3lgBQFXDc9zHpw0=
Last-Modified
Fri, 23 Jun 2023 17:38:41 GMT
Server
AmazonS3
ETag
"dbddef451863f6fa959b298b0d15be05"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
aem.js
wsmcdn.audioeye.com/ 		1020 B
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wsmcdn.audioeye.com/aem.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

cache-tags
date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
br
surrogate-keys
cf-cache-status
HIT
server
cloudflare
age
2827
etag
W/"c5f5d23dbd841fb0868078e4bfbbd713"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3600
cf-ray
7de7d2e49948c337-EWR
209
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/209?url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&ref=https%3A%2F%2Fnews.google.com%2F
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9c14d24e9131594413ba0310320164dcca2498dd06902364d42f2471414b73e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 28 Jun 2023 17:11:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7de7d2e49bdf41db-EWR
/
users.api.jeeng.com/users/domains/5OWnX5XlrL/sdk/ 		528 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/5OWnX5XlrL/sdk/
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
68676052d86e90da1d5bed34e11b56326e546335795bdcb02c02de5b4cfd031c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
209
x-powered-by
Express
etag
W/"83f4b-DFwZ4CQ1j3FcDItTTTZlyBl8sKI"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7de7d2e4ac13c356-EWR
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6036076/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol
H2
Server
18.164.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-18.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:51:22 GMT
content-encoding
gzip
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 10:02:11 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
487
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
n_JQU-ufVsAh-ReH-iYTDiGlvI37MDvHOQLmUxe9n2cqibqixICiUA==

Redirect headers

date
Wed, 28 Jun 2023 17:59:28 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
TY8zwMJgsmGmf-qjqPZBRxBl5yNohhlXyiGJmG45_iHm_ECSkYwdxg==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:f200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 16:37:14 GMT
content-encoding
gzip
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:35:23 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
4934
etag
W/"649b804b-9482"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
yUP6RhMlINjxDR5foq1dn2s37Op21wSkLi5MKs2HX77w-WfRWxiArQ==
expires
Wed, 28 Jun 2023 18:37:14 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:f200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 16:39:00 GMT
content-encoding
gzip
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
4828
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
zdx0Nb_zwfpIoKOSvO5WT2t4BezFZRJ7vL14EYdjUhR0Ut4OrSrqrA==
expires
Wed, 28 Jun 2023 18:39:00 GMT
embed-feed.js
asset.fwpub1.com/js/ 		511 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwpub1.com/js/embed-feed.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.46.168 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
168.46.149.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
ded3a84cedbddde48580c51e30f3a2552256c3e0aae5355d7cb44d9082c79a77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Wed, 28 Jun 2023 01:27:07 GMT
x-amz-request-id
R18AXWCFJM3VBC6G
age
59541
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133601
x-amz-id-2
9RXD2VlWIDAtDGgORJ1Q922h+KW5C1BW4yZieBSBwOtulax+kGc5HsI3FXU55iKj6Kb3J8eRT8Y=
last-modified
Tue, 27 Jun 2023 16:41:55 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"30bd63d1a48f16581cb8e3852b331328"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
events.js
tags.srv.stackadapt.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.202.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-202-51.compute-1.amazonaws.com
Software
/
Resource Hash
dc071163381b41ae55f8543563c0bea216dc747d128612418032ea520d6ebf9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:28 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/ac133c70-cf84-4566-8cbb-2f8f9d8f8a4f/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/ac133c70-cf84-4566-8cbb-2f8f9d8f8a4f/launchpad-liveramp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-111.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fa1915a33ca7dc6702e03b751ff528af2b22bb479bfedba4e49f5b60e6242ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
ER6ko3bu_5rLMyKTEWgVW_CyOuyTki4Q
content-encoding
gzip
via
1.1 2da1a465458d2c4bd692e693d75f0780.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 17:02:03 GMT
x-amz-cf-pop
JFK50-P8
age
3446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Thu, 09 Mar 2023 18:16:07 GMT
server
AmazonS3
etag
W/"e6255af88bacf8d2a3c4a15c73968a43"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
JQVCoyFpfrflGbnr7Z60slHaAxGTqHwMqe8TfVA0Gqp7z-bMFNcU-w==
ta.js
static.trueanthem.com/scripts/ 		731 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.trueanthem.com/scripts/ta.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4887 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89bd39b2a848d8ef9910066b7c39e9742cc47bd2cf700c273e026c3f60d213d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3597
x-guploader-uploadid
ADPycdvOEHEIr5bvG2qZPD6bLGimtB_ZCGJyuhqNoCUrYpgABgCYNvjuLK4qlbLvvsEg3mZo3B3JEEPMuOisWkSrfVR9BHDTo_1M
x-goog-storage-class
STANDARD
content-encoding
br
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 03 Apr 2023 04:25:23 GMT
server
cloudflare
etag
W/"2d510096ac78a0ff3a40edae5d9c0c92"
vary
Origin, Accept-Encoding
x-goog-generation
1680495923461532
content-type
text/javascript
x-goog-hash
crc32c=cFyq6Q==, md5=LVEAlqx4oP86QO2uXZwMkg==
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9jEC2gmonf56iky7HsiQ8WLpr8EsGb5rAl2%2B%2Fd43fPvlJXjzDObW7KICdhvtTTiRU%2B3aVPOo229g5YaE36IQgn9f%2FNVJnSMtm0e5L1u%2FsvBBAQKVFAB5UNTS9eRMxfu8nbW%2B115V1W7ulLhvZt631Urgg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
731
cf-ray
7de7d2e4cb753354-EWR
expires
Wed, 28 Jun 2023 17:35:43 GMT
js
www.googletagmanager.com/gtag/ 		238 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F3LK00X4WN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W458SDT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
689d603c415ca4ce9834b9c536b917781d1690b7e96ceadcb638158138f43f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85371
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Jun 2023 17:59:28 GMT
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.13.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19c68177806d520a04ae71ded68085e5eef7f05b209ec4896efafb0f164432d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
L0sZwKqEvb9GD/IAcZBCVQ==
age
5040
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2421
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:37:53 GMT
server
cloudflare
etag
0x8D8C35F9F60BD54
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6d4ad216-a01e-0079-2fe1-5ab1ac000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de7d2e458ab0f41-EWR
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.13.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92c705f444d62f823dc852694d8faabc0afc96f642a90ff7e0c775d29689e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XgZ1072786ARG8nL7PvF5w==
age
5018
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14950
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:37:53 GMT
server
cloudflare
etag
0x8D8C35F9F46A0FE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
fd957867-f01e-0108-11e1-5a85c0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7de7d2e458ac0f41-EWR
8578
dot.dm-io.com/dot/ 		43 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dot.dm-io.com/dot/8578?cbust=2800841790022055&url_path=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.61.164.192 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:28 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
content-length
43
expires
-1
/
sso.ami-admin.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sso.ami-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

aa7
https://www.usmagazine.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.usmagazine.com
content-encoding
gzip
content-type
text/plain;charset=utf-8
date
Wed, 28 Jun 2023 17:59:28 GMT
expires
0
pragma
no-cache
server
nginx
vary
Accept-Encoding Origin
x-cache
MISS
x-ups
192.0.85.187:443
/
sso.ami-admin.com/ 		34 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sso.ami-admin.com/
Requested by
Host: inline
URL: webpack://inline/./js/src/components/backend/SSOBroker.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
47cad6e1011328c9c6faf39daff7d8e1073f1c463b13d631d5a7571624b62576

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-cache
MISS
x-ups
192.0.85.188:443
vip-config1
true
pragma
no-cache
vip-config8
true
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
vip-config6
true
access-control-allow-headers
Content-Type
expires
0
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=266989181&t=pageview&_s=1&dl=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&dr=https%3A%2F%2Fnews.google.com%2F&ul=en-us&de=UTF-8&dt=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=885938014&gjid=269825878&cid=730203721.1687975169&tid=UA-371249-1&_gid=450072351.1687975169&_r=1&_slc=1&gtm=45He36q0n81W458SDT&cd2=Chris%20Martin%2CGwyneth%20Paltrow&cd4=Paige%20Strout&cd5=2023%2F06%2F28&cd6=article&cd15=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F114.0.5735.198%20safari%2F537.36&cd17=celebrity%2Ccelebrity%20dads%2CCelebrity%20Kids%2Ccelebrity%20moms%2Ccelebrity%20news%2CNews&cd20=zhNYySv2&cd25=off&cd26=off&cd37=off&cd38=off&cd41=off&cd48=0&cd49=off&cd50=off&cd51=off&cd52=disabled&z=2051034602
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
777751349286416
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/777751349286416?v=2.9.109&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c7b1d929c45ffb8cc949910e8ff37ca8a2d5107ff1229485ad0717f3b9d579f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 28 Jun 2023 17:59:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88008
x-xss-protection
0
pragma
public
x-fb-debug
/PRgOs8+2dqM/KwMJoIQ01Zk7Ob8TfWfrL7DV9dTz1i15WzGig8s1okIw7QIx7UHhJBcZjRSsT74E1oK0Y5dtw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee28cbbd302aa025c467a05450c312f05fd555df40bdec41c970508fb1f6c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26083
x-xss-protection
0
server
cafe
etag
488 / 19536 / 31075705 / config-hash: 10905478484433163587
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Jun 2023 17:59:28 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-98.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 27 Jun 2023 17:38:17 GMT
Content-Encoding
gzip
Via
1.1 c05b7ff061569d914bb28a2bfaa77d34.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P8
Age
87672
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
0UQP3iXT3V3ViRy4IXvnqqVb9VbdZ71j7B0-AYb-LJK_3dD399pMbQ==
apstag.js
c.amazon-adsystem.com/aax2/ 		236 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:11:03 GMT
content-encoding
gzip
via
1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront), 1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 18:14:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
2906
x-amz-server-side-encryption
AES256
etag
W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
iZW8FBsYgsgmiZUrLxhe-YHJx8229eYTcoJNk_i5itiAoPabDX3EPA==
main.js
d3jdulus8lb392.cloudfront.net/ami/us-weekly/ 		239 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3jdulus8lb392.cloudfront.net/ami/us-weekly/main.js?template=article
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:3c00:1c:15e:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19bbeb1a5751c1459d22cb7efef4981bbcb2d0a9ed2e7029f9cec4dbfe22bd6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
ixs9fJPCkjhMxFDMSBO3.Du1qR9rKwkl
content-encoding
br
via
1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 17:00:04 GMT
x-amz-cf-pop
EWR53-P1
age
3565
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 26 Jun 2023 20:57:22 GMT
server
AmazonS3
etag
W/"92f36eaaa60e0552ec585a5a418ed99b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=9600
x-amz-cf-id
9JlcOcy1ojE3_PjefpUQR0rmukfF85izrBUDHdEtNpjwmYTklWu1xQ==
iris-context.min.js
ovp.iris.tv/libs/context/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/context/iris-context.min.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:8c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cec2c1b07ec561c19dbb290120711abfcfffc93359080ab3760af6119a364bad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
slqHeAfcx7ypAfjiCBQaUewyYpq955Ao
content-encoding
gzip
via
1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 16:24:19 GMT
last-modified
Tue, 23 Mar 2021 20:29:32 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
5710
etag
W/"7715a659dc0df79086ae769c891dfd9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
IaPkVWb7U7Bo6K9NMMBY9QD974sLx6Jdg-mfq8TkEGnkHPzE89hkcA==
zhNYySv2.js
content.jwplatform.com/libraries/ 		120 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/zhNYySv2.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:ca00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
b83f2f4d949df8230f25a380119610037902019b097f5e778573140c5b21fa5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:57:21 GMT
content-encoding
gzip
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
age
127
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
45041
x-amz-cf-id
84lwKZd8apMcs2ftbnOuwkuQgNx6Zq5avfD6CvGdLGeihp7cuZOMGg==
/
www.usmagazine.com/wp-json/ami/v2/jwplayer/ 		32 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-json/ami/v2/jwplayer/?media_hash=RdEySYYI&player_hash=zhNYySv2&post=3328688
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d6198e8ebc377e2699e4141c15ebb211570c6b9bb4c2d77ab49863bcb2ef22c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
x-cache
grace
content-length
6124
x-rq
jfk2 85 188 443
server
nginx
allow
GET
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex
link
<https://www.usmagazine.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
vans-adapter-google-ima.js
static.adsafeprotected.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 23:14:37 GMT
x-amz-version-id
4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding
gzip
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
413092
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 19:25:58 GMT
server
AmazonS3
etag
W/"8ec0c211dda60907ae57f46e621bc794"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
snVlRPoZ2oKGnq_cUJf5fVUEKErp18MOAwsaLZt3V0xHVmMDeG-Eow==
overlayRecircWidget.bundle.js
www.usmagazine.com/wp-content/client-mu-plugins/shared/assets/js/dist/ 		2 KB
975 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/client-mu-plugins/shared/assets/js/dist/overlayRecircWidget.bundle.js?ver=6.1.3
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a15aab84ddbb3c2aa79395b3aeeff7156c94f0638a9032776ec5b6b139370252

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 188 443
last-modified
Wed, 10 May 2023 12:00:23 GMT
server
nginx
etag
W/"645b8757-7fd"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
sharing.min.js
www.usmagazine.com/wp-content/mu-plugins/jetpack-12.2/_inc/build/sharedaddy/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/mu-plugins/jetpack-12.2/_inc/build/sharedaddy/sharing.min.js?ver=12.2.1
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
x-rq
jfk2 85 187 443
last-modified
Wed, 28 Jun 2023 06:25:08 GMT
server
nginx
etag
W/"649bd244-2259"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
pxid
410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co/v2.0/ 		46 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co/v2.0/pxid?k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
3e1040f4720feb001da351f1c8aaf1b1b856f35473ebf52090628f93937df6ba

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:28 GMT
AN-X-Request-Uuid
5024c294-0138-4394-93ca-9619b197eaab
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.usmagazine.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
410f7cce-1402-4d0e-8d36-f430b2eb2066-models.bin
cdn.permutive.com/models/v2/ 		42 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/410f7cce-1402-4d0e-8d36-f430b2eb2066-models.bin
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f8e35589dbd80c8a43b0ec4e64de655a0f756593959a59f88268c3a7dfe5d12

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
410f7cce-1402-4d0e-8d36-f430b2eb2066
age
0
x-guploader-uploadid
ADPycdv2RtHvt32QhtosssYXyepQrwiKszruggsaHh9lF1c4eCclhso5CamfqI3fULuyw9Df915gr7Mslvuo4ZlMjxjZGQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
28704
last-modified
Mon, 26 Jun 2023 06:02:26 GMT
server
cloudflare
etag
"6ab55af14102076439fa2c959a000698"
vary
Accept-Encoding
x-goog-generation
1687759345997271
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=oTtU+g==, md5=arVa8UECB2Q5+iyVmgAGmA==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
28704
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7de7d2e5cfc34232-EWR
expires
Wed, 28 Jun 2023 17:34:41 GMT
geoip
api.permutive.com/v2.0/ 		283 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44f8db9dea006b836013439ae18ad01343ca533e1457074d0b6c38dc69e5ceed

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186
watson
api.permutive.com/v2.0/ 		386 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
5bacca7c383955020718295a26c35077dcea7b6566834242f56519f7d6370bb3

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
collect
stats.g.doubleclick.net/j/ 		2 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-371249-1&cid=730203721.1687975169&jid=885938014&gjid=269825878&_gid=450072351.1687975169&_u=YEBAAEAAAAAAACAAI~&z=1590392563
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 28 Jun 2023 17:59:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
direct-events-collector.spot.im/api/v2/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_uQNsaV6x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-41.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:29 GMT
via
1.1 fcce23e7f4e791fa67223a305c4debb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-amz-cf-id
D5VtsVNso2ZFSrMidxTMH3TycxlFdMVEEdhMjT1DAMUKFlt9q8JROA==
x-cache
Miss from cloudfront
971-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.6.8/launcher/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.6.8/launcher/971-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_uQNsaV6x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-84.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
111ea971c9137340b54e629d8ec11f8c522353ac3c1b5d2b2b140703fa9ea6ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 29 May 2023 12:36:29 GMT
content-encoding
br
via
1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
x-amz-version-id
4wtbLwdFhMMvDcV8r4YL8kn3vGIs3.O4
x-amz-cf-pop
EWR53-C3
age
2611381
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
19967
last-modified
Wed, 24 May 2023 11:52:20 GMT
server
AmazonS3
etag
"38b932d11d170d281c29e994569e157e"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
RQ31naVnncJusOnwGyXBpYoxBqE1qMJzc6LXzbWCYhLf0CnRbQornQ==
561-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.6.8/launcher/ 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.6.8/launcher/561-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_uQNsaV6x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-84.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6efa153451100e1a6052c7ab4d52f1094cda9423bd4ff15f9467c4588b51ef08

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 29 May 2023 12:36:29 GMT
content-encoding
br
via
1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
x-amz-version-id
rcSIyanRErHb9ddAzKhqip6Z6jW_3WhV
x-amz-cf-pop
EWR53-C3
age
2611381
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
28292
last-modified
Wed, 24 May 2023 11:52:20 GMT
server
AmazonS3
etag
"781088232aefc3a994b919c976782c30"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
b-I9kzxo2gPQfrC8cc90OgPkm5qCCpjhkBuvPu7RjvVJlwe1MbAG6g==
857-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.6.8/launcher/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.6.8/launcher/857-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_uQNsaV6x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-84.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0360c1b7783d7c950d76f7eb1a7e587821c55902467aaa1f86a67c670f07b63c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 24 May 2023 15:15:54 GMT
content-encoding
br
via
1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
x-amz-version-id
kIi5qgMS7tiFM9jgE5PkiLKHs3Ad82fa
x-amz-cf-pop
EWR53-C3
age
3033816
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
2918
last-modified
Wed, 24 May 2023 11:52:20 GMT
server
AmazonS3
etag
"e51afba4e7ac79ace6bdb3780f35e7a5"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
yXFdm12zGdwJ9ymTehjU6XuDIPeBiSXagd86HPvkB8lTqvz642yc2Q==
initial-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.6.8/launcher/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.6.8/launcher/initial-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_uQNsaV6x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-84.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b154f757a58c493385b36b163304495730459908cc98df836e3703781d2a197

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 29 May 2023 12:36:29 GMT
content-encoding
br
via
1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
x-amz-version-id
dTwDV2V_Y9AianEuTKwJFI957RpWrrK.
x-amz-cf-pop
EWR53-C3
age
2611381
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
8661
last-modified
Wed, 24 May 2023 11:52:20 GMT
server
AmazonS3
etag
"889735df59beb6eafca299ca54613c53"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
lXmmnT3aQnM0QOG8iPwvLGLtzlZ1mkRRYmkFSZWHcjQPlll4IokwpA==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_uQNsaV6x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-74.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 03:33:57 GMT
via
1.1 94fb69b274bb5ab206667cb69fcc5932.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
age
51932
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
0
x-amz-cf-id
NP5T0gHoHZhO7z2J-fNca8ld9Tg4QPsPR6WATJrhdM0riur30J5A-Q==
www.usmagazine.com.json
script.crazyegg.com/pages/data-scripts/0017/0822/site/ 		960 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0017/0822/site/www.usmagazine.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0017/0822.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dceaed91172e8181a7f412471822e86318f178a391170cb81f07824c2c1bf0b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:28 GMT
content-encoding
gzip
cf-cache-status
HIT
age
76315
ce-version
11.5.89
content-length
440
last-modified
Tue, 27 Jun 2023 20:47:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7de7d2e5fdf0c42f-EWR
modules.710fa773759992ae5199.js
script.hotjar.com/ 		270 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.710fa773759992ae5199.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2827223.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
8e4eb2fbe2428b73be6461073a48b2059abde0936219b8c1b2cc4b7dfbd85d83
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 13:19:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 57a5349e40888d521545fc9b83f270a4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
448822
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
70212
last-modified
Fri, 23 Jun 2023 13:18:24 GMT
etag
"c0d8da1fc28983e2914d2514d6175f9a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
U1OyDvuD7eRBUn-6DciLkiKRwERHDIv6oeJ7uaR8owoHr_WJx2bShQ==
sync-container.js
b-code.liadm.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-0138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:4000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 11:53:52 GMT
x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
content-encoding
gzip
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
via
1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
etag
W/"ae5e94de938b0387eda6df8f20da811a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=2592000
age
1922736
x-amz-cf-id
FNrWCeKGMWV8kUW9sFm8HsiqjzHiMxPy7U23cRWMWowutVlJttatWQ==
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
79c5048c-bce1-4d4d-a073-cd160924f953
https://www.usmagazine.com/ 		122 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.usmagazine.com/79c5048c-bce1-4d4d-a073-cd160924f953
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b23f7cf7e33c0bdcf4c32d70e7089eb1b37e593cc132e161133e11fae8dbc8ba

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
124613
Content-Type
sso-dashboard.js
www.usmagazine.com/ 		263 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/sso-dashboard.js?2023-06-28-17-41-40
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1b6c95f4717cae3deed3b0aa3677a77096159081f1a74b33928e803215776455

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
x-rq
jfk2 85 188 443
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript;charset=UTF-8
cache-control
max-age=31536000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 28 Jun 2023 17:59:29 GMT
server
nginx/1.21.6
via
1.1 google
story_loader.js
widget.engageya.com/ 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.engageya.com/story_loader.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:138d::3b8f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
173b7146a0134b10f0d1e4ec8963d500aa248bdb307dc1fee03ac7c2c8273f47

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2023 11:06:36 GMT
Server
nginx
ETag
W/"645ccc3c-118e6"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
18933
Expires
Wed, 28 Jun 2023 19:59:29 GMT
engageya_loader.js
widget.engageya.com/ 		189 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.engageya.com/engageya_loader.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:138d::3b8f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
65bd7289333f44e86ed55d46e89ccb65836a301ccafb691c22e2d2f29ff987e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2023 11:06:41 GMT
Server
nginx
ETag
W/"645ccc41-bd"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
168
Expires
Wed, 28 Jun 2023 19:59:29 GMT
bootstrap.js
wsv3cdn.audioeye.com/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/bootstrap.js?h=a63f806656895f6cb6fdce42a76ff445
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf23d5f7db7f995612da2550efd9c80a1c55002e64dfa20fd08949940e36cfb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

cache-tags
a63f806656895f6cb6fdce42a76ff445
date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
br
surrogate-keys
a63f806656895f6cb6fdce42a76ff445
cf-cache-status
HIT
server
cloudflare
age
114
etag
W/"21fb4c2593baf28843e5f9fa2410693e"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=120
cf-ray
7de7d2e73b394397-EWR
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-F3LK00X4WN&gtm=45je36q0&_p=266989181&cid=730203721.1687975169&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687975169&sct=1&seg=0&dl=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&dr=https%3A%2F%2Fnews.google.com%2F&dt=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F3LK00X4WN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1687975169162&aid=a-0138&se=e30&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&tna=v2.7.2&pu=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows...
  • https://rp4.liadm.com/j?dtstmp=1687975169162&aid=a-0138&se=e30&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&tna=v2.7.2&pu=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrow...
47 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1687975169162&aid=a-0138&se=e30&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&tna=v2.7.2&pu=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&us_privacy=1---&wpn=lc-bundle&refr=https%3A%2F%2Fnews.google.com%2F&c=PHRpdGxlPkd3eW5ldGggUGFsdHJvdydzIFNvbiBNb3NlcyBJcyBDaHJpcyBNYXJ0aW4ncyBUd2luIGluIE5ldyBQaG90bzwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9Ikd3eW5ldGggUGFsdHJvdyBhbmQgZXggQ2hyaXMgTWFydGluJ3Mga2lkcywgQXBwbGUgYW5kIE1vc2VzLCBhcmUga25vd24gZm9yIHNoYXJpbmcgYSBzdHJvbmcgcmVzZW1ibGFuY2Ugd2l0aCB0aGVpciBjZWxlYiBwYXJlbnRzIOKAlCBkZXRhaWxzIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNtYWdhemluZS5jb20vY2VsZWJyaXR5LW1vbXMvbmV3cy9nd3luZXRoLXBhbHRyb3dzLXNvbi1tb3Nlcy1pcy1jaHJpcy1tYXJ0aW5zLXR3aW4taW4tbmV3LXBob3RvLyI-PGgxIGNsYXNzPSJjb250ZW50LXRpdGxlIj5Hd3luZXRoIFBhbHRyb3figJlzIDE3LVllYXItT2xkIFNvbiBNb3NlcyBMb29rcyBJZGVudGljYWwgdG8gRGFkIENocmlzIE1hcnRpbiBpbiBOZXcgUGhvdG88L2gxPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPg&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMjo2NDhjOmViOTk6ZTFi&n3pc=true
Protocol
H2
Server
52.1.91.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-91-70.compute-1.amazonaws.com
Software
/
Resource Hash
db3843f38366de14225bd979b7224452059a493ec89ffccaade3696bad5b6128
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
x-pixel-event-id
8a3f125c-2d34-4b86-b9a1-9684724538a2
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
62949200d02fdcfe
content-length
47
x-xss-protection
1; mode=block

Redirect headers

date
Wed, 28 Jun 2023 17:59:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1687975169162&aid=a-0138&se=e30&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&tna=v2.7.2&pu=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&us_privacy=1---&wpn=lc-bundle&refr=https%3A%2F%2Fnews.google.com%2F&c=PHRpdGxlPkd3eW5ldGggUGFsdHJvdydzIFNvbiBNb3NlcyBJcyBDaHJpcyBNYXJ0aW4ncyBUd2luIGluIE5ldyBQaG90bzwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9Ikd3eW5ldGggUGFsdHJvdyBhbmQgZXggQ2hyaXMgTWFydGluJ3Mga2lkcywgQXBwbGUgYW5kIE1vc2VzLCBhcmUga25vd24gZm9yIHNoYXJpbmcgYSBzdHJvbmcgcmVzZW1ibGFuY2Ugd2l0aCB0aGVpciBjZWxlYiBwYXJlbnRzIOKAlCBkZXRhaWxzIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNtYWdhemluZS5jb20vY2VsZWJyaXR5LW1vbXMvbmV3cy9nd3luZXRoLXBhbHRyb3dzLXNvbi1tb3Nlcy1pcy1jaHJpcy1tYXJ0aW5zLXR3aW4taW4tbmV3LXBob3RvLyI-PGgxIGNsYXNzPSJjb250ZW50LXRpdGxlIj5Hd3luZXRoIFBhbHRyb3figJlzIDE3LVllYXItT2xkIFNvbiBNb3NlcyBMb29rcyBJZGVudGljYWwgdG8gRGFkIENocmlzIE1hcnRpbiBpbiBOZXcgUGhvdG88L2gxPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPg&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMjo2NDhjOmViOTk6ZTFi&n3pc=true
access-control-allow-origin
https://www.usmagazine.com
request-time
0
access-control-allow-credentials
true
trace-id
208b6a887f418a36
content-length
0
x-xss-protection
1; mode=block
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1168984
x-guploader-uploadid
ADPycdtT-jMQs3TzpCNRS_EwjmGHjWlkWdMFi61qFLIKTmxPXZZhhR7iSxKtL-ERmeiqjQHObJTmXuAQ6jUAwDEQI2pxKsTxjFXF
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZ1UUFj%2FW4%2FBDTzJEtAMWOa44GmPmoV1HWN%2F9sl9kyw1y6ntpMPfk%2B8x7z%2FBbaT47l5J7q3RF28JBql6zC%2Fd0mVqruavtw4jPENiU0b%2BWnt4VGi1u%2B8XKYTT8ZqN3wdNerTgSSIZg1pf6rIwYw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7de7d2e78fbec354-EWR
expires
Thu, 15 Jun 2023 05:52:24 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 16:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6358
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 16:13:31 GMT
px.gif
ad-delivery.net/ 		43 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.936693844504273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1168984
x-guploader-uploadid
ADPycdtT-jMQs3TzpCNRS_EwjmGHjWlkWdMFi61qFLIKTmxPXZZhhR7iSxKtL-ERmeiqjQHObJTmXuAQ6jUAwDEQI2pxKsTxjFXF
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLi%2BNtjIqvoRFwkQ3aP9CTDrHfWNyzQAf8tcGsjYE%2By5wjhr%2F84JnD%2Ft3rfX615ZeWUcLfND%2FHmprvloE1mh7x8PbUetAxiFiZF4tEJdojqU0dLyeV6qWO1NhacCvNYZDAdmkgnuJSRPB3YnnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7de7d2e78fc0c354-EWR
expires
Thu, 15 Jun 2023 05:52:24 GMT
cs
americanmedia.blueconic.net/DG/DEFAULT/ 		16 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://americanmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json331
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.104.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-104-91.compute-1.amazonaws.com
Software
- /
Resource Hash
24648da43918edfb6a18721b71b0964f06dd0a4f153e8a2f937e69acdaa6ccfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
t
jadserve.postrelease.com/ 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&prx_referrer=https%3A%2F%2Fnews.google.com%2F&ntv_mvi&us_privacy=1---
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
865d381cb777e21e86b1ce4b79ff514cc127e16e6c17d6cd9300e4fa274b1f7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
4074
expires
Mon, 1 Jan 1990 12:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=usmagazine.com&p=%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&u=CwgZW6CssPkcDOeKgM&d=usmagazine.com&g=11054&g0=celebrity%2Ccelebrity%20dads%2CCelebrity%20Kids%2Ccelebrity%20moms%2Ccelebrity%20news%2CNews&g1=Paige%20Strout&n=1&f=00001&c=0&x=0&m=0&y=13459&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Fnews.google.com%2F&PA=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&b=499&t=BL3tKVBOK7NvDryCOYPYMWcCcszsz&V=140&i=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&tz=0&sn=1&sv=BuwvzLDoDnbjZE1AtCqrxlsBwUVhQ&sr=https%3A%2F%2Fnews.google.com%2F&sd=1&im=067b2fff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.148.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-148-84.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.202.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-202-51.compute-1.amazonaws.com
Software
/
Resource Hash
cbfbae54c8fdaf47f960493bbceff2a5ada3cb296136a84c18eedee75ca3bfb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:29 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
793 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.202.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-202-51.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:29 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
266113574106409
connect.facebook.net/signals/config/ 		376 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/266113574106409?v=2.9.109&r=stable
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1286084ed46f676058ccee3d71a507c761a3ad86ecc6d6b3a46b764ad286378
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 28 Jun 2023 17:59:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
109797
x-xss-protection
0
pragma
public
x-fb-debug
9G+CnIh4Emo5T/6uY53ZPsakf2ly6fZyGOqZPa94VEcqh458Da6lXUZgrIk+kV4eHGnpti+7cHfvzUm15IvHqw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=777751349286416&ev=PageView&dl=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&rl=https%3A%2F%2Fnews.google.com%2F&if=false&ts=1687975169297&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687975169296.487474501&it=1687975168755&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 28 Jun 2023 17:59:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
user_visited_page
telemetries.jeeng.com/api/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7de7d2e87dbb4387-EWR
date
Wed, 28 Jun 2023 17:59:29 GMT
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Access-Control-Request-Headers
x-powered-by
Express
user_visited_page
telemetries.jeeng.com/api/events/ 		15 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/5OWnX5XlrL/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
7de7d2e8de194387-EWR
content-length
15
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/webp
system:page_load
p2.fwpixel.com/trk/ 		2 B
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://p2.fwpixel.com/trk/system:page_load
Requested by
Host: asset.fwpub1.com
URL: https://asset.fwpub1.com/js/embed-feed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.98.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-98-130.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary1yHGTbGeA8OTpyRc

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
server
openresty
content-type
text/plain
launchpad.bundle.js
launchpad.privacymanager.io/1/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-116.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding
br
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 17:07:46 GMT
x-amz-cf-pop
JFK50-P6
age
3104
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
a78f2a5a4864424e54348ce47b156abb
last-modified
Thu, 10 Mar 2022 13:10:48 GMT
server
AmazonS3
etag
W/"3e312624cdc2445a38a716f92dc3c0cd"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
60yTvjXt5LPCwHakzIT6lQs_T8gYmo3_sGRJWdBa2XOM0YBJ_CejJg==
ta.c34341.js
static.trueanthem.com/scripts/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.trueanthem.com/scripts/ta.c34341.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4887 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
469c3c3ebe581ecb1a3c893d20b642bbc014912693d13cc2bfd54de246e12c1d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1477
x-guploader-uploadid
ADPycdt9KE-RsxCre2AtfEWyu93AusKf7a4mDO7CXnQxc7QfFjkavdp5jcERcQemIcwV2f3qsIom12B2AwlAy2SRQCda1A
x-goog-storage-class
STANDARD
content-encoding
br
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 03 Apr 2023 04:25:20 GMT
server
cloudflare
etag
W/"28b2dbdb03f096998a381f6126ddac4c"
vary
Origin, Accept-Encoding
x-goog-generation
1680495920536276
content-type
text/javascript
x-goog-hash
crc32c=rvRlhw==, md5=KLLb2wPwlpmKOB9hJt2sTA==
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPHPkvXVe45Gz%2BcHv5XO2%2FDsFYq2THMbgAW1IJhPldjBzVmvBJOgz0RV7C1v8HkOdb83WQskRUasch%2F6x2ZLUKRj7xUkzdPF%2FwqYu9ycc%2Fkf6ldDXjiPsa3R1%2FCP4hnvsO9TjnRa%2F8vPxsH0t82LU0qq0A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
27234
cf-ray
7de7d2e8cf503354-EWR
expires
Wed, 28 Jun 2023 18:34:52 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=209&sync=1&url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
4946
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7de7d2e90882c3f3-EWR
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
209
p.ad.gt/api/v1/p/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/209
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4edb7c5d9b61671413fe28fbc3e549f16be3d7b085396a84f66ee7d639761c2e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Jun 2023 17:55:03 GMT
server
cloudflare
age
266
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7de7d2e90e24431c-EWR
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&adnxs_id=239972947338320392&gdpr=0
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&adnxs_id=239972947338320392&gdpr=0
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7de7d2eabc5e0f3a-EWR
content-length
43
content-type
image/gif

Redirect headers

Date
Wed, 28 Jun 2023 17:59:29 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2259c827-d650-4e89-9e51-8381ed4776b5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&adnxs_id=239972947338320392&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001687975169-EQ0AXQT1-0EUL&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001687975169-EQ0AXQT1-0EUL&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=8caea125-1332-49dd-b4e8-4c16d2f9f136&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=8caea125-1332-49dd-b4e8-4c16d2f9f136&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7de7d2eabc690f3a-EWR
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=8caea125-1332-49dd-b4e8-4c16d2f9f136&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL
  • https://ids.ad.gt/api/v1/pbm_match?pbm=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7de7d2ea8c330f3a-EWR
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
date
Wed, 28 Jun 2023 17:59:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
token
token.rubiconproject.com/ 		0
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001687975169-EQ0AXQT1-0EUL&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001687975169...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001687...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=501914cb-ae0d-46ea-848b-e9fb36399716%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8caea125-1332-49dd-b4e8-4c16d2f9f136&ttd_puid=501914cb-ae0d-46ea-848b-e9fb36399716%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&tapad_id=501914cb-ae0d-46ea-848b-e9fb36399716
43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&tapad_id=501914cb-ae0d-46ea-848b-e9fb36399716
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7de7d2ecee900f3a-EWR
content-length
43
content-type
image/gif

Redirect headers

date
Wed, 28 Jun 2023 17:59:29 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&tapad_id=501914cb-ae0d-46ea-848b-e9fb36399716
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&google_gid=CAESEF9j33IREXkcAZjF-GIXbfw&google_cver=1&google_ula=450542624,0
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&google_gid=CAESEF9j33IREXkcAZjF-GIXbfw&google_cver=1&google_ula=450542624,0
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7de7d2eabc6a0f3a-EWR
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&google_gid=CAESEF9j33IREXkcAZjF-GIXbfw&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4Nzk3NTE2OS1FUTBBWFFUMS0wRVVM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4Nzk3NTE2OS1FUTBBWFFUMS0wRVVM
Protocol
H3
Server
142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4Nzk3NTE2OS1FUTBBWFFUMS0wRVVM
date
Wed, 28 Jun 2023 17:59:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7de7d2e94ae70f3a-EWR
content-type
text/html; charset=utf-8
unruly
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL%26unruly_id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL%26unruly_id%3D%5BRX_UUID%5D&cb=1687975169527
  • https://sync.targeting.unrulymedia.com/csync/RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001687975169-EQ0AXQT1-0EUL%26unruly_id%3D...
  • https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&unruly_id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&unruly_id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7de7d2edc8230f3a-EWR
content-length
43
content-type
image/gif

Redirect headers

Date
Wed, 28 Jun 2023 17:59:30 GMT
Server
Tengine
ETag
RXca2d807dab8f4f7983359a423816c02a005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&unruly_id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Content-Type
text/html
Connection
keep-alive
ip_match
ids.ad.gt/api/v1/ 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7de7d2e94ae80f3a-EWR
content-type
text/html; charset=utf-8
ppnt_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
  • https://ids.ad.gt/api/v1/ppnt_match?uid=Aghol5ZjA95W&ev=1&pid=562316&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ppnt_match?uid=Aghol5ZjA95W&ev=1&pid=562316&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7de7d2ebcd730f3a-EWR
content-length
43
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ids.ad.gt/api/v1/ppnt_match?uid=Aghol5ZjA95W&ev=1&pid=562316&id=AU1D-0100-001687975169-EQ0AXQT1-0EUL
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-8fxxn
expires
-1
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
444687b837b3662d44695d8fed75ef370c66068fe125d2ac2e5ea46379296abe

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036076&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687975169449&ns_c=UTF-8&comscorekw=&c7=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-pa...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036076&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687975169449&ns_c=UTF-8&comscorekw=&c7=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-p...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036076&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687975169449&ns_c=UTF-8&comscorekw=&c7=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&c8=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&c9=https%3A%2F%2Fnews.google.com%2F
Protocol
H2
Server
18.164.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-18.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
-TT4feYfc3qrroFNyaKdsLI-VciaSIGWJ7znUkuWnGCAZPscGI9cTA==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 28 Jun 2023 17:59:29 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6036076&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687975169449&ns_c=UTF-8&comscorekw=&c7=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&c8=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&c9=https%3A%2F%2Fnews.google.com%2F
content-length
0
x-amz-cf-id
xTV4xFLU3_GlEw2TdqHSc6qT1QqYz6DFAye8xpZ-i86gQKneJI9zSg==
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-371249-1&cid=730203721.1687975169&jid=885938014&_u=YEBAAEAAAAAAACAAI~&z=728713675
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		244 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=usmagazine.com&domain=usmagazine.com&path=%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3d7f418414c6536d3f2c55e9531137b7e781494f4f7c4dca477fc90e5d548c02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
2
date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
3212
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
177
x-served-by
cache-lga21923-LGA
x-timer
S1687975169.491357,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 26 Jun 2023 17:05:57 GMT
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=cgQvIh4V&w=5633139437207552&o=5765527509139456&cv=2.1.13-15-g6498499&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&sid=ciaLgNVM&upapi=true
Requested by
Host: americanmediainc-com.videoplayerhub.com
URL: https://americanmediainc-com.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:29 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ 		392 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
26583
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127740
x-xss-protection
0
server
cafe
etag
1744020965594933375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 27 Jun 2024 10:36:26 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 11:40:13 GMT
x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 d33ed2107293e32734a96656b820e092.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
22757
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
W9rbWNGKU96LaYAnnjcjuA3-BfdMTkLDexI2Dp9wh6LVvoprfw9h1Q==
73.f7fff248ea9106a5a2f9.js
d3jdulus8lb392.cloudfront.net/ami/us-weekly/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3jdulus8lb392.cloudfront.net/ami/us-weekly/73.f7fff248ea9106a5a2f9.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2209:3c00:1c:15e:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1566f325254842a733af10553522ee915603149e3900e87a4a33f7cfd23c5492

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 15:47:26 GMT
x-amz-version-id
ebKVc9wUA0jMt9KQcQzOCZF7dJOeKw7V
content-encoding
gzip
via
1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
age
7924
x-amz-cf-pop
EWR53-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 26 Jun 2023 20:57:21 GMT
server
AmazonS3
etag
W/"bc48992a17659a6b8804744e3f536c83"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=9600
x-amz-cf-id
TJUO_Eo0MkcSWIJ1Uzg80oZ5WwYJMTZG3gAL4XS2pbTn4rl05ksoBw==
463.0d795dec4b32f6d00cb0.js
d3jdulus8lb392.cloudfront.net/ami/us-weekly/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3jdulus8lb392.cloudfront.net/ami/us-weekly/463.0d795dec4b32f6d00cb0.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2209:3c00:1c:15e:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17726c7fbafda78a67cb813599e32b51b29d5088c3045b4c24e5907cb0a762a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:07:56 GMT
x-amz-version-id
sWtm2c9rrPZZiNCN5GYufwUFWZN_s1IN
content-encoding
gzip
via
1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
age
3094
x-amz-cf-pop
EWR53-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 26 Jun 2023 20:57:19 GMT
server
AmazonS3
etag
W/"b03b1ae5d558fbc3b902a28b2a26dfff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=9600
x-amz-cf-id
mcM9qcYCltbdstMuS2_t4icI0gy6zbE1vdX7cc7pRtVP4yxuYs6yIQ==
loader.js
wsv3cdn.audioeye.com/v2/scripts/ 		106 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=a63f806656895f6cb6fdce42a76ff445&lang=en-US&cb=9e1aa82
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b4be43da924dfcc8f41d7773f795af89e243cb367838ac647f02d505035cbd

Request headers

Referer
https://www.usmagazine.com/
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
br
surrogate-key
prod a63f806656895f6cb6fdce42a76ff445 9e1aa82
last-modified
Wed, 28 Jun 2023 15:56:09 GMT
server
cloudflare
cf-cache-status
HIT
age
7094
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
cf-ray
7de7d2ea889c1871-EWR
jquery.bundle.9e1aa82.js
wsv3cdn.audioeye.com/v2/build/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/jquery.bundle.9e1aa82.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11778d69a257fb063b0e8103d4fb76b7cf2bf68cc1db4b3dfff48d0bf52c5c19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 27 Jun 2023 22:03:52 GMT
server
cloudflare
age
469
etag
W/"649b5cc8-17d89"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7de7d2ea7f054397-EWR
expires
Thu, 27 Jun 2024 17:59:29 GMT
startup.bundle.9e1aa82.js
wsv3cdn.audioeye.com/v2/build/ 		428 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/startup.bundle.9e1aa82.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed737bae1caddcec055628cd5912a913d467fb6c7df474a1c10e39a5956e0b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Jun 2023 00:23:56 GMT
server
cloudflare
age
291
etag
W/"649b7d9c-6aefc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7de7d2ea7f064397-EWR
expires
Thu, 27 Jun 2024 17:59:29 GMT
engageya_loader_p.js
widget.engageya.com/ 		110 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.engageya.com/engageya_loader_p.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:138d::3b8f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e76f935bc0cfc946882a095a883e099edcba3deb470173601657a2a5c502e55c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2023 11:06:41 GMT
Server
nginx
ETag
W/"645ccc41-1b7ea"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
28883
Expires
Wed, 28 Jun 2023 19:59:29 GMT
audiences
api.permutive.com/audience-matching/v1/id/0bf420cb-336f-4c03-8c22-5bc0087ab5f1/ 		12 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/0bf420cb-336f-4c03-8c22-5bc0087ab5f1/audiences?k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
a-0138
i.liadm.com/s/c/ Frame A96E 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-0138?s=&cim=&ps=true&ls=true&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.133.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-133-75.compute-1.amazonaws.com
Software
/
Resource Hash
d6ad681aac60b5d8492de226879c9db4fe7c21e2d69b7a2b97f7f0ab3edaf41a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
695
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 17:59:29 GMT
Request-Time
13
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
baker
sli.usmagazine.com/ 		0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.usmagazine.com/baker?dtstmp=1687975169727
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:fa00:1b:f238:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
0
x-amz-cf-id
L_416rwE7-xqUH4uAEkuK5SV4g5EIEe1NG5kJEMGGUuZYWKEz9O-aA==
330
bc.usmagazine.com/DG/DEFAULT/rest/rpc/ 		80 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/DG/DEFAULT/rest/rpc/330?referer=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-06-28T17%3A59%3A29%2B00%3A00&ts=1687975169729
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/americanmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
e91b29f8e4d71bc85905c4155674fae8eb8e2f204062eeb86aba6c2e9b7dede0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
16176
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Vg803TwGZ8o1LGXo6Ss7yS94_J86x_ug16sU87V1NKvlei50dyEfGg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
trp.html
s.ntv.io/safeiframe/ Frame 99D3 		374 B
910 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/safeiframe/trp.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.185.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-185-74.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e7597ab26dcbccfaf721ac9e3a63e96a09bc701486613b630acd7fe6889fa6b7

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Length
374
Content-Type
text/html
Date
Wed, 28 Jun 2023 17:59:29 GMT
ETag
"77f725a7a787eb61c53bc1598bec4b4c"
Last-Modified
Tue, 29 Aug 2017 18:03:51 GMT
Server
AmazonS3
Unused62
8096267
x-amz-id-2
uyNmGRW7EwaeeebClZq16Jc4i5gq8EL3m8bWIwfJqAHwSJfOHV33UNVvc+Lojk79/b+M+WGkqeo=
x-amz-request-id
AB654080D14A8CC5
trk.gif
jadserve.postrelease.com/ 		43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=9087744&ntv_pl=1125429&prx_referrer=https%3A%2F%2Fnews.google.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=9d9fcc47-cee6-459f-a00f-2f3e07fc0b24&ntv_fl=k0G_z1r7FnN_ey-t4aZSPI9AwWtc2D3n78uiMB5fWrhOp65ijhaATbZF-voXAUXLnCqdbUZmJSvOGApGTVT3kJrCgp8ozTauEUxUtaY792mgpd2j2LWapy8Mx_Y9NTGI3tSYBo8FhUzCFAJ-yNbwT8bnljbq5s-fO6xLhkGRwgtW_kKDoQ4VlM_h9MQrszAUySBa7MEtcRgb85zYCeAQ0tnUd81C8qGX-0qmoM-KJ68hz_6i5bVDcI8GvrphdM-2Voay3qzOFVWPoT2NBA-J5XwgLA5qgOy2Bn0BznRHUIUxXjdG6sVwhgWVyIYQ8ml7_pX8xtr9GKqJvWsBx0lTPw==&ntv_ht=AXWcZAA&ntv_at=303,302&ntv_a=AAAAAAAAAANiwRA&ord=1687975169733&prx_referrer=https%3A%2F%2Fnews.google.com%2F&ntv_it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=9d9fcc47-cee6-459f-a00f-2f3e07fc0b24&ntv_fl=k0G_z1r7FnN_ey-t4aZSPI9AwWtc2D3n78uiMB5fWrhOp65ijhaATbZF-voXAUXLnCqdbUZmJSvOGApGTVT3kJrCgp8ozTauEUxUtaY792mgpd2j2LWapy8Mx_Y9NTGI3tSYBo8FhUzCFAJ-yNbwT8bnljbq5s-fO6xLhkGRwgtW_kKDoQ4VlM_h9MQrszAUySBa7MEtcRgb85zYCeAQ0tnUd81C8qGX-0qmoM-KJ68hz_6i5bVDcI8GvrphdM-2Voay3qzOFVWPoT2NBA-J5XwgLA5qgOy2Bn0BznRHUIUxXjdG6sVwhgWVyIYQ8ml7_pX8xtr9GKqJvWsBx0lTPw==&ntv_ht=AXWcZAA&ntv_at=323&ntv_a=AAAAAAAAAANiwRA&ntv_jtr=6&prx_referrer=https%3A%2F%2Fnews.google.com%2F&ntv_it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
1003
jadserve.postrelease.com/suid/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=91
  • https://jadserve.postrelease.com/suid/1003?vk=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1003?vk=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134
Protocol
H2
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

Location
https://jadserve.postrelease.com/suid/1003?vk=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134
Date
Wed, 28 Jun 2023 17:59:29 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
1009
jadserve.postrelease.com/suid/
Redirect Chain
  • https://www.storygize.net/ccm/9efa73dd-7739-46a4-a010-c587103e1f2f
  • https://www.storygize.net/csr?r=https%3A%2F%2Fjadserve.postrelease.com%2Fsuid%2F1009%3Fvk%3Db4c9cb8b-0477-4b6d-bd91-a0a4d6f27a56
  • https://jadserve.postrelease.com/suid/1009?vk=b4c9cb8b-0477-4b6d-bd91-a0a4d6f27a56
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1009?vk=b4c9cb8b-0477-4b6d-bd91-a0a4d6f27a56
Protocol
H2
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:30 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

Location
https://jadserve.postrelease.com/suid/1009?vk=b4c9cb8b-0477-4b6d-bd91-a0a4d6f27a56
Pragma
no-cache
P3P
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
expires
0
1054
jadserve.postrelease.com/suid/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190025&cb=https%3A%2F%2Fjadserve.postrelease.com%2Fsuid%2F1054%3Fvk%3D&prx_referrer=https%3A%2F%2Fnews.google.com%2F&ntv_it
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fjadserve.postrelease.com%2Fsuid%2F1054%3Fvk%3D&ntv_it=&prx_referrer=https%3A%2F%2Fnews.google.com%2F&s=190025&C=1
  • https://jadserve.postrelease.com/suid/1054?vk=ZJx1AqyAB4e5NDZqrk0bIAAA%261381
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1054?vk=ZJx1AqyAB4e5NDZqrk0bIAAA%261381
Protocol
H2
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:30 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://jadserve.postrelease.com/suid/1054?vk=ZJx1AqyAB4e5NDZqrk0bIAAA%261381
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
1007
jadserve.postrelease.com/suid/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=qg0stl0&ttd_tpi=1
  • https://jadserve.postrelease.com/suid/1007?vk=8caea125-1332-49dd-b4e8-4c16d2f9f136
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1007?vk=8caea125-1332-49dd-b4e8-4c16d2f9f136
Protocol
H2
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://jadserve.postrelease.com/suid/1007?vk=8caea125-1332-49dd-b4e8-4c16d2f9f136
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
195
1042
jadserve.postrelease.com/suid/
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=114&redir=https%3A%2F%2Fjadserve.postrelease.com%2Fsuid%2F1042%3Fvk%3D%5BMM_UUID%5D%20&prx_referrer=https%3A%2F%2Fnews.google.com%2F&ntv_it
  • https://jadserve.postrelease.com/suid/1042?vk=d9a7649c-7502-4200-a06d-d1c53a000c1d%20
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1042?vk=d9a7649c-7502-4200-a06d-d1c53a000c1d%20
Protocol
H2
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:30 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

Date
Wed, 28 Jun 2023 17:59:30 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x48 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://jadserve.postrelease.com/suid/1042?vk=d9a7649c-7502-4200-a06d-d1c53a000c1d%20
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 28 Jun 2023 17:59:29 GMT
1006
jadserve.postrelease.com/suid/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/nativo/?puid=0889790c-caa5-4b98-a28e-ac136bb5afe5&cb=https%3A%2F%2Fjadserve.postrelease.com%2Fsuid%2F1006%3Fvk%3D__ZUID__&prx_referrer=https%3A%2F%2Fnews.google....
  • https://stags.bluekai.com/site/23178?id=GgTZoJOdf55amNPZ-F1y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS62TBMRZWK4TWMUXHA33TORZGK3DFMFZWKLTDN5WS643V...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS62TBMRZWK4TWMUXHA33TORZGK3DFMFZWKLTDN5WS643VNFSC6MJQGA3D6ZLYMNUGC3THMU6W4YLUNF3G6JTWNM6UOZ2ULJXUUT3EMY2TKYLNJZIFULKGGF4Q
  • https://jadserve.postrelease.com/suid/1006?vk=GgTZoJOdf55amNPZ-F1y
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1006?vk=GgTZoJOdf55amNPZ-F1y
Protocol
H2
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:30 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:30 GMT
Content-Type
text/html; charset=utf-8
Location
https://jadserve.postrelease.com/suid/1006?vk=GgTZoJOdf55amNPZ-F1y
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
89
Expires
Thu, 01 Dec 1994 16:00:00 GMT
1010
jadserve.postrelease.com/suid/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560921&ev=1&rurl=https://jadserve.postrelease.com/suid/1010?vk=%%VGUID%%&prx_referrer=https%3A%2F%2Fnews.google.com%2F&ntv_it
  • https://jadserve.postrelease.com/suid/1010?vk=Aghol5ZjA95W&ev=1&prx_referrer=https://news.google.com/&pid=560921
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1010?vk=Aghol5ZjA95W&ev=1&prx_referrer=https://news.google.com/&pid=560921
Protocol
H2
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:29 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://jadserve.postrelease.com/suid/1010?vk=Aghol5ZjA95W&ev=1&prx_referrer=https://news.google.com/&pid=560921
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-8fxxn
expires
-1
1011
jadserve.postrelease.com/suid/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=nativo&gdpr=0/gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=nativo&gdpr=0/gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=nativo&bsw_custom_parameter=e5909bf2-71a8-45a7-b91d-17324c9598fd
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=nativo&bsw_custom_parameter=e5909bf2-71a8-45a7-b91d-17324c9598fd
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3822b5f9-f8c8-4207-9fcb-af17502becbc&user_group=1&ssp=nativo&bsw_param=e5909bf2-71a8-45a7-b91d-17324c9598fd
  • https://jadserve.postrelease.com/suid/1011?vk=e5909bf2-71a8-45a7-b91d-17324c9598fd
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1011?vk=e5909bf2-71a8-45a7-b91d-17324c9598fd
Protocol
H2
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:32 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

Location
//jadserve.postrelease.com/suid/1011?vk=e5909bf2-71a8-45a7-b91d-17324c9598fd
Date
Wed, 28 Jun 2023 17:59:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
1001
jadserve.postrelease.com/suid/
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=3b452dcb-0cd7-47c7-b4d7-167ed732230d&secure=1&gdpr=0/gdpr_consent=
  • https://jadserve.postrelease.com/suid/1001?vk=77c88898-7a4b-4d09-b363-5fe491a39eef
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1001?vk=77c88898-7a4b-4d09-b363-5fe491a39eef
Protocol
H2
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:30 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

x-servername
Track001-iad
pragma
no-cache
date
Wed, 28 Jun 2023 17:58:46 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://jadserve.postrelease.com/suid/1001?vk=77c88898-7a4b-4d09-b363-5fe491a39eef
cache-control
private,no-cache
content-length
199
expires
-1
async.bundle.js
www.usmagazine.com/wp-content/client-mu-plugins/shared/includes/sso/assets/js/dist/ 		5 MB
634 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usmagazine.com/wp-content/client-mu-plugins/shared/includes/sso/assets/js/dist/async.bundle.js?567520c1d771b9e2c291ccac33721113
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cce8bcdf2baf0885efae0f8c21a08a138a6b9d7b3441e62f67f66814f5da0e99

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:29 GMT
content-encoding
gzip
x-rq
jfk2 85 187 443
last-modified
Wed, 28 Jun 2023 08:10:52 GMT
server
nginx
etag
W/"649beb0c-56a89c"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
truncated
/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
006b2fcf89215924c0aae2671657d53aa907ce7edd43273fb06119ea055cddca

Request headers

Referer
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
hadron.json
id.hadron.ad.gt/v1/ 		99 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=209&sync=1&domain=www.usmagazine.com&url=https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?partner_id=209&sync=1&url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab917590e66ca48190f9cd4ed106eeef65bd0f15e1a341d0fcf2385023a0666

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7de7d2ecfd830f8d-EWR
sync
pippio.com/api/ Frame A96E
Redirect Chain
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=0297515d-8802-451a-a73a-7b68eb95dabd&us_privacy=1---
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=608b91da-7f77-43b5-bf6a-4fb5dd438242%3A1687975170.0883946&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D608b91da-7f77-43b5...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477416032030645&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D608b91d...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=608b91da-7f77-43b5-bf6a-4fb5dd438242%3A1687975170.0883946&pid=500040&it=1&iv=608b91da-7f77-43b5-bf6a-4fb5dd438242%3A1687975170.0883946&_=168...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1687975170.092228&iv=608b91da-7f77-43b5-bf6a-4fb5dd438242:1687975170.0883946
42 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1687975170.092228&iv=608b91da-7f77-43b5-bf6a-4fb5dd438242:1687975170.0883946
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0138?s=&cim=&ps=true&ls=true&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1687975170.092228&iv=608b91da-7f77-43b5-bf6a-4fb5dd438242:1687975170.0883946
Date
Wed, 28 Jun 2023 17:59:31 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
usersync.aspx
dis.criteo.com/dis/ Frame A96E
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D&us_privacy=1---
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3425623714870498952&us_privacy=1---
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1---
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0138?s=&cim=&ps=true&ls=true&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:30 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
191009
expires
Wed, 28 Jun 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1---
Date
Wed, 28 Jun 2023 17:59:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
52164
i.liadm.com/s/ Frame A96E
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=0297515d-8802-451a-a73a-7b68eb95dabd&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=0297515d-8802-451a-a73a-7b68eb95dabd&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=e5909bf2-71a8-45a7-b91d-17324c9598fd
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=0297515d-8802-451a-a73a-7b68eb95dabd
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e5909bf2-71a8-45a7-b91d-17324c9598fd&ssp=liveintent&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594084812182436387&ssp=liveintent&gdpr=&gdpr_consent=
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e5909bf2-71a8-45a7-b91d-17324c9598fd
43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e5909bf2-71a8-45a7-b91d-17324c9598fd
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0138?s=&cim=&ps=true&ls=true&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
34.237.133.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-133-75.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:31 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e5909bf2-71a8-45a7-b91d-17324c9598fd
Date
Wed, 28 Jun 2023 17:59:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
35759
i6.liadm.com/s/ Frame A96E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1---
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=8caea125-1332-49dd-b4e8-4c16d2f9f136
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=8caea125-1332-49dd-b4e8-4c16d2f9f136
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=8caea125-1332-49dd-b4e8-4c16d2f9f136
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0138?s=&cim=&ps=true&ls=true&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:4106:3062:270c:cbbd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:30 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=8caea125-1332-49dd-b4e8-4c16d2f9f136
Date
Wed, 28 Jun 2023 17:59:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
img
sync.mathtag.com/sync/ Frame A96E 		43 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=36&0297515d-8802-451a-a73a-7b68eb95dabd&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0138?s=&cim=&ps=true&ls=true&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.200.232.249 Frederick, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master ord ord-pixel-x15 config_version:"1969" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:30 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x15 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Wed, 28 Jun 2023 17:59:29 GMT
live_intent_sync
x.dlx.addthis.com/e/ Frame A96E
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=0297515d-8802-451a-a73a-7b68eb95dabd&us_privacy=1---
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=0297515d-8802-451a-a73a-7b68eb95dabd&us_privacy=1---&rd=Y
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=0297515d-8802-451a-a73a-7b68eb95dabd&us_privacy=1---&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0138?s=&cim=&ps=true&ls=true&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Server
23.197.21.62 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-21-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 28 Jun 2023 17:59:30 GMT
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:30 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=0297515d-8802-451a-a73a-7b68eb95dabd&us_privacy=1---&rd=Y
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:30 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Wed, 28 Jun 2023 17:59:30 GMT
35004
i.liadm.com/s/ Frame A96E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=AvJBb6OycRk4Dp_JIEkA&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DF4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBS...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=F4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5IF3EUQTCGZHXSY2SNM2EI4C7JJEUK22BEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK...
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=AvJBb6OycRk4Dp_JIEkA&us_privacy=1---
43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=AvJBb6OycRk4Dp_JIEkA&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0138?s=&cim=&ps=true&ls=true&duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
34.237.133.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-133-75.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:30 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:30 GMT
Content-Type
text/html; charset=utf-8
Location
//i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=AvJBb6OycRk4Dp_JIEkA&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
117
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
geo.privacymanager.io/ 		30 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-12.ewr53.r.cloudfront.net
Software
/
Resource Hash
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

Accept
application/json
Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Jun 2023 08:30:38 GMT
via
1.1 f2c051917a765f1d1a1cd2ce1622adb8.cloudfront.net (CloudFront), 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, EWR53-P1
age
34132
x-amzn-requestid
87ab7c22-581d-4aff-8973-ff7da627ee78
x-amzn-trace-id
Root=1-649befae-34c50ce24db783a134127b7e;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
HOJjPFoAjoEF8sw=
content-length
30
x-amz-cf-id
qJZ26EYn9mV0IcynDp1kBPEauhrO2I1_vLrN7ET4OUTBuaGNNKrTcA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=266113574106409&ev=PageView&dl=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&rl=https%3A%2F%2Fnews.google.com%2F&if=false&ts=1687975169949&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687975169296.487474501&cs_est=true&it=1687975168755&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 28 Jun 2023 17:59:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 11:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 28 Jun 2023 18:31:30 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:07:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 11:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 28 Jun 2023 18:07:04 GMT
collect
a.ad.gt/api/v1/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.usmagazine.com
date
Wed, 28 Jun 2023 17:59:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7de7d2ec99b90fa5-EWR
vary
Origin
content-type
text/html; charset=utf-8
getpixels
pixels.ad.gt/api/v1/ 		0
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=dcdc1b94b67f1853ef88550443715078&url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&code=%27none%27
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7de7d2ecd8dc18d0-EWR
content-type
text/html; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame 9161
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=16156&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/safeiframe/trp.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 17:59:30 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 28 Jun 2023 17:59:30 GMT
location
https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
server
AkamaiGHost
saq_pxl
tags.srv.stackadapt.com/ 		116 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=cvc4Bf9XTn0xVrh6Ojykuw&is_js=true&landing_url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&t=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&tip=tnnvBHp1KOm7Rc3rrHNgE09D4pZJxT_jEqBCrcH6nfg&host=https://www.usmagazine.com&sa-user-id-v2=s%253ATsQVy5XhU41iMArRnN9PSgW16oY.i5mo9QoecSwoP0wOW%252BfnxOCMamrAGqlyxwUBXZLx5g4&sa-user-id=s%253A0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a.ThMKHCuF%252FJiNjxJhTPfbakT3gEbx7tQi6GLJSli%252BVUs
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.202.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-202-51.compute-1.amazonaws.com
Software
/
Resource Hash
5c6b2c9749640668bf959a0ef1884c48885d93c0f76b358aeb11b0c1ed05e296

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
date
Wed, 28 Jun 2023 17:59:30 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=209&sync=1&domain=www.usmagazine.com&url=https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7de7d2ecdd660f8d-EWR
content-length
0
content-type
application/json
date
Wed, 28 Jun 2023 17:59:30 GMT
debug
OPTIONS block
expires
Thu, 27 Jun 2024 17:59:30 GMT
server
cloudflare
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-12.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 28 Jun 2023 17:59:30 GMT
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront), 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-amz-apigw-id
HPc4ZEoejoEFvyA=
x-amz-cf-id
o0EV-Ja5334fIW8qVYUkm4zA3p-M_U2npuxHqkgTCV7tK_pUaPvryQ==
x-amz-cf-pop
JFK51-C1 EWR53-P1
x-amzn-requestid
799a034d-0014-41b8-9815-1c010735f6cd
x-cache
Miss from cloudfront
52f78a9e1b5acc18f71fb0b87daf33e1
bc.usmagazine.com/plugin/plugin/ 		168 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/plugin/plugin/52f78a9e1b5acc18f71fb0b87daf33e1
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
74fcdcdcea933c002b3bd17356048c6f49defd8968a3429c1e698075054d85ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
age
38363
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
40001
x-xss-protection
1; mode=block
last-modified
Tue, 27 Jun 2023 07:20:07 GMT
server
-
etag
52f78a9e1b5acc18f71fb0b87daf33e1
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
gnV1YBS5PaK9WpwVm6c0wmliMflfSVV3xpvEsGms5gqKlXNkO3Cw8Q==
expires
Thu, 27 Jun 2024 07:20:07 GMT
/
www.facebook.com/tr/ Frame A9ED 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.usmagazine.com
Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.usmagazine.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 17:59:30 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
beacon
b.trueanthem.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b.trueanthem.com/beacon
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
surrogate-control
no-store
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gln01wXK87OkCUGd8w19EKXSrfeUsBnIpCZCkGMQ4hTJ6j5q79HMYDOqgm8Qh9AYIB%2BymWTyycW1LtjSBcs9ieQUQ6HWNLxV91Q6Hhlk9VlH2v8R2%2F1RdA9A2KMp67we99kUw5XmK%2BpJleSKxS8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
7de7d2ed0e9c4374-EWR
expires
Thu, 01 Jan 1970 00:00:00 UTC
getrecs.json
recs.engageya.com/rec-api/ 		582 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recs.engageya.com/rec-api/getrecs.json?cb=engageya_cb_19869734033574636&pubid=201352&webid=240710&wid=209993&recsnum=15&url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&cs=UTF-8&subid=&title=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New&kwrds=&sessionid=7a256cdd-ce11-3128-4ded-15baa60bc70f&rndid=19869734033574636&psid=9161c088-fae5-4a7f-ba3a-ed021ab5fa21&is_gdpr=0&gdpr_consent=
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29d75982a379f63eac10bc234e3082f70e6e9492511f64e41474ada6d0e945c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-language
en-US
content-type
application/javascript;charset=UTF-8
cache-control
no-cache, no-store, max-age=0
cf-ray
7de7d2ed2f6f0f8b-EWR
expires
Thu, 01 Jan 1970 00:00:00 GMT
streamingtag_plugin_jwplayer.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/plugins/streamingtag_plugin_jwplayer.js
  • https://sb.scorecardresearch.com/internal-c2/default/streamingtag_plugin_jwplayer.js
210 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/streamingtag_plugin_jwplayer.js
Protocol
H2
Server
18.164.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-18.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96281150fc4b153640ffd15f9ce9a133ee631aecb0f955cd67974e72af74ae64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:43:20 GMT
content-encoding
gzip
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
last-modified
Thu, 24 Feb 2022 15:25:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
971
x-amz-server-side-encryption
AES256
etag
W/"45e1b1186d270bf042fe7ed57882f85b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
78GMRBxdimxTQ4GYZqpmiqh0j8tq_ExrTVWk5X_yO7AbPdi0glT3kg==

Redirect headers

date
Wed, 28 Jun 2023 17:59:30 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/internal-c2/default/streamingtag_plugin_jwplayer.js
content-length
0
x-amz-cf-id
Fbaq-EmoYcJmOOSqunBjQiIMM8fiN3iNl71fRtqntPN2N1TwU7URzg==
iris-jwplayer8.adaptive.min.js
ovp.iris.tv/plugins/jwplayer/v2/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/plugins/jwplayer/v2/iris-jwplayer8.adaptive.min.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:8c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1110905083787586a3290d936973932dffd45594ef1fdcaa44e0748d6aab07a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
CAMj3RQp7EUa2P9Ieve_IP_o0uuH22rM
content-encoding
gzip
via
1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 16:26:17 GMT
last-modified
Tue, 16 Jul 2019 21:43:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
5594
etag
W/"094e9ad6bb9bbc263b6afcd74a510c58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
dCWr2--VkalVt4FCsF9HvWTVjLUdXUTTLukb-J0zArrIXnS0tGceAg==
googima.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/googima.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
778be0a20b795b24796a8bc78cad7d23ccbcf35d20d68c761527d57486605aaa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
via
1.1 varnish
age
36518
x-cache
HIT
content-length
21963
x-served-by
cache-lga21962-LGA
last-modified
Mon, 22 May 2023 06:27:35 GMT
server
AmazonS3
x-timer
S1687975170.186858,VS0,VE0
etag
"b08808f5729ce90fddf682e101a9691b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
14824
bidding.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		355 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/bidding.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b86ac89b026ea4cc0b8149823f738fcc196c93fbbb0562a1ea2d98909948c09d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
via
1.1 varnish
age
638
x-cache
HIT
content-length
113806
x-served-by
cache-lga21962-LGA
last-modified
Mon, 22 May 2023 06:27:22 GMT
server
AmazonS3
x-timer
S1687975170.186837,VS0,VE0
etag
"91764bdb44ff53b0a05acdcdc28b17c6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
67
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/jwpsrv.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adcc812e959337ea806767e296146eae68f9abbb9f196cdb732626bb943a1c27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
via
1.1 varnish
age
315
x-cache
HIT
content-length
19101
x-served-by
cache-lga21962-LGA
last-modified
Mon, 22 May 2023 06:27:36 GMT
server
AmazonS3
x-timer
S1687975170.225038,VS0,VE0
etag
"091cf336ba8e3328147ba88e7a9ff40c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
261
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		317 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/jwplayer.core.controls.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f25b68cae995caaaaea17d890f255f8863419c6126a53322bb4469053acfc4c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
via
1.1 varnish
age
1939749
x-cache
HIT
content-length
84863
x-served-by
cache-lga21962-LGA
last-modified
Mon, 22 May 2023 06:27:29 GMT
server
AmazonS3
x-timer
S1687975170.224998,VS0,VE0
etag
"3141cfbc04d2f12e7e4047ffd289780c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
230733
RdEySYYI.json
content.jwplatform.com/feeds/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/feeds/RdEySYYI.json?page_domain=www.usmagazine.com
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/zhNYySv2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:ca00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
5cee18e62a0abf5e1990b911543b943e1e81bb1d7a1e1f955129e31e9e574078

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:58:58 GMT
content-encoding
gzip
via
1.1 6f9ef5ae165c9835aa6935d9fb7e2072.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
age
32
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
3912
x-amz-cf-id
1eyiRcy-67IV4thuvzE93286epaiuptjibKa4DSb5Z-bzJWXhW43jg==
expires
Wed, 28 Jun 2023 18:01:58
i.js
tag.bounceexchange.com/2988/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/2988/i.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
3c9ed042539da1837213e7d5c3d9c54da1105b6d9d0b4c5e7f6c8c1a9efd66b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:58:52 GMT
content-encoding
gzip
via
1.1 google
age
38
x-envoy-upstream-service-time
1
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3698
server
istio-envoy
etag
3354e550b0d18b
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
client-v2.js
8fby8peddod4qetsz.ay.delivery/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8fby8peddod4qetsz.ay.delivery/client-v2.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc8a1a9bbb7f8f2975412a9a7893690331e4a5bd31bdd27d6d17f24e1b46dcb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 May 2023 21:23:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3717
etag
W/"646545ba-10a1b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6IKGf8FSHo%2FJZiz9iBZuwOj4sBc%2FrZZqd5HolhPA0io6NYGPbW2KySLgo0ltR61r0oBn3dYyGizfhbraYi7Vo8B6UYoxhpF3Ns6lIvTXyxEP%2FwJqG6Pm03Dkc9AywGnj%2BbP78rMbdgz%2BzVHgTJViAoOSitnsOZ4Pjq6rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7de7d2edebf04251-EWR
alt-svc
h3=":443"; ma=86400
tag.min.js
get.s-onetag.com/7d6ccc6c-1e66-4f90-ae03-c0adb1081221/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/7d6ccc6c-1e66-4f90-ae03-c0adb1081221/tag.min.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-103.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbfeabaa21774ceecd9734083d566d5bc7689989ab56a2bdbdeb5a1f8ab8ca3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
cOdQL19QcyXhg5aQc59CVQwPkZyrcaAJ
content-encoding
gzip
via
1.1 bef00830ac8715b50c3242c5f64020a4.cloudfront.net (CloudFront)
date
Tue, 27 Jun 2023 22:32:54 GMT
last-modified
Fri, 26 May 2023 15:22:39 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
69997
x-amz-server-side-encryption
AES256
etag
W/"3715ac82b9596175dfdf47cc173673d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
wlXO_se7xD0XRsK4HSR0wXUAe_PA-EuL5PCieWPYZT5mZcmM0QD3Ag==
rh.min.js
socialcanvas-cdn.kargo.com/js/ 		272 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-cdn.kargo.com/js/rh.min.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:2400:13:6a46:aa00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebb23a2689172bbf4ad8fd028b57bdcdeb5ad3e2a7c722e70dd3b0c4e9fd74c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 23:43:12 GMT
content-encoding
br
via
1.1 5a7cb2ecf8796fdcba2be8ec618e67a8.cloudfront.net (CloudFront)
last-modified
Tue, 27 Jun 2023 23:43:01 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
age
65779
etag
W/"a10b4e1a03b1194dc699aab2bb1a1908"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Oqr0CtvPCCDRk40KgspX4E5GdfgmaSCrayOA_FScMqM_LJ-n7-forg==
tag
btloader.com/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5765527509139456&upapi=true
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da2ebf9d6f73baff6598530178f2f356e186e15350b359585453f8810370b6e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Jun 2023 17:41:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
866
etag
W/"b06762ef85c52430fdc112d71b5e9e08"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WafKL%2FRVMAC%2Bh0Dn8ToHu8kfCJNOXcUwnY38DBeTdWvQWmh4psBYv3EGK2wwA2QKXrETeP6C4zRHqlMJqD%2BlGiDiBDA7uO%2FD0OwN0Ax1AphXri%2BJkRiE77i1MJEDhBoR5YPEKKycSd99Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7de7d2ed78ef8c8f-EWR
22942.js
micro.rubiconproject.com/prebid/dynamic/ 		401 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=article
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.106.145 Englewood, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-106-145.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8c1cd1584ec89eb876809fe513ec84daf9458cb27e71a03d9128965eed58e6fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
server
Apache
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-22942_USWeekly_Desktop_Article.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
130886
expires
Thu, 29 Jun 2023 04:06:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3144&u=https%3A%2F%2Fwww.usmagazine.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
47c1172160b0c476e5df3da5f8dd714c163e921060b0aeb0784b47c43330c12b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:30:46 GMT
via
1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
19723
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2378
x-amz-cf-id
bLiw0rnO4W5uvFFjejzr7-pjHIyCscObP99XWJoYz0BafuwkubuiZw==
LB-Zone-1
bc.usmagazine.com/DG/DEFAULT/rest/rpc/330/ 		233 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/DG/DEFAULT/rest/rpc/330/LB-Zone-1?referer=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&bcsessionid=&bctempid=9b294aa7-adf6-454e-abec-c4c3ac8ed456&overruleReferrer=&time=2023-06-28T17%3A59%3A30%2B00%3A00&ts=1687975170160
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/americanmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
da6b3c52646fe58adbdecc50f4d660f7bb67bfafbd90d1957ae43d97ea563066
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
180
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
RTUelCFanJkAusl0yO3WxFaHcwfBnvLiJ9mDNk6gYPnSVN8Tvl8Sbw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
sprite.svg
static-cdn.spot.im/production/icons/sprites/ 		24 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-84.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
pTYPLm0WXSUOn4wsgJLXLuv5LYGbB.2s
content-encoding
br
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 10:29:23 GMT
x-amz-cf-pop
EWR53-C3
age
27008
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 May 2023 11:40:02 GMT
server
AmazonS3
etag
W/"2a4e43326a158b47d0598571fd4099b6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-cf-id
WtHHR1kN4IZVmNe7qngIphQd8qwxY1ZypYvWIyzE7BBnogal5GhFZw==
device-load
api-2-0.spot.im/v1.0.0/ 		36 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
5ce16c1a2bef3c64af428d82625f65bf0de92d88aa89ee556ab2ce5bfecc04ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-spotim-device-uuid
1626bb97-12a4-49dc-9a98-d8cb7989422f
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
content-length
36
x-guid
1626bb97-12a4-49dc-9a98-d8cb7989422f
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
x-amz-cf-id
Tjd_S8axjUCoISNDTMjFFMHrrkZA_mYzv3cZ-aYqdH-DDUC0Kls00w==
halo_match
ids.ad.gt/api/v1/ 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001687975169-EQ0AXQT1-0EUL&halo_id=060fki6dhja8hebk9cd86ea6jbcha76d68hoyu0kswe4smgy6ik40me0wgise20k0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7de7d2edc81f0f3a-EWR
content-length
43
content-type
image/gif
smartrems.bundle.9e1aa82.js
wsv3cdn.audioeye.com/v2/build/ 		135 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/smartrems.bundle.9e1aa82.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93fa2f916588b37414e9ff25749b143f9920279ab5f70911d667367193e9076f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Jun 2023 00:23:56 GMT
server
cloudflare
age
392
etag
W/"649b7d9c-21d59"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7de7d2ee8c504397-EWR
expires
Thu, 27 Jun 2024 17:59:30 GMT
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		412 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5172dcf83f6d622751ea688d1ba4b507d54e3eeed9e933ac38f87ada5ecc87fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
via
1.1 varnish
age
1241051
x-cache
HIT
content-length
125992
x-served-by
cache-lga21962-LGA
last-modified
Mon, 22 May 2023 06:27:32 GMT
server
AmazonS3
x-timer
S1687975170.355687,VS0,VE0
etag
"4f4459c52455c57a5490992cac29595d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
136183
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.42.197.166 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-42-197-166.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 28 Jun 2023 18:14:30 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&ref=https%3A%2F%2Fnews.google.com%2F&_it=amazon&partner_id=209
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
4947
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7de7d2eec8edc3f3-EWR
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
0c43748a-23
aps.zqtk.net/ 		0
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		101 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
X2XCGHK5REWJ9EXV
age
1445
etag
W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7de7d2eeec5f18ee-EWR
x-amz-id-2
11FzmLYX5WsnA4FvBnfR0DPC6Ym5jRJckKqisI/o4+ug5f+v2i0zn9p4qZkm/2nN1SQk9LwXGsxoq2ndxHCRvA==
usync.js
eus.rubiconproject.com/ Frame 9161 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jun 2023 11:16:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62215
Connection
keep-alive
Content-Length
10113
Expires
Thu, 29 Jun 2023 11:16:25 GMT
cookieStorage.html
wsv3cdn.audioeye.com/v2/frame/ Frame BE2F 		813 B
589 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=9e1aa82
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d79401585d50c8e625f6abd3c443cdd31f1ec73cc7f7f570d3330dc706f433f7

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
86885
cache-control
public, max-age=365000000, immutable
cf-cache-status
HIT
cf-ray
7de7d2ef1d0c4397-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 28 Jun 2023 17:59:30 GMT
last-modified
Tue, 27 Jun 2023 17:51:21 GMT
server
cloudflare
vary
Accept-Encoding
send
analytics.audioeye.com/air/v0/ 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.audioeye.com/air/v0/send
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.9e1aa82.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.14.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-14-50.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:30 GMT
content-length
0
3772.bundle.9e1aa82.js
wsv3cdn.audioeye.com/v2/build/ 		480 B
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/3772.bundle.9e1aa82.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 27 Jun 2023 22:03:51 GMT
server
cloudflare
age
445
etag
W/"649b5cc7-1e0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7de7d2ef2d194397-EWR
expires
Thu, 27 Jun 2024 17:59:30 GMT
5121.bundle.9e1aa82.js
wsv3cdn.audioeye.com/v2/build/ 		382 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/5121.bundle.9e1aa82.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 27 Jun 2023 22:03:51 GMT
server
cloudflare
age
445
etag
W/"649b5cc7-17e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7de7d2ef2d1b4397-EWR
expires
Thu, 27 Jun 2024 17:59:30 GMT
874.bundle.9e1aa82.js
wsv3cdn.audioeye.com/v2/build/ 		193 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/874.bundle.9e1aa82.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 27 Jun 2023 22:03:52 GMT
server
cloudflare
age
449
etag
W/"649b5cc8-c1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7de7d2ef2d1c4397-EWR
expires
Thu, 27 Jun 2024 17:59:30 GMT
cs
americanmedia.blueconic.net/DG/DEFAULT/ 		66 B
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://americanmedia.blueconic.net/DG/DEFAULT/cs?bcsessionid=9b294aa7-adf6-454e-abec-c4c3ac8ed456&&callback=bc_json332
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.104.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-104-91.compute-1.amazonaws.com
Software
- /
Resource Hash
895d3f8487ea027a98bf3e0a3486553bc0e9ad8d5f6010b2a8a7b694c38b43e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
fa481c469e71e3052c0e2315868e13df
bc.usmagazine.com/plugin/library/ 		424 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/plugin/library/fa481c469e71e3052c0e2315868e13df
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
8f767c30d8380d42b78c10ddb1fd45e8033ccc7fb6e3c4e62720778e284adaf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
age
38363
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
136099
x-xss-protection
1; mode=block
last-modified
Tue, 27 Jun 2023 07:20:07 GMT
server
-
etag
fa481c469e71e3052c0e2315868e13df
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
Hv7Isx3N8BHesY0Ac-tkphYfmdN-HKKf7WA3enjxx8D333TUEMTuXA==
expires
Thu, 27 Jun 2024 07:20:07 GMT
330
bc.usmagazine.com/DG/DEFAULT/rest/rpc/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/DG/DEFAULT/rest/rpc/330?referer=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&bcsessionid=9b294aa7-adf6-454e-abec-c4c3ac8ed456&bctempid=&overruleReferrer=&time=2023-06-28T17%3A59%3A30%2B00%3A00&ts=1687975170495
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/americanmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
edf7188dfc47f1d392c7e05caacafe3556e79c8f284537016f88477486550527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1180
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
wZHvRaR9UMw5gr9WC8ONaKHOOg4aSH2bX8XMXMjbcaGYdao-TGQATA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
runtime_b4ad65fa381da0648767eee58152de5e.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_b4ad65fa381da0648767eee58152de5e.br.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8c0918c9505f3e9e1a402db8a8fd2134d799af574e639a3965a0a28ded8cc0b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 15:39:44 GMT
content-encoding
br
age
8386
x-guploader-uploadid
ADPycdvWMaTTRrakCh5rQASMt1ziLg_vH7qRhJhTFo1KXNZkIislCT4REx-I2Osl8spKzLGntK733uQtXMat8srJHuco5A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
677
last-modified
Mon, 26 Jun 2023 17:32:42 GMT
server
UploadServer
etag
"eefae9361af612ce4ba4df40b85e8e22"
x-goog-generation
1683121199273331
x-goog-hash
crc32c=/u+Zbg==, md5=7vrpNhr2Es5LpN9AuF6OIg==
access-control-allow-origin
*
access-control-expose-headers
etag,Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
677
accept-ranges
bytes
content-type
text/javascript
iris.adaptive.js
ovp.iris.tv/libs/adaptive/v2/ 		152 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:8c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e1461d89ddf4ba0510e22dae96a8fc41bab2bae62f0ec5371db03f402f22028

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
cDlZePTLUBv94y_aSHh0tirtTfXJ.fba
content-encoding
gzip
via
1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
date
Tue, 27 Jun 2023 18:21:40 GMT
last-modified
Fri, 12 Aug 2022 15:18:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
85071
etag
W/"dc3126a7c4b7d6916d025495683eb069"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
gj_hqzHrmV5PvE_UOLRU30ryvppvqsuYf7DTNC5ylNmAKU3RfBMkGQ==
O0vk4vqJEeWVlAY3v_uBow.json
entitlements.jwplayer.com/ 		69 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/O0vk4vqJEeWVlAY3v_uBow.json
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/zhNYySv2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.228 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79DE) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
last-modified
Wed, 28 Jun 2023 15:19:15 GMT
server
ECAcc (nya/79DE)
age
9615
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=15060
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123120
x-xss-protection
0
expires
Wed, 28 Jun 2023 17:59:30 GMT
px.gif
ad-delivery.net/ 		43 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5765527509139456&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1168985
x-guploader-uploadid
ADPycdtT-jMQs3TzpCNRS_EwjmGHjWlkWdMFi61qFLIKTmxPXZZhhR7iSxKtL-ERmeiqjQHObJTmXuAQ6jUAwDEQI2pxKsTxjFXF
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfTsEp9xU%2BRGWJB9sx7%2Bg60NE4qCb%2FJ%2FY3S1fhe3Hkb7VtXk6pFco3ix84VE7v1UmmG6Kx2mVRlX%2Ba8OclyQAoJq3U2rzNc9sU%2F%2BoHfpKLnm%2B6NO8hn%2BT0QqTeiH9Rwlgq4SxM3aoZ2Um1v2KA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7de7d2efefc2c354-EWR
expires
Thu, 15 Jun 2023 05:52:24 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5765527509139456&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 16:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6359
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 16:13:31 GMT
state
api.btloader.com/mw/ 		0
11 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:30 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9193498375129663
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1168985
x-guploader-uploadid
ADPycdtT-jMQs3TzpCNRS_EwjmGHjWlkWdMFi61qFLIKTmxPXZZhhR7iSxKtL-ERmeiqjQHObJTmXuAQ6jUAwDEQI2pxKsTxjFXF
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8Ff8YsHv%2BSWKp6uNQgpAAp7GQ38j7Vaxc6TqlflHUdYb1iSHZ%2FXiJY4O1b5PxhTtN6ryOyKYPEMqcn5QKS%2B53wnTsXX775LM5TPRs3Zkbs1eYTz7YJhN2EMvLUO6OyWgbWrqwxAhE58uPII%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7de7d2efefc4c354-EWR
expires
Thu, 15 Jun 2023 05:52:24 GMT
ats.js
ats-wrapper.privacymanager.io/ats-modules/203c5630-063a-436d-a993-93f086abd5bc/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/203c5630-063a-436d-a993-93f086abd5bc/ats.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-78.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e152d1c4cd44c5acae66aee40da3d96d762a545172cdb379e0f380cec0b08c27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:13:26 GMT
x-amz-version-id
CUBYp_VRU6vAIG.gwspuZ3HqF5yNMXWe
content-encoding
gzip
last-modified
Mon, 29 May 2023 11:02:57 GMT
server
AmazonS3
via
1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"a3ca8e02b5b3991f80d89e18dfe2bc0d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
age
2765
x-amz-cf-id
-OxXdvBVo-DUV2TNrsQp-yknDroc7eV23_ZJ9XYio9c9Fflyf68jZw==
/
onetag-geo.s-onetag.com/ 		50 B
455 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-78.jfk51.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 06:58:51 GMT
via
1.1 a85e1510327226089dfd77f1b1c39ad8.cloudfront.net (CloudFront), 1.1 77699b215ba027ad60872ff7339255fc.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK51-C1
age
39639
x-amzn-requestid
2756f376-362c-420d-94da-55cb9501b09a
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
HN8GyH82CYcFyhw=
content-length
50
x-amz-cf-id
a5wA6cm4KyakO-p3e0wYU3d2EszzSl9em7LxeelzZDCCSOIFMLOdVQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-6.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 6377b6d44129cf483b7fc47ee1f9b05c.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 01:17:05 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
60146
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
RkgI3wVXqrStKlmDk7c0_pZtORcLRWxQ4DiEhuKUJ-KHEX-vyel4fg==
%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F
signal-segments.s-onetag.com/desktop/www.usmagazine.com/ 		57 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.usmagazine.com/%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-76.ewr53.r.cloudfront.net
Software
/
Resource Hash
3a535cb1bedcf8e7e8d2b018cdc9ed814370392ad3e35df02758a4daf04deae6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 15:04:05 GMT
content-encoding
gzip
via
1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
age
10525
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
HmEji1ylN2o5--aby9VzqFH3r7WbZs82VhGZnzDg-8n72ej3nfuT1w==
apigw-requestid
HPDL6iZsiYcEJaQ=
www.usmagazine.com
signal-segments.s-onetag.com/desktop/ 		57 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.usmagazine.com
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-76.ewr53.r.cloudfront.net
Software
/
Resource Hash
a196b3fb2b82982736e1b040d6221fb1f1e4d563e10d9b46060714f255868f76

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:11:46 GMT
content-encoding
gzip
via
1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
age
38864
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
Tczr4Yl0xlXlIuknZACUOaB7k65zoYXPmbelZjRyV8nSJebNNOCx2Q==
apigw-requestid
HN9_5gSiiYcEJzQ=
request
socialcanvas-api.kargo.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-api.kargo.com/v2/request
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.132.99.154 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-99-154.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:30 GMT
Server
nginx/1.22.1
Vary
Access-Control-Request-Headers
X-Powered-By
Express
request
socialcanvas-api.kargo.com/v2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-api.kargo.com/v2/request
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.132.99.154 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-99-154.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
ede6f0c703d46c0990980b4ca9e54a12d5cfac28193e68391d0a62b0426ee80b

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/json

Response headers

Date
Wed, 28 Jun 2023 17:59:30 GMT
Server
nginx/1.22.1
X-Powered-By
Express
ETag
W/"693-99cjwOe3ZjXy3Jnudzy9I91KXk8"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1683
scpb.js
socialcanvas-cdn.kargo.com/js/ 		271 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-cdn.kargo.com/js/scpb.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:2400:13:6a46:aa00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6cf3bf775d68a1ca2cf2017fab25029316f54d60457afad1afcc3f38bb98d41

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 23:43:12 GMT
content-encoding
br
via
1.1 5a7cb2ecf8796fdcba2be8ec618e67a8.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 19:27:24 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
age
65779
etag
W/"4102c8de7c45dc9353378b8f31a06708"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
bh025fSmGvcUnfmDUFauN8Uv4eDDS8w-4D9L1FJqr9SZocIvsJdYvw==
/
www.facebook.com/tr/ Frame 22E4 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.usmagazine.com
Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.usmagazine.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 17:59:30 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
trk.gif
jadserve.postrelease.com/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=9d9fcc47-cee6-459f-a00f-2f3e07fc0b24&ntv_a=AAAAAAAAAANiwRA&ntv_ht=AXWcZAA&ntv_fl=k0G_z1r7FnN_ey-t4aZSPI9AwWtc2D3n78uiMB5fWrhOp65ijhaATbZF-voXAUXLnCqdbUZmJSvOGApGTVT3kJrCgp8ozTauEUxUtaY792mgpd2j2LWapy8Mx_Y9NTGI3tSYBo8FhUzCFAJ-yNbwT8bnljbq5s-fO6xLhkGRwgtW_kKDoQ4VlM_h9MQrszAUySBa7MEtcRgb85zYCeAQ0tnUd81C8qGX-0qmoM-KJ68hz_6i5bVDcI8GvrphdM-2Voay3qzOFVWPoT2NBA-J5XwgLA5qgOy2Bn0BznRHUIUxXjdG6sVwhgWVyIYQ8ml7_pX8xtr9GKqJvWsBx0lTPw==&ord=1064626926&ntv_ift=0&prx_referrer=https%3A%2F%2Fnews.google.com%2F&ntv_it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:30 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		767 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3144&u=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&pr=https%3A%2F%2Fnews.google.com%2F&pid=ZEF10cQ9WrD9D&cb=0&ws=1600x1200&v=23.612.1758&t=600&slots=%5B%7B%22sd%22%3A%22leader1%22%2C%22s%22%3A%5B%221x1%22%2C%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F4216%2Fusweekly%2Fleader1%2Farticle%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060fki6dhja8hebk9cd86ea6jbcha76d68hoyu0kswe4smgy6ik40me0wgise20k0%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
3b7b89708da0943a17347e8fb3d15a82d489494a81587651e77aaddf68a63ef5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
CJV371C1YJ5REB44R0MX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
767
x-amz-cf-id
ugbVPrSCP4bsmXbNKG2n-oSD8ATdvlSo9AoJRdZylNE708y7a5oCgw==
pub
pixel.adsafeprotected.com/services/ 		522 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928572&slot=%7Bid:sh-post-bottom,ss:%5B1.1%5D,p:/4216/usweekly/sh-post-bottom/article,t:display%7D&slot=%7Bid:leader1,ss:%5B1.1,728.90,970.90,970.250%5D,p:/4216/usweekly/leader1/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=fd2ca3de-213c-785b-9eed-5aa4b19fd6f1&url=https%253A%252F%252Fwww.usmagazine.com%252Fcelebrity-moms%252Fnews%252Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%252F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
19c12d23332a32b39129ada61fd198b08231c06333ada44bbd0c1ebc62c59ede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
server
nginx
x-server-name
app02.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		403 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928572&slot=%7Bid:interSpot,ss:%5B1.1%5D,p:/4216/usweekly/interstitial/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=fd2ca3de-213c-785b-9eed-5aa4b19fd6f1&url=https%253A%252F%252Fwww.usmagazine.com%252Fcelebrity-moms%252Fnews%252Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%252F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e30363ff547d3bb40b8ffc444ceaf283e93661db23188bfb24d37f5ac3ab4aa9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
server
nginx
x-server-name
app03.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/ 		413 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928572&slot=%7Bid:equity-ad,ss:%5B300.250,1.1%5D,p:/4216/Equity/USW/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=fd2ca3de-213c-785b-9eed-5aa4b19fd6f1&url=https%253A%252F%252Fwww.usmagazine.com%252Fcelebrity-moms%252Fnews%252Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%252F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
73a1ec65e2fb6eb0350bfc44e73a966b511a4bfaca52fd64433b715fabff370e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
server
nginx
x-server-name
app22.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		763 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3144&u=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&pr=https%3A%2F%2Fnews.google.com%2F&pid=ZEF10cQ9WrD9D&cb=1&ws=1600x1200&v=23.612.1758&t=600&slots=%5B%7B%22sd%22%3A%22rr1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F4216%2Fusweekly%2Frr1%2Farticle%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060fki6dhja8hebk9cd86ea6jbcha76d68hoyu0kswe4smgy6ik40me0wgise20k0%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a0decad33b1f683155f1484948c86d6f1551e4e625cb4d41684eb4a4f95219f0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
424PWHEWYKQEFTE1E44B
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
763
x-amz-cf-id
nF6BllmbqwyxJOcBmXd2q3D5NYPZvZXR84nLeyNn2wEC2uKoeLxaow==
pub
pixel.adsafeprotected.com/services/ 		407 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928572&slot=%7Bid:rr1,ss:%5B1.1,160.600,300.250,300.600%5D,p:/4216/usweekly/rr1/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=fd2ca3de-213c-785b-9eed-5aa4b19fd6f1&url=https%253A%252F%252Fwww.usmagazine.com%252Fcelebrity-moms%252Fnews%252Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%252F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e54612891b354f884821d0f709479dddf2dbe1aa3ae29293eed8b11643f8f50e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
server
nginx
x-server-name
app10.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3144&u=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&pr=https%3A%2F%2Fnews.google.com%2F&pid=ZEF10cQ9WrD9D&cb=2&ws=1600x1200&v=23.612.1758&t=600&slots=%5B%7B%22sd%22%3A%22rr2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F4216%2Fusweekly%2Frr2%2Farticle%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060fki6dhja8hebk9cd86ea6jbcha76d68hoyu0kswe4smgy6ik40me0wgise20k0%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
94ef0abc5bb0cdfe39572037b537179b1cefa88b521c907a6247ea6b32327ca9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
DHFMVFX9NPJ8N1AWWANC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1064
x-amz-cf-id
EsFIXOD4cwlowQBADvRBsaIwR6lnHFNKi7nTS5_5Gc9Gy4psUILyTw==
pub
pixel.adsafeprotected.com/services/ 		317 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928572&slot=%7Bid:rr2,ss:%5B1.1,160.600,300.250,300.600%5D,p:/4216/usweekly/rr2/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=fd2ca3de-213c-785b-9eed-5aa4b19fd6f1&url=https%253A%252F%252Fwww.usmagazine.com%252Fcelebrity-moms%252Fnews%252Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%252F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
df4af4b635031596881f58d6489335855fa61bcce6660e8748d276257c4e6f70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
server
nginx
x-server-name
app12.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		779 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3144&u=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&pr=https%3A%2F%2Fnews.google.com%2F&pid=ZEF10cQ9WrD9D&cb=3&ws=1600x1200&v=23.612.1758&t=600&slots=%5B%7B%22sd%22%3A%22article-inline-box1%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F4216%2Fusweekly%2Finline-box1%2Farticle%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060fki6dhja8hebk9cd86ea6jbcha76d68hoyu0kswe4smgy6ik40me0wgise20k0%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
25d9268844d50f26bf390855401329d33d1d450a238d67bd37e29685aef3361b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
5VHRQJS7A2T863VWJZEX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
779
x-amz-cf-id
zvSQal8lXQPkr2ck-3ecDOc7xUCA5ORn1K2D-9Y0Plch6M-9itiJVQ==
pub
pixel.adsafeprotected.com/services/ 		436 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928572&slot=%7Bid:article-inline-box1,ss:%5B1.1,300.250%5D,p:/4216/usweekly/inline-box1/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=fd2ca3de-213c-785b-9eed-5aa4b19fd6f1&url=https%253A%252F%252Fwww.usmagazine.com%252Fcelebrity-moms%252Fnews%252Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%252F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e5e3bf95b7dcb24cbb720c69f32bbc281240d57ae58d2f73852985584b07805c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
server
nginx
x-server-name
app25.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
3328688
api-2-0.spot.im/v1.0.0/config/ab_test/sp_uQNsaV6x/ 		135 B
903 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_uQNsaV6x/3328688
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
87e5554d3467cbe23422ada58ad102c91c1810a55a1eae74861fb27bfde7f9e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json
Referer
https://www.usmagazine.com/
x-spotim-device-uuid
1626bb97-12a4-49dc-9a98-d8cb7989422f
x-spotim-page-view-id
da2488c9-b862-4696-b545-bb2a10f4bae8
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
content-length
135
x-request-id
8812de3e-15dd-11ee-9606-529d01d51cc8
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
x-amz-cf-id
jQXfS1ZwwYS5yzrqtY7miU6oO69MAXEBA_iEg1on-JE3GSJDzOITlQ==
3328688
api-2-0.spot.im/v1.0.0/config/ab_test/sp_uQNsaV6x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_uQNsaV6x/3328688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-22.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.usmagazine.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Wed, 28 Jun 2023 17:59:30 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
x-amz-cf-id
zGuEhZSY1GJ2gP1T2heXOCqV_FH4CgpMFTXSkDwCeqsmi14C70psMg==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
Kargo-Sync.js
storage.cloud.kargo.com/ad/network/tag/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.cloud.kargo.com/ad/network/tag/Kargo-Sync.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.143.136 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-29-143-136.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e1cde2a489ae53f665118ce7aa129f83163b30de1fbf811cbee82e77a4476b55

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
x-amz-version-id
Aeszivy9Q91toiT9kEakq88nNArBRP57
content-encoding
gzip
date
Wed, 28 Jun 2023 17:59:31 GMT
x-amz-request-id
GSNV5M7RNF77TP7T
x-amz-replication-status
COMPLETED
content-length
10732
x-amz-id-2
8qRkUxPRWq22k8FseZjYaK+1GGqUuPkfPsRLnuS7+1oxv0NURXoqTRrJ/vEAZITciXYlMYcSdC4=
last-modified
Tue, 13 Apr 2021 18:14:14 GMT
server
AmazonS3
etag
"29de28e4a5e73062bb4ee6e98833ac9f"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
1005
jadserve.postrelease.com/suid/ Frame 9161
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16156&khaos=LJG0U0S1-Q-EBQ2
  • https://jadserve.postrelease.com/suid/1005?vk=LJG0U0S1-Q-EBQ2
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1005?vk=LJG0U0S1-Q-EBQ2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Protocol
H2
Server
3.232.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-217-213.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:32 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://jadserve.postrelease.com/suid/1005?vk=LJG0U0S1-Q-EBQ2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		536 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9294&site_id=152230&zone_id=2111026&size_id=55&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=e5ee6760-c42f-46f3-be38-028b090d393e%5E1&rf=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&tg_i.domain=usmagazine.com&tg_i.page=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&tg_i.ref=https%3A%2F%2Fnews.google.com%2F&tg_i.aupname=%2F4216%2Fusweekly%2Fleader1&tg_i.pbadslot=%2F4216%2Fusweekly%2Fleader1%2Farticle&tk_flint=dmpbjs_v7.50.0&x_source.tid=d8cb63dd-bc1e-4c0e-9a1c-4c3aa632cce0&l_pb_bid_id=269ba40d287b81&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d8cb63dd-bc1e-4c0e-9a1c-4c3aa632cce0&rp_maxbids=1&p_gpid=%2F4216%2Fusweekly%2Fleader1%2Farticle&slots=1&rand=0.7184768773498547
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
18c85373274f1433d91b126e3f727f53cf889ab6805dff580b63bd0fe875de4e

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
536
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-197-46.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 28 Jun 2023 17:59:31 GMT
c
prebid.a-mo.net/a/ 		361 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
1c23e0533c3e0622263b19f506a855975a9207865d4b487cccadd6d73e9ef07a

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
42
content-length
233
cdb
bidder.criteo.com/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.50.0&cb=27370045006&lsavail=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.usmagazine.com
date
Wed, 28 Jun 2023 17:59:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
a360
direct.adsrvr.org/bid/bidder/ 		0
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/a360
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
bid-request
a.teads.tv/hb/ 		16 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-197-46.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 28 Jun 2023 17:59:31 GMT
prebid
krk2.kargo.com/api/v1/ 		2 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-67-70.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9294&site_id=152230&zone_id=928124&size_id=15&alt_size_ids=9%2C10&us_privacy=1---&eid_pubcid.org=e5ee6760-c42f-46f3-be38-028b090d393e%5E1&rf=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&tg_i.domain=usmagazine.com&tg_i.page=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&tg_i.ref=https%3A%2F%2Fnews.google.com%2F&tg_i.aupname=%2F4216%2Fusweekly%2Frr.*&tg_i.pbadslot=%2F4216%2Fusweekly%2Frr1%2Farticle&tk_flint=dmpbjs_v7.50.0&x_source.tid=368f0f20-cae5-4c52-84f8-192eef7f8739&l_pb_bid_id=16cc8f0ce6f7e8e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=368f0f20-cae5-4c52-84f8-192eef7f8739&rp_maxbids=1&p_gpid=%2F4216%2Fusweekly%2Frr1%2Farticle&slots=1&rand=0.2202191937723157
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
36f8a0ae1bec24ed10894c9800a655f9a36398f2c730f03d71e931b328ab7f7a

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.50.0&cb=61119893148&lsavail=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.usmagazine.com
date
Wed, 28 Jun 2023 17:59:30 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
c
prebid.a-mo.net/a/ 		361 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
6347b46416bb85c4f2a1d82f1eb64ff8630baad77f4ffbe2d6bcbf92e071006f

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
80
content-length
232
a360
direct.adsrvr.org/bid/bidder/ 		0
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/a360
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		530 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9294&site_id=152230&zone_id=928124&size_id=15&alt_size_ids=9%2C10&us_privacy=1---&eid_pubcid.org=e5ee6760-c42f-46f3-be38-028b090d393e%5E1&rf=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&tg_i.domain=usmagazine.com&tg_i.page=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&tg_i.ref=https%3A%2F%2Fnews.google.com%2F&tg_i.aupname=%2F4216%2Fusweekly%2Frr.*&tg_i.pbadslot=%2F4216%2Fusweekly%2Frr2%2Farticle&tk_flint=dmpbjs_v7.50.0&x_source.tid=5b413bee-60a4-452e-9582-7b20a6dc4d9b&l_pb_bid_id=24663546d251f83&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5b413bee-60a4-452e-9582-7b20a6dc4d9b&rp_maxbids=1&p_gpid=%2F4216%2Fusweekly%2Frr2%2Farticle&slots=1&rand=0.285599817036881
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d3e0798256b7ceb7ccc52c03d90a16989050d6bfde7b5ebeec4b904effa84f40

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
530
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		416 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-197-46.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1ae5ea925fe441729e78e9a5feb6931da0b5e8ddb4db4c6bb3d7776790d44751

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
307
expires
Wed, 28 Jun 2023 17:59:31 GMT
cdb
bidder.criteo.com/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.50.0&cb=85627956678&lsavail=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.usmagazine.com
date
Wed, 28 Jun 2023 17:59:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
c
prebid.a-mo.net/a/ 		361 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
14a54249ab180703194bc56085f4a313fddeb7d820f9d3a31bf2f4fa9fa6479b

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
99
content-length
233
prebid
krk2.kargo.com/api/v1/ 		2 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-67-70.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
a360
direct.adsrvr.org/bid/bidder/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/a360
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5d851da1639cfecaf4c3b5ee1daa501f6248d7c27c5478f0b8206bfe11f3e1dd

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:30 GMT
content-encoding
gzip
x-openrtb-version
2.3
server
Kestrel
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
fastlane.json
fastlane.rubiconproject.com/a/api/ 		524 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9294&site_id=152230&zone_id=928128&size_id=15&us_privacy=1---&eid_pubcid.org=e5ee6760-c42f-46f3-be38-028b090d393e%5E1&rf=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&tg_i.domain=usmagazine.com&tg_i.page=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&tg_i.ref=https%3A%2F%2Fnews.google.com%2F&tg_i.aupname=%2F4216%2Fusweekly%2Finline-box.*&tg_i.pbadslot=%2F4216%2Fusweekly%2Finline-box1%2Farticle&tk_flint=dmpbjs_v7.50.0&x_source.tid=9bc6b11e-98d7-40ef-98bc-e1e15d9d2b86&l_pb_bid_id=36c20f7a7550e6c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=9bc6b11e-98d7-40ef-98bc-e1e15d9d2b86&rp_maxbids=1&p_gpid=%2F4216%2Fusweekly%2Finline-box1%2Farticle&slots=1&rand=0.10708817770524148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ae00cc89b8dae9aa8400ca5927bbb322782e4517ae4d0731e18cadd52a4e63fe

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
524
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.50.0&cb=70543659404&lsavail=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.usmagazine.com
date
Wed, 28 Jun 2023 17:59:30 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid-request
a.teads.tv/hb/ 		412 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-197-46.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05c7913bcbb5f81dacced8e4c00cc94e85d84c47aa679b9d1a870a1a981cc11d

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
303
expires
Wed, 28 Jun 2023 17:59:31 GMT
a360
direct.adsrvr.org/bid/bidder/ 		0
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/a360
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
prebid
krk2.kargo.com/api/v1/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-67-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
505
vary
Accept-Encoding
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 UTC
c
prebid.a-mo.net/a/ 		361 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e575ab6b2773545da04f52ac701c0c01691eb65ba26bf786a1afc414949d8e62

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
99
content-length
233
bid
aax.amazon-adsystem.com/e/dtb/ 		738 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3144&u=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&pr=https%3A%2F%2Fnews.google.com%2F&pid=ZEF10cQ9WrD9D&cb=4&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22id%22%3A%22%2F4216%2Fusweekly%2Fpreroll%22%2C%22mt%22%3A%22v%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060fki6dhja8hebk9cd86ea6jbcha76d68hoyu0kswe4smgy6ik40me0wgise20k0%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
1b1c362751e78dec2bd169ba57978cd6c847dcd7d0c2a4746ab3c66abd00cb02
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
K21FXRJ85QEKBW4E9S9D
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
738
x-amz-cf-id
TPR5rxCTmqw_ygGfTrG8DOG_6F4PyCr_qQeSy3G2Hi_MioWDvDt_sQ==
video_info
context.iris.tv/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=nvonvsnnlg8c&platform_id=RdEySYYI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-120.ewr53.r.cloudfront.net
Software
Zer01ne /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:50:18 GMT
via
1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
response
Unable to find data
server
Zer01ne
x-amz-cf-pop
EWR53-C3
age
553
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
max-age=800, stale-while-revalidate=600, stale-if-error=600
x-robots-tag
noindex, follow
x-amz-cf-id
6Dfc1JTanEKa1PCyZZ8HKddKcVJg9r5oHuZLCpPpurl3DmVPhoh-3A==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
ea476eb18681075efde6190dbe533f6a0d94e40d620b14c73b12f4253fd668bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.usmagazine.com
date
Wed, 28 Jun 2023 17:59:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
main-v2_450096c4d4c0d6027cf4e54e109e15c5.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		578 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_450096c4d4c0d6027cf4e54e109e15c5.br.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
013ff0309bc604cb053ae7a442822035657cba92dc9d2fdbaf8e5a4bf467aff0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:50:30 GMT
content-encoding
br
age
36541
x-guploader-uploadid
ADPycduk-oZ-GH-BKxPvTa5gGT2BHa-Dguv8HOrLjvBpzqwNc68Gd9GdiosC8uSuDF2TN_X4H2ZMaeA1o9Yb2YvBe6ZIEg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113967
last-modified
Mon, 26 Jun 2023 17:32:27 GMT
server
UploadServer
etag
"e60ccc7d5f52bf6185d362449fca93c2"
x-goog-generation
1687800747187102
x-goog-hash
crc32c=Z5sBYQ==, md5=5gzMfV9Sv2GF02JEn8qTwg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
113967
accept-ranges
bytes
content-type
text/javascript
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.usmagazine.com
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4313694890951919&correlator=3595735822364215&eid=31075705&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=4216%2Cusweekly%2Cinterstitial%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=1968788593&sfv=1-0-40&prev_scp=divID%3DinterSpot%26pos%3DinterSpot%26refresh_count%3D0%26id%3D8801d091-15dd-11ee-9e95-028169c47751%26vw%3D40%2C50%26grm%3D40%2C50&eri=1&cust_params=permutive%3D%26category%3Dcelebrity-moms%26ctype%3Darticle%26hub%3D%26topic%3Dcelebrity%252Ccelebrity%2520dads%252CCelebrity%2520Kids%252Ccelebrity%2520moms%252Ccelebrity%2520news%252CChris%2520Martin%252CGwyneth%2520Paltrow%252CNews%26kw%3D%26pid%3D3328688%26pos%3D%26sponsor%3D%26env%3Dproduction%26hum%3Dcelebrity%2520families%252Ccelebrity%2520relationships%252Cpop%2520culture%26retailers%3D%26referrer%3Dnews_google_com%26rules%3Darticle%26pageview_count%3D1%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3005195_PG%252CIAS_3005109_PG%252CIAS_3007987_PG%252CIAS_3008629_PG%252CIAS_1507473_PG%252CIAS_3005169_PG%252CIAS_3008630_PG%252CIAS_3005155_PG&ppid=ZrgukCXG7eSdV3AeaM2eTmDUHcQOHjPy&sc=1&cookie_enabled=1&abxe=1&dt=1687975171602&lmt=1687975171&dlt=1687975168203&idt=1908&adxs=0&adys=14209&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&ref=https%3A%2F%2Fnews.google.com%2F&frm=20&vis=1&psz=1600x14209&msz=1600x0&fws=0&ohw=0&ga_vid=730203721.1687975169&ga_sid=1687975172&ga_hid=266989181&ga_fc=true&ga_cid=450072351.1687975169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca424c4dfba0851c239d35903fc823afa34542f416b2412c590922080d6afd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12567
x-xss-protection
0
google-lineitem-id
5692923351
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138349712489
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306270101&st=env
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69914dddff8854c548eb2501afdf40a6077695f886c554af67d7d7332a1f293a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12676
x-xss-protection
0
container.html
877745acab893034cef8127367b52c02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0E0A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://877745acab893034cef8127367b52c02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 17:59:31 GMT
expires
Thu, 27 Jun 2024 17:59:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame 9161
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/N0YZdsRUCxxY8LxRX6rbiw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VaCkPJtE2oJIl2i9NkGQ2VAjpp7DqyGnvPheow--~A
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VaCkPJtE2oJIl2i9NkGQ2VAjpp7DqyGnvPheow--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 28 Jun 2023 17:59:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VaCkPJtE2oJIl2i9NkGQ2VAjpp7DqyGnvPheow--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 9161
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJG0U0S1-Q-EBQ2
0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJG0U0S1-Q-EBQ2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: CD3F0591A3424A1491E39C07038887B2 Ref B: EWR311000103051 Ref C: 2023-06-28T17:59:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX/NFiNJXovMpwuX8GGRw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJG0U0S1-Q-EBQ2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9161
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEParF2U7z69OqlqIvT9sqVY&google_cver=1
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEParF2U7z69OqlqIvT9sqVY&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEParF2U7z69OqlqIvT9sqVY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9161
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8caea125-1332-49dd-b4e8-4c16d2f9f136&gdpr=0&gdpr_consent=&expires=30
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8caea125-1332-49dd-b4e8-4c16d2f9f136&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8caea125-1332-49dd-b4e8-4c16d2f9f136&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 9161
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=g3EMusOiSB-mfci-L2dgnw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=g3EMusOiSB-mfci-L2dgnw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=g3EMusOiSB-mfci-L2dgnw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RFJQYZ743M1PJVS4K1C6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=g3EMusOiSB-mfci-L2dgnw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9161
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmQ0NjY5OTliZGExZDljNzU1NmI0YjNkZTljODQwYWQyYmMzYTRkZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmQ0NjY5OTliZGExZDljNzU1NmI0YjNkZTljODQwYWQyYmMzYTRkZQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Protocol
H3
Server
142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmQ0NjY5OTliZGExZDljNzU1NmI0YjNkZTljODQwYWQyYmMzYTRkZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9161
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Protocol
HTTP/1.1
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HWX9V4S8S3ZNHZ053V7N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SQ96TAZ55F8DAF2M3Y3B
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9161
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpHMFUwUzEtUS1FQlEy
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ1AmbVq_QBy7de_akcDIK0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpHMFUwUzEtUS1FQlEy&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpHMFUwUzEtUS1FQlEy&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16156&endpoint=us-east
Protocol
H3
Server
142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpHMFUwUzEtUS1FQlEy&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Expires
0
segment
api.permutive.com/adv/v2/ 		14 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:31 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
stats
bc.usmagazine.com/rest/recommendations/ 		14 B
850 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/rest/recommendations/stats?storeId=a7149005-ccde-4b0f-ad83-ba3818f8fcb9&action=view&itemId=3328688&url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&profileId=9b294aa7-adf6-454e-abec-c4c3ac8ed456&isEntrypage=true&hash=7432b65d3cd01212787b5d4f681bf2af&lastmodified=1687964605000&referer=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&&callback=bc_json333
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
8047420d57bc3576f145702270c4bc4d65983fd10a760d11b9b5b824a19502b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
34
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
text/javascript;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
x-amz-cf-id
VFer_k4r_yvUavq1LcNpFbTKdX0mf1nT-9kPAewpoKzOgE5UKH6-xg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
330
bc.usmagazine.com/DG/DEFAULT/rest/rpc/ 		562 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/DG/DEFAULT/rest/rpc/330?referer=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&bcsessionid=9b294aa7-adf6-454e-abec-c4c3ac8ed456&bctempid=&overruleReferrer=&time=2023-06-28T17%3A59%3A31%2B00%3A00&ts=1687975171957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
709c6d379bde5564074d8282fab5607363f0919a5a59f39c6bf022dd45e9842e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
181
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
cZQWzixYaMlD0LW8-p22viPdd4lggiG6z14r6FyudGtxV7Cg6rrM0Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
330
bc.usmagazine.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/DG/DEFAULT/rest/rpc/330?referer=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&bcsessionid=9b294aa7-adf6-454e-abec-c4c3ac8ed456&bctempid=&overruleReferrer=&time=2023-06-28T17%3A59%3A31%2B00%3A00&ts=1687975171959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
d43bc12297964e6b137a49a7869a15413adff28a9823e2bbc97315395fd5c442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
168
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Co-hSuBf0rw6-9ACNgznpw-v-dlyO6MIlF2Vn5iJGK7ZYmVHT7509w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=266989181&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&dr=https%3A%2F%2Fnews.google.com%2F&ul=en-us&de=UTF-8&dt=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&el=notdefined&_u=aGDAAEIZAAAAACAMI~&jid=133539202&gjid=86680890&cid=730203721.1687975169&tid=%5Bobject%20Object%5D&_gid=450072351.1687975169&_r=1&_slc=1&gtm=45He36q0n81W458SDT&cd24=USW%20visitors%20without%20email%2Cno%20email%20address%2CA360%20only%2CVisitors%20not%20in%20segment%20%22Known%20Visitors%22%2CAll%20visitors%2C%5BGeorge%5D%20Total%20active%20users%20USW%2C%5BBC%20Dev%5D%20Visited%20US%20Weekly%2CEntertainment%20Visitors%2Centered%20via%20USW%20welcome%20page%2CAll%20Visitors%2CEmail%20Domains%2CVisitors%20not%20in%20segment%20%22Landed%20through%20campaign%22&z=386040095
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
330
bc.usmagazine.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/DG/DEFAULT/rest/rpc/330?referer=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&bcsessionid=9b294aa7-adf6-454e-abec-c4c3ac8ed456&bctempid=&overruleReferrer=&time=2023-06-28T17%3A59%3A31%2B00%3A00&ts=1687975171978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
255820e1d5022ecb0f8a1c02433bccc07ff01736035c658aa07a08a62222bb4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
168
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
ddupZtC3_aOqZiyb3S9Fz9s5G94heA1tp3FE8B8VFGN4RgRFPMZN-A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
330
bc.usmagazine.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/DG/DEFAULT/rest/rpc/330?referer=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&bcsessionid=9b294aa7-adf6-454e-abec-c4c3ac8ed456&bctempid=&overruleReferrer=&time=2023-06-28T17%3A59%3A31%2B00%3A00&ts=1687975171983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
063bd2aa55cf83a0fd0c74fbc550accc8d60961fb84a45b511db087e380445c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
168
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
jinp0nOgXhXSMimKT24wuS39JIEzPWq0lFVnwTTCoqXjnNmgfLEKMg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
330
bc.usmagazine.com/DG/DEFAULT/rest/rpc/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/DG/DEFAULT/rest/rpc/330?referer=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&bcsessionid=9b294aa7-adf6-454e-abec-c4c3ac8ed456&bctempid=&overruleReferrer=&time=2023-06-28T17%3A59%3A31%2B00%3A00&ts=1687975171986
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
72b7dee345e2fe530d7f6a884ea33ea4100c1c115d6ce47609ba3bf0673ea1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1590
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
5Bvh6KvwIUgJdOH5jzOVtstn-kw2M0QdExMmeSZ4ywmK6GJcua_jgw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		50 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-78.jfk51.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 06:58:51 GMT
via
1.1 a85e1510327226089dfd77f1b1c39ad8.cloudfront.net (CloudFront), 1.1 77699b215ba027ad60872ff7339255fc.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK51-C1
age
39641
x-amzn-requestid
2756f376-362c-420d-94da-55cb9501b09a
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
HN8GyH82CYcFyhw=
content-length
50
x-amz-cf-id
QhEf6W81crVvegoFQhXImcqjIxii6D5py9xOGgil-X7zgTzWZpNEUg==
iu3
s.amazon-adsystem.com/ Frame 893E 		417 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
afa307c7c022d1da11c2e46078362a9bfd56e006ea5bfbd45f55d1d9505bcf17
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
417
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 28 Jun 2023 17:59:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
S6MXFNS7EZPTEQ9G7SQF
ads
securepubads.g.doubleclick.net/gampad/ 		797 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4313694890951919&correlator=2050124317184720&eid=31075705&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=4216%2CEquity%2CUSW%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C1x1&ifi=2&adks=1974599928&sfv=1-0-40&prev_scp=divID%3Dequity-ad%26pos%3Dequity-ad%26refresh_count%3D0%26id%3D8800e6be-15dd-11ee-8391-0a7defb34d9d%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60&eri=1&cust_params=permutive%3Drts%26category%3Dcelebrity-moms%26ctype%3Darticle%26hub%3D%26topic%3Dcelebrity%252Ccelebrity%2520dads%252CCelebrity%2520Kids%252Ccelebrity%2520moms%252Ccelebrity%2520news%252CChris%2520Martin%252CGwyneth%2520Paltrow%252CNews%26kw%3D%26pid%3D3328688%26pos%3D%26sponsor%3D%26env%3Dproduction%26hum%3Dcelebrity%2520families%252Ccelebrity%2520relationships%252Cpop%2520culture%26retailers%3D%26referrer%3Dnews_google_com%26rules%3Darticle%26pageview_count%3D1%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3005195_PG%252CIAS_3005109_PG%252CIAS_3007987_PG%252CIAS_3008629_PG%252CIAS_1507473_PG%252CIAS_3005169_PG%252CIAS_3008630_PG%252CIAS_3005155_PG%26prmtvsdk%3Dweb&ppid=ZrgukCXG7eSdV3AeaM2eTmDUHcQOHjPy&sc=1&cookie_enabled=1&abxe=1&dt=1687975172033&lmt=1687975172&dlt=1687975168203&idt=1908&adxs=1130&adys=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&ref=https%3A%2F%2Fnews.google.com%2F&frm=20&vis=1&psz=300x333&msz=300x50&fws=0&ohw=0&ga_vid=730203721.1687975169&ga_sid=1687975172&ga_hid=266989181&ga_fc=true&ga_cid=450072351.1687975169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72388a9d161248dc2c5203368aa7d1ad96b91272abf31ec315a5444f54c8d709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
368
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
39367
idx.liadm.com/idex/unknown/ 		54 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/unknown/39367?duid=93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.96.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-96-43.compute-1.amazonaws.com
Software
/
Resource Hash
0aa46f54167df659c3e29e3ef1d2235cde8e2a7a8aa6b4331209e990b5446c25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
3
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
trace-id
a5369de3ec1eee38
content-length
54
expires
Thu, 29 Jun 2023 17:59:32 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4313694890951919&correlator=2845616167247228&eid=31075705&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=4216%2Cusweekly%2Csh-post-bottom%2Carticle%2Cleader1&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F4%2F3&prev_iu_szs=320x50%7C1x1%2C1x1%7C728x90%7C970x90%7C970x250&fluid=height%2C0&ifi=3&adks=3259427404%2C2826284106&sfv=1-0-40&prev_scp=divID%3Dsh-post-bottom%26pos%3Dsh-post-bottom%26refresh_count%3D0%26ntvPlacement%3D1099896%26id%3D880022e4-15dd-11ee-aa6a-0ef05de99743%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%7CdivID%3Dleader1%26pos%3Dleader1%26refresh_count%3D0%26amznbid%3Dxeu58g%26amznp%3D1lcd4hs%26amzniid%3DJH-UluREV9j3aiIDTgNDAsgAAAGJAykUlwEAAAxIAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBJHJwW%26amznsz%3D970x250%26id%3D880022e5-15dd-11ee-aa6a-0ef05de99743%26vw%3D40%2C50%26grm%3D40%2C50&eri=1&cust_params=permutive%3Drts%26category%3Dcelebrity-moms%26ctype%3Darticle%26hub%3D%26topic%3Dcelebrity%252Ccelebrity%2520dads%252CCelebrity%2520Kids%252Ccelebrity%2520moms%252Ccelebrity%2520news%252CChris%2520Martin%252CGwyneth%2520Paltrow%252CNews%26kw%3D%26pid%3D3328688%26pos%3D%26sponsor%3D%26env%3Dproduction%26hum%3Dcelebrity%2520families%252Ccelebrity%2520relationships%252Cpop%2520culture%26retailers%3D%26referrer%3Dnews_google_com%26rules%3Darticle%26pageview_count%3D1%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3005195_PG%252CIAS_3005109_PG%252CIAS_3007987_PG%252CIAS_3008629_PG%252CIAS_1507473_PG%252CIAS_3005169_PG%252CIAS_3008630_PG%252CIAS_3005155_PG%26prmtvsdk%3Dweb&ppid=ZrgukCXG7eSdV3AeaM2eTmDUHcQOHjPy&sc=1&cookie_enabled=1&abxe=1&dt=1687975172094&lmt=1687975172&dlt=1687975168203&idt=1908&adxs=1130%2C436&adys=757%2C315&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&ref=https%3A%2F%2Fnews.google.com%2F&frm=20&vis=1&psz=300x15%7C1600x310&msz=300x0%7C1600x270&fws=0%2C0&ohw=0%2C0&ga_vid=730203721.1687975169&ga_sid=1687975172&ga_hid=266989181&ga_fc=true&ga_cid=450072351.1687975169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5ba18317a26209eaf1c79c8a97a603d06f02f747533fbb785a3b330e3c0d1e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12277
x-xss-protection
0
google-lineitem-id
-2,4532524456
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138221234125
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4313694890951919&correlator=2470064111165948&eid=31075705&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=4216%2Cusweekly%2Crr1%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600%7C160x600%7C1x1&ifi=5&adks=4046027892&sfv=1-0-40&prev_scp=divID%3Drr1%26pos%3Drr1%26refresh_count%3D0%26amznbid%3Dz2rpj4%26amznp%3D1lcd4hs%26amzniid%3DJF4_QcXRJoBpOHH70TE2ynUAAAGJAykUowEAAAxIAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAP-A8Z%26amznsz%3D300x600%26id%3D88009817-15dd-11ee-b7c6-029df53a8851%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.16%26hb_adid%3D497f50a1ff49a4a%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D0.16%26hb_adid_rubicon%3D497f50a1ff49a4a%26hb_bidder_rubicon%3Drubicon&eri=1&cust_params=permutive%3Drts%26category%3Dcelebrity-moms%26ctype%3Darticle%26hub%3D%26topic%3Dcelebrity%252Ccelebrity%2520dads%252CCelebrity%2520Kids%252Ccelebrity%2520moms%252Ccelebrity%2520news%252CChris%2520Martin%252CGwyneth%2520Paltrow%252CNews%26kw%3D%26pid%3D3328688%26pos%3D%26sponsor%3D%26env%3Dproduction%26hum%3Dcelebrity%2520families%252Ccelebrity%2520relationships%252Cpop%2520culture%26retailers%3D%26referrer%3Dnews_google_com%26rules%3Darticle%26pageview_count%3D1%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3005195_PG%252CIAS_3005109_PG%252CIAS_3007987_PG%252CIAS_3008629_PG%252CIAS_1507473_PG%252CIAS_3005169_PG%252CIAS_3008630_PG%252CIAS_3005155_PG%26prmtvsdk%3Dweb&ppid=ZrgukCXG7eSdV3AeaM2eTmDUHcQOHjPy&sc=1&cookie_enabled=1&abxe=1&dt=1687975172149&lmt=1687975172&dlt=1687975168203&idt=1908&adxs=1130&adys=897&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&ref=https%3A%2F%2Fnews.google.com%2F&frm=20&vis=1&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=730203721.1687975169&ga_sid=1687975172&ga_hid=266989181&ga_fc=true&ga_cid=450072351.1687975169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
688af7d9fdbbf90abc9f70f291e674e8e7b9114e2b8464f13400837274b650e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12228
x-xss-protection
0
google-lineitem-id
4532502385
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138221235455
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-12.ewr53.r.cloudfront.net
Software
/
Resource Hash
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 08:30:38 GMT
via
1.1 f2c051917a765f1d1a1cd2ce1622adb8.cloudfront.net (CloudFront), 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, EWR53-P1
age
34134
x-amzn-requestid
87ab7c22-581d-4aff-8973-ff7da627ee78
x-amzn-trace-id
Root=1-649befae-34c50ce24db783a134127b7e;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
HOJjPFoAjoEF8sw=
content-length
30
x-amz-cf-id
klV8yJiqFn7tvMjSApfVUTlSSRHX9k_KvpvDg7MnaN1ECslPmshPJw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
s.js
aa.agkn.com/adscores/ 		0
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/s.js?sid=9112319608
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-37.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:32 GMT
via
1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P3
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
x-amz-cf-id
reKzeX8tB8LeJzqJhQ9kPCSUPrWuChoOenAxerys_go1GBSW-38aeQ==
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4313694890951919&correlator=3373562826073295&eid=31075705&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=4216%2Cusweekly%2Cinline-box1%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C1x1%7C300x250&fluid=height&ifi=6&adks=3994014778&sfv=1-0-40&prev_scp=divID%3Darticle-inline-box1%26pos%3Darticle-inline-box1%26refresh_count%3D0%26amznbid%3Dz2rpj4%26amznp%3D1lcd4hs%26amzniid%3DJCyi6rGmqvH03cvyFTVCXYwAAAGJAykUWAEAAAxIAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBHP8SW%26amznsz%3D300x250%26id%3D8804ddcc-15dd-11ee-9373-0a44a7e95f5d%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%26hb_format_teads%3Dbanner%26hb_size_teads%3D1x1%26hb_pb_teads%3D0.80%26hb_adid_teads%3D50c52607b9966df%26hb_bidder_teads%3Dteads%26hb_format%3Dbanner%26hb_size%3D1x1%26hb_pb%3D0.80%26hb_adid%3D50c52607b9966df%26hb_bidder%3Dteads&eri=1&cust_params=permutive%3D49112%252Crts%26category%3Dcelebrity-moms%26ctype%3Darticle%26hub%3D%26topic%3Dcelebrity%252Ccelebrity%2520dads%252CCelebrity%2520Kids%252Ccelebrity%2520moms%252Ccelebrity%2520news%252CChris%2520Martin%252CGwyneth%2520Paltrow%252CNews%26kw%3D%26pid%3D3328688%26pos%3D%26sponsor%3D%26env%3Dproduction%26hum%3Dcelebrity%2520families%252Ccelebrity%2520relationships%252Cpop%2520culture%26retailers%3D%26referrer%3Dnews_google_com%26rules%3Darticle%26pageview_count%3D1%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3005195_PG%252CIAS_3005109_PG%252CIAS_3007987_PG%252CIAS_3008629_PG%252CIAS_1507473_PG%252CIAS_3005169_PG%252CIAS_3008630_PG%252CIAS_3005155_PG%26prmtvsdk%3Dweb&ppid=ZrgukCXG7eSdV3AeaM2eTmDUHcQOHjPy&sc=1&cookie_enabled=1&abxe=1&dt=1687975172268&lmt=1687975172&dlt=1687975168203&idt=1908&adxs=410&adys=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&ref=https%3A%2F%2Fnews.google.com%2F&frm=20&vis=1&psz=660x250&msz=660x50&fws=0&ohw=0&ga_vid=730203721.1687975169&ga_sid=1687975172&ga_hid=266989181&ga_fc=true&ga_cid=450072351.1687975169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98fc4afa487e00f0ef6b30c2f0c05dc6da57cf9922eec49be07683caef9271f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12269
x-xss-protection
0
google-lineitem-id
4533045107
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138221230549
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1036.json
id5-sync.com/g/v2/ 		600 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1036.json
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
7c23d7726d5c3f5b4da35ca3f8a200211510f7c213915069221a31134d1c0a95
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.usmagazine.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
Hy6JDxMR.vtt
assets-jpcust.jwpsrv.com/tracks/
Redirect Chain
  • https://content.jwplatform.com/tracks/Hy6JDxMR.vtt
  • https://assets-jpcust.jwpsrv.com/tracks/Hy6JDxMR.vtt
1 KB
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/tracks/Hy6JDxMR.vtt
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
64f3090c4c6f4ac8f613e32e5511970729f00f02feac3ced393208abb41d029a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
205
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
518
x-served-by
cache-iad-kiad7000129-IAD, cache-lga21961-LGA
last-modified
Tue, 22 Sep 2020 18:58:04 GMT
server
nginx
x-timer
S1687975173.033776,VS0,VE7
etag
"1c5e35028bc9323087f594723fa7fb19"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
172, 1

Redirect headers

date
Wed, 28 Jun 2023 17:59:32 GMT
via
1.1 6f9ef5ae165c9835aa6935d9fb7e2072.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/tracks/Hy6JDxMR.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
wdYdJUa-URUfviuxSD9C4pHThKfDhvjSmJZLSFe5HaTv30wR_iWoJA==
polyfills.webvtt.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/polyfills.webvtt.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c3f188460d3e015aaba1ccb040ea3122fbd632da4edab8aed3f57ee098bf87d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
via
1.1 varnish
age
726810
x-cache
HIT
content-length
4510
x-served-by
cache-lga21962-LGA
last-modified
Mon, 22 May 2023 06:27:31 GMT
server
AmazonS3
x-timer
S1687975172.312871,VS0,VE0
etag
"f40fecb5b0f59a9cae288c3498d8f653"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
35103
RdEySYYI-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://content.jwplatform.com/strips/RdEySYYI-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/RdEySYYI-120.vtt
1 KB
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/RdEySYYI-120.vtt
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b163f67515339cb3fceb62a38285f108d0dd9eff93f8e0d8f25d2f0620f0a82f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
205
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
274
x-served-by
cache-iad-kiad7000136-IAD, cache-lga21961-LGA
last-modified
Tue, 22 Sep 2020 18:50:41 GMT
server
nginx
x-timer
S1687975173.033759,VS0,VE14
etag
"589d587f6a371d1a7341665adee461fa"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
176, 1

Redirect headers

date
Wed, 28 Jun 2023 17:57:38 GMT
via
1.1 6f9ef5ae165c9835aa6935d9fb7e2072.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
age
114
x-cache
Hit from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/RdEySYYI-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
y00Qk-iMYOn0A2n6sRHhYb2vt5MKhB3odWEr6wmKvSQVih6CpWLwLw==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.cast.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1738256e6238da9bd89af13598c4534fbffd2f5f0fbe9f4af072785bdedba4b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
via
1.1 varnish
age
730470
x-cache
HIT
content-length
10036
x-served-by
cache-lga21962-LGA
last-modified
Mon, 22 May 2023 06:27:32 GMT
server
AmazonS3
x-timer
S1687975172.398958,VS0,VE0
etag
"e03a21ffb3c63b4a9468a0391bbe8d1e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
39616
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-973218759&e=e&n=7767636304914709&abc=0&abt=162_ad-iab-viewability_v4%2C128_sendDomainToFeedsOn&aid=O0vk4vqJEeWVlAY3v_uBow&amp=0&ask=oEq5AS75&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=3&emi=wpgm491aobvb&i=0&id=RdEySYYI&lid=1rhjtn916jzz&lsa=read&mt=1&pbd=1&pbr=1&pgi=19nsrn1kin58&ph=2&pid=zhNYySv2&pii=0&pl=371&plc=1&pli=pwszav1saogf&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&pu=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&pv=8.27.1&pyc=0&s=1&sdk=0&stc=1&stpe=1&t=Gwyneth%20Paltrow%20Says%20Coparenting%202%20Kids%20With%20Chris%20Martin%20Is%20%E2%80%98Harder%20Than%20It%20Looks%27%20&tv=3.42.2&vb=0&vi=0&vl=90&wd=660&ab=1&bpv=7.2.0&cae=0&cb=1&cdid=jwplayer_RdEySYYI_zhNYySv2_div&cme=0&dd=0&flc=1&fv=&ga=0&lng=en-US&mk=hls&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fmanifests%2FRdEySYYI.m3u8&pbc=1&pd=2&pdr=https%3A%2F%2Fnews.google.com%2F&plng=en-US&plt=500&pni=1&po=0&pogt=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22%23ec008c%22%2C%22iconsActive%22%3A%22%23f57fc5%22%2C%22text%22%3A%22%23ec008c%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22%23ec008c%22%2C%22textActive%22%3A%22%23f57fc5%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23f57fc5%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23ec008c%22%7D%7D&sp=0&st=2300&sa=1687975172401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-lga21962-LGA
date
Wed, 28 Jun 2023 17:59:32 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
bridge3.578.0_en.html
imasdk.googleapis.com/js/core/ Frame 7F6E 		709 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
15405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231472
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 13:42:47 GMT
expires
Thu, 27 Jun 2024 13:42:47 GMT
last-modified
Wed, 07 Jun 2023 16:35:26 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Jun 2023 17:59:32 GMT
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=-283534614&e=abq&n=4902589804813904&abc=0&abt=162_ad-iab-viewability_v4%2C128_sendDomainToFeedsOn&aid=O0vk4vqJEeWVlAY3v_uBow&amp=0&ask=oEq5AS75&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=3&emi=wpgm491aobvb&i=0&id=RdEySYYI&lid=1rhjtn916jzz&lsa=read&mt=1&pbd=1&pbr=1&pgi=19nsrn1kin58&ph=2&pid=zhNYySv2&pii=0&pl=371&plc=1&pli=pwszav1saogf&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&pu=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&pv=8.27.1&pyc=0&s=1&sdk=0&stc=1&stpe=1&t=Gwyneth%20Paltrow%20Says%20Coparenting%202%20Kids%20With%20Chris%20Martin%20Is%20%E2%80%98Harder%20Than%20It%20Looks%27%20&tv=3.42.2&vb=0&vi=0&vl=90&wd=660&ab=1&abid=1yqnpgxmmg86&abo=pre&apid=1yqnpgxmmg86&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&asxi=264043&flpy=USD&vpb=%7B%22appnexus.member%22%3A%221287%22%2C%22appnexus.invCode%22%3A%221922098%22%2C%22pubmatic.id%22%3A%223522894%22%2C%22pubmatic.type%22%3A%22OpenRTB%22%2C%22pubmatic.pubid%22%3A%22160545%22%2C%22rubicon.pubid%22%3A%229294%22%2C%22rubicon.siteId%22%3A%22357204%22%2C%22spotx.id%22%3A%22264043%22%2C%22kargo.placementId%22%3A%22_yf6VUG9T6b%22%2C%22mediagrid.id%22%3A%22S75%22%2C%22mediagrid.type%22%3A%22OpenRTB%22%2C%22mediagrid.pubid%22%3A%22pbGjPIU8%22%7D&vto=2000&bpv=7.2.0&rtp=%7B%7D&tpi=80011026%2C80011035%2C80011079%2C80011080%2C80011081%2C80011082%2CCMTPI-0059DF08%2CCMTPI-02867AE5%2CCMTPI-04E14321%2CCMTPI-0BF58D82%2CCMTPI-0D820080%2CCMTPI-0E02F6C6%2CCMTPI-0EF8C0FC%2CCMTPI-115A18D9%2CCMTPI-129516EC%2CCMTPI-12D0185C%2CCMTPI-1403EFCF%2CCMTPI-16A13FA0%2CCMTPI-16C1676A%2CCMTPI-17E1858C%2CCMTPI-17FC149F%2CCMTPI-1801D437%2CCMTPI-18220805%2CCMTPI-1862FE8D%2CCMTPI-1A914BA9%2CCMTPI-1B508663%2CCMTPI-1C1AF9F6%2CCMTPI-2073A5B7%2CCMTPI-20972238%2CCMTPI-214AEA2B%2CCMTPI-215023C5%2CCMTPI-22B2DEF0%2CCMTPI-24EED8EC%2CCMTPI-272784B3%2CCMTPI-28EF756E%2CCMTPI-298C1144%2CCMTPI-29EB2E80%2CCMTPI-2AFB1697%2CCMTPI-2CB853D8%2CCMTPI-2FD41300%2CCMTPI-31C465AB%2CCMTPI-32EEF776%2CCMTPI-33B15822%2CCMTPI-3634126B%2CCMTPI-36BA92AC%2CCMTPI-3A3D73D1%2CCMTPI-3B1F64F2%2CCMTPI-3BF4C761%2CCMTPI-3C3D93D3%2CCMTPI-3C5D709B%2CCMTPI-3E34813A%2CCMTPI-3FE7BB03%2CCMTPI-40E2BC75%2CCMTPI-41AE15D8%2CCMTPI-41C25786%2CCMTPI-423BC984%2CCMTPI-434208A3%2CCMTPI-43DB8114%2CCMTPI-456A40FB%2CCMTPI-463D2C40%2CCMTPI-468780F8%2CCMTPI-48EDD154%2CCMTPI-490406BA%2CCMTPI-4A797E04%2CCMTPI-4B5BC946%2CCMTPI-4C267960%2CCMTPI-4C78F6C7%2CCMTPI-4D4C88FC%2CCMTPI-4E807C99%2CCMTPI-4E9D34DD%2CCMTPI-4EDCA4BA%2CCMTPI-501E7815%2CCMTPI-50A1AE94%2CCMTPI-51406027%2CCMTPI-520BE62D%2CCMTPI-5271E215%2CCMTPI-5272012D%2CCMTPI-52854BF9%2CCMTPI-52B5BA6F%2CCMTPI-54B3F68C%2CCMTPI-564BDB0E%2CCMTPI-57B67DE4%2CCMTPI-58ACA4A6%2CCMTPI-59B389C1%2CCMTPI-5ACCB87D%2CCMTPI-5B0F2BAA%2CCMTPI-5B1D7031%2CCMTPI-5B9116B8%2CCMTPI-5C08D349%2CCMTPI-5C0D30E6%2CCMTPI-5D1689E7%2CCMTPI-5D8B9118%2CCMTPI-5DB35FD6%2CCMTPI-5E073E67%2CCMTPI-5E59A0FD%2CCMTPI-5E67FFE1%2CCMTPI-61F57FCB%2CCMTPI-62382625%2CCMTPI-63D8A54B%2CCMTPI-640FF151%2CCMTPI-674B4FDD%2CCMTPI-686F79B8%2CCMTPI-697B8462%2CCMTPI-6C948CDE%2CCMTPI-6CFA8301%2CCMTPI-718B3060%2CCMTPI-71FEED05%2CCMTPI-7232FEF3%2CCMTPI-7263294A%2CCMTPI-7346A449%2CCMTPI-740E0FB8%2CCMTPI-762DECC0%2CCMTPI-77B6A0A4%2CCMTPI-77DD778C%2CCMTPI-786A40F7%2CCMTPI-78A1F463%2CCMTPI-795ACE23%2CCMTPI-79A545BA%2CCMTPI-7A1D4A8B%2CCMTPI-7D6DB333%2CCMTPI-7E91FBCE%2CCMTPI-7FE39830%2CCMTPI-83C73318%2CCMTPI-84159E27%2CCMTPI-84B498DD%2CCMTPI-89F0B407%2CCMTPI-8B4FD699%2CCMTPI-8B550176%2CCMTPI-8DCDB384%2CCMTPI-8F0256F5%2CCMTPI-90FEB605%2CCMTPI-91B4B8A6%2CCMTPI-96FC6C06%2CCMTPI-984BCCFF%2CCMTPI-9934B409%2CCMTPI-99CEEDE8%2CCMTPI-99EED9E9%2CCMTPI-9BB36F96%2CCMTPI-9BE6FFE3%2CCMTPI-A1C4A4D2%2CCMTPI-A2DC63AE%2CCMTPI-A2F0F533%2CCMTPI-A483A820%2CCMTPI-A51B55FC%2CCMTPI-A6886128%2CCMTPI-A701553E%2CCMTPI-A91ACFF2%2CCMTPI-A9554386%2CCMTPI-A99A8166%2CCMTPI-AABB9CCA%2CCMTPI-AC2C56B0%2CCMTPI-B00512BA%2CCMTPI-B4CCA6DD%2CCMTPI-B56E58C0%2CCMTPI-B589368E%2CCMTPI-B71A7896%2CCMTPI-B9DA6E48%2CCMTPI-B9E4BFCF%2CCMTPI-BA44BE11%2CCMTPI-BDDD283A%2CCMTPI-BFDC91CF%2CCMTPI-C247D0AF%2CCMTPI-C400F936%2CCMTPI-C4784F98%2CCMTPI-C4EA78D9%2CCMTPI-C52AAAB0%2CCMTPI-C62EB36B%2CCMTPI-C7DF78E4%2CCMTPI-C8AB068D%2CCMTPI-CB93CF8E%2CCMTPI-CC176359%2CCMTPI-CEFA13A3%2CCMTPI-CFB4B3E3%2CCMTPI-D196FF45%2CCMTPI-D1DFAFF8%2CCMTPI-D3D70833%2CCMTPI-D57220A0%2CCMTPI-D69D3CA0%2CCMTPI-D727A638%2CCMTPI-D76CDC84%2CCMTPI-D9642A4D%2CCMTPI-DC46F2B4%2CCMTPI-DF8C4D85%2CCMTPI-E1606495%2CCMTPI-E2876E9D%2CCMTPI-E4A035FB%2CCMTPI-E512F21E%2CCMTPI-E5980AAF%2CCMTPI-E62C5E5E%2CCMTPI-E884C5E3%2CCMTPI-E914FCF7%2CCMTPI-EA82FD75%2CCMTPI-EAC07C3B%2CCMTPI-EBBC6069%2CCMTPI-EBE41FDF%2CCMTPI-ED50DBDE%2CCMTPI-F0583F13%2CCMTPI-F149D4DF%2CCMTPI-F229A2FA%2CCMTPI-F35B60D9%2CCMTPI-F3B6F1FD%2CCMTPI-F591DCE4%2CCMTPI-F70B1614%2CCMTPI-F734BAED%2CCMTPI-F746E76E%2CCMTPI-F92CCD2F%2CCMTPI-F9D85EE2%2CCMTPI-FA8A7712%2CCMTPI-FC945109%2CCMTPI-FCE57443%2CJWBRSAFE%2CJWIAB186%2CJWIAB379%2CJWIAB640&vsrid=341dca60-4a3d-4d38-9e41-ad61e5efb430&sa=1687975172450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-lga21962-LGA
date
Wed, 28 Jun 2023 17:59:32 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
330
bc.usmagazine.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/DG/DEFAULT/rest/rpc/330?referer=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&bcsessionid=9b294aa7-adf6-454e-abec-c4c3ac8ed456&bctempid=&overruleReferrer=&time=2023-06-28T17%3A59%3A32%2B00%3A00&ts=1687975172474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
e26f0dbe004da23e616e8ff2fcd6eef634afab53b9422ab116de2279544ec5af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
168
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
D4VaPQPAnJpAoQQG_ngWw0Gf9yxQ2lojPzLQnH-9XShL5lQ9l1YHDQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Jun 2023 17:59:32 GMT
i.png
trx-hub.com/i/m/ 		128 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdLyGUVYAF65qjzYko22gLUAEbQWBAAngC0lP5CNjjUKAl4KJFJEGbRygIwiCnRhjixiELUQtFYlZpm4ZVu0Gw4lRAouFUlSSg5ZogQiDYgFNDU8NTQo9CmFhBWtonJQo54iIh4wb7+QxTicEio6Nj4oiQAuhSaLgOUsDR0iiCaAlhyEOrsOoQgAEwADD8AMzRP4ANmiPwAHAAVACMAHZCABWACchEBP0cSIBAC1hiBlKoPhBgqYAOLpTJmAAEAAUwHloAUAORCakAZUQOGpAFkyhVqQBJNkAYTq1V56GarOp0Pa3Nw1IAcsk6X0BvisFgFN8tRhYaDIfCUfCkQiftifgArDCafHUABub3UkVkpnYUlGQiEWC5+KuQhuE1g2tMYA4LxwAGt1EjIbwo3gwEIMFao-AUUjYC5YChqNQowJIv7tVJYWGI7gYxA4wmkym0xmsy4SxgpD9THmC0WQCQgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-128.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 16:51:59 GMT
via
1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
4054
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
128
x-amz-cf-id
V6ivmOjMm90kM_P7fmM9WMUjbFxKMfbqXzV2G6ILNGYl0fzCnyAhdA==
view
securepubads.g.doubleclick.net/pcs/ Frame 3F16 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscrtjT7vSRkiIcpwShNuCYK0ZOuYv2wGjLATDcWq1cvns__ZqF4DswbJsODrpiAAkeC_1dHiHlO0sPWwsUM1e1dLdUYJANQvELej6oDJmnJLD-7UJY6334J6tqgxSNMaTfMMXuWNE_wAUE4qv3FknUZOtb0EUoDrBIdpNQfsTbcw1Un_Ir7gd26FleY6Ja6rtyiYBw1Ji2TLMmfQMUxU0N0h18F6NQAAklCmNwxSdyg2f5GZw-6_elU3MhzXjQXut8hFOnqaCd8q6Taa_lWtLgdJkqS50TnUWEnifYYLombMf5guEq5fZq1i87yd1Am2Fp8-puVpvusQlvwb1Pn-RudQ&sai=AMfl-YS6GLHubfNNWXqUwaAcEObkU-6DtQZyhzsx9Ms-4xTRA8S_vHHSbrKyx4Cj7InoLhnFRs3Nuv-UcpoD-OVkp3XOrf2VoSPSKO2PDShkeqYq78OqidW7rsQNfJkvzg&sig=Cg0ArKJSzDaVXANUqqf5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
admj
aax-us-east.amazon-adsystem.com/e/dtb/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/admj?b=JH-UluREV9j3aiIDTgNDAsgAAAGJAykUlwEAAAxIAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBJHJwW&rnd=6175047862901687975172604&pp=xeu58g&p=1lcd4hs&crid=7vh6qvtb
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.181.15 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
eb4caddc8b42320a2e8725ea0edf2efc59a0226a5a278960c58be45bcd1fbf6a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ESMS1S59ZP3XVZW5HRKX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
31218
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F16 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57261
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687779365227900"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 17:59:32 GMT
/
api.assertcom.de/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
4532524456
dfp-gateway.s-onetag.com/1/4216/ 		119 B
603 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/4216/4532524456
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-21.jfk50.r.cloudfront.net
Software
/
Resource Hash
31ca6c37f239ac961bce1a5b90d1cb3eb85ea9de70a9f2df2d6eedd32cad376b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:32:52 GMT
via
1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront), 1.1 8e923e72a50f75048382f193bf6c8c4e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5, JFK50-P2
age
1600
x-amzn-trace-id
Root=1-649c6ec4-4f115a7832b748151caecef2;Sampled=0;lineage=9eb5b80d:0
x-amzn-requestid
6c7a8453-ed7e-42d6-b76a-0b945e18faa4
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-apigw-id
HPY-xEzjCYcF1AQ=
content-length
119
x-amz-cf-id
n_f44NcsiIEd297VEbA5vwpvBhbIJjVbu9DoP-jW5gYZDxfB-SFygQ==
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.229.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-229-175.compute-1.amazonaws.com
Software
/
Resource Hash
c6bb6a7baabcc18c50b13e2acc3519cc781fdb3aacd85225f75e6c15f399d5df

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-prebid
pbs-java/1.121.0
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
hbjson
grid.bidswitch.net/ 		23 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?no_mapping=1&sp=jwp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.171.209 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
209.171.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a1ca5700d74c4a596c40c475efd37daeb28dba43212a47db9d7bd358e54b9dfb

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Jun 2023 17:59:32 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
prebid
ib.adnxs.com/ut/v3/ 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0a73b709925eeca3d5480462918de89cc01be9e83318a90c5dabc26a1fe75376
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:32 GMT
AN-X-Request-Uuid
43e53a70-28f3-425b-9550-a35173f9edf9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.usmagazine.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
krk.kargo.com/api/v2/ 		2 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22e20c6c5e-1a3f-4062-9c4d-f9ea483973bb%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1687975172652%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2281687777ae500a%22%3A%22_yf6VUG9T6b%22%7D%2C%22bidSizes%22%3A%7B%2281687777ae500a%22%3A%5B%5B660%2C371%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_yf6VUG9T6b%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%2269595343-c5ff-4fec-9147-2970e61d80b4%22%7D%7D%2C%22mediaTypes%22%3A%7B%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22playerSize%22%3A%5B%5B660%2C371%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C7%2C5%2C6%2C8%5D%2C%22playbackmethod%22%3A%5B3%5D%2C%22api%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22minduration%22%3A3%2C%22maxduration%22%3A300%7D%7D%2C%22adUnitCode%22%3A%221yqnpgxmmg86%22%2C%22transactionId%22%3A%2269595343-c5ff-4fec-9147-2970e61d80b4%22%2C%22sizes%22%3A%5B%5B660%2C371%5D%5D%2C%22bidId%22%3A%2281687777ae500a%22%2C%22bidderRequestId%22%3A%2273d957a04aff59%22%2C%22auctionId%22%3A%22971ef1cc-8588-460a-af86-33a30195e9ae%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22id%22%3A%22jw_RdEySYYI%22%2C%22data%22%3A%5B%7B%22name%22%3A%22jwplayer.com%22%2C%22ext%22%3A%7B%22cids%22%3A%5B%22RdEySYYI%22%5D%2C%22segtax%22%3A502%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%2280011026%22%7D%2C%7B%22id%22%3A%2280011035%22%7D%2C%7B%22id%22%3A%2280011079%22%7D%2C%7B%22id%22%3A%2280011080%22%7D%2C%7B%22id%22%3A%2280011081%22%7D%2C%7B%22id%22%3A%2280011082%22%7D%2C%7B%22id%22%3A%22CMTPI-0059DF08%22%7D%2C%7B%22id%22%3A%22CMTPI-02867AE5%22%7D%2C%7B%22id%22%3A%22CMTPI-04E14321%22%7D%2C%7B%22id%22%3A%22CMTPI-0BF58D82%22%7D%2C%7B%22id%22%3A%22CMTPI-0D820080%22%7D%2C%7B%22id%22%3A%22CMTPI-0E02F6C6%22%7D%2C%7B%22id%22%3A%22CMTPI-0EF8C0FC%22%7D%2C%7B%22id%22%3A%22CMTPI-115A18D9%22%7D%2C%7B%22id%22%3A%22CMTPI-129516EC%22%7D%2C%7B%22id%22%3A%22CMTPI-12D0185C%22%7D%2C%7B%22id%22%3A%22CMTPI-1403EFCF%22%7D%2C%7B%22id%22%3A%22CMTPI-16A13FA0%22%7D%2C%7B%22id%22%3A%22CMTPI-16C1676A%22%7D%2C%7B%22id%22%3A%22CMTPI-17E1858C%22%7D%2C%7B%22id%22%3A%22CMTPI-17FC149F%22%7D%2C%7B%22id%22%3A%22CMTPI-1801D437%22%7D%2C%7B%22id%22%3A%22CMTPI-18220805%22%7D%2C%7B%22id%22%3A%22CMTPI-1862FE8D%22%7D%2C%7B%22id%22%3A%22CMTPI-1A914BA9%22%7D%2C%7B%22id%22%3A%22CMTPI-1B508663%22%7D%2C%7B%22id%22%3A%22CMTPI-1C1AF9F6%22%7D%2C%7B%22id%22%3A%22CMTPI-2073A5B7%22%7D%2C%7B%22id%22%3A%22CMTPI-20972238%22%7D%2C%7B%22id%22%3A%22CMTPI-214AEA2B%22%7D%2C%7B%22id%22%3A%22CMTPI-215023C5%22%7D%2C%7B%22id%22%3A%22CMTPI-22B2DEF0%22%7D%2C%7B%22id%22%3A%22CMTPI-24EED8EC%22%7D%2C%7B%22id%22%3A%22CMTPI-272784B3%22%7D%2C%7B%22id%22%3A%22CMTPI-28EF756E%22%7D%2C%7B%22id%22%3A%22CMTPI-298C1144%22%7D%2C%7B%22id%22%3A%22CMTPI-29EB2E80%22%7D%2C%7B%22id%22%3A%22CMTPI-2AFB1697%22%7D%2C%7B%22id%22%3A%22CMTPI-2CB853D8%22%7D%2C%7B%22id%22%3A%22CMTPI-2FD41300%22%7D%2C%7B%22id%22%3A%22CMTPI-31C465AB%22%7D%2C%7B%22id%22%3A%22CMTPI-32EEF776%22%7D%2C%7B%22id%22%3A%22CMTPI-33B15822%22%7D%2C%7B%22id%22%3A%22CMTPI-3634126B%22%7D%2C%7B%22id%22%3A%22CMTPI-36BA92AC%22%7D%2C%7B%22id%22%3A%22CMTPI-3A3D73D1%22%7D%2C%7B%22id%22%3A%22CMTPI-3B1F64F2%22%7D%2C%7B%22id%22%3A%22CMTPI-3BF4C761%22%7D%2C%7B%22id%22%3A%22CMTPI-3C3D93D3%22%7D%2C%7B%22id%22%3A%22CMTPI-3C5D709B%22%7D%2C%7B%22id%22%3A%22CMTPI-3E34813A%22%7D%2C%7B%22id%22%3A%22CMTPI-3FE7BB03%22%7D%2C%7B%22id%22%3A%22CMTPI-40E2BC75%22%7D%2C%7B%22id%22%3A%22CMTPI-41AE15D8%22%7D%2C%7B%22id%22%3A%22CMTPI-41C25786%22%7D%2C%7B%22id%22%3A%22CMTPI-423BC984%22%7D%2C%7B%22id%22%3A%22CMTPI-434208A3%22%7D%2C%7B%22id%22%3A%22CMTPI-43DB8114%22%7D%2C%7B%22id%22%3A%22CMTPI-456A40FB%22%7D%2C%7B%22id%22%3A%22CMTPI-463D2C40%22%7D%2C%7B%22id%22%3A%22CMTPI-468780F8%22%7D%2C%7B%22id%22%3A%22CMTPI-48EDD154%22%7D%2C%7B%22id%22%3A%22CMTPI-490406BA%22%7D%2C%7B%22id%22%3A%22CMTPI-4A797E04%22%7D%2C%7B%22id%22%3A%22CMTPI-4B5BC946%22%7D%2C%7B%22id%22%3A%22CMTPI-4C267960%22%7D%2C%7B%22id%22%3A%22CMTPI-4C78F6C7%22%7D%2C%7B%22id%22%3A%22CMTPI-4D4C88FC%22%7D%2C%7B%22id%22%3A%22CMTPI-4E807C99%22%7D%2C%7B%22id%22%3A%22CMTPI-4E9D34DD%22%7D%2C%7B%22id%22%3A%22CMTPI-4EDCA4BA%22%7D%2C%7B%22id%22%3A%22CMTPI-501E7815%22%7D%2C%7B%22id%22%3A%22CMTPI-50A1AE94%22%7D%2C%7B%22id%22%3A%22CMTPI-51406027%22%7D%2C%7B%22id%22%3A%22CMTPI-520BE62D%22%7D%2C%7B%22id%22%3A%22CMTPI-5271E215%22%7D%2C%7B%22id%22%3A%22CMTPI-5272012D%22%7D%2C%7B%22id%22%3A%22CMTPI-52854BF9%22%7D%2C%7B%22id%22%3A%22CMTPI-52B5BA6F%22%7D%2C%7B%22id%22%3A%22CMTPI-54B3F68C%22%7D%2C%7B%22id%22%3A%22CMTPI-564BDB0E%22%7D%2C%7B%22id%22%3A%22CMTPI-57B67DE4%22%7D%2C%7B%22id%22%3A%22CMTPI-58ACA4A6%22%7D%2C%7B%22id%22%3A%22CMTPI-59B389C1%22%7D%2C%7B%22id%22%3A%22CMTPI-5ACCB87D%22%7D%2C%7B%22id%22%3A%22CMTPI-5B0F2BAA%22%7D%2C%7B%22id%22%3A%22CMTPI-5B1D7031%22%7D%2C%7B%22id%22%3A%22CMTPI-5B9116B8%22%7D%2C%7B%22id%22%3A%22CMTPI-5C08D349%22%7D%2C%7B%22id%22%3A%22CMTPI-5C0D30E6%22%7D%2C%7B%22id%22%3A%22CMTPI-5D1689E7%22%7D%2C%7B%22id%22%3A%22CMTPI-5D8B9118%22%7D%2C%7B%22id%22%3A%22CMTPI-5DB35FD6%22%7D%2C%7B%22id%22%3A%22CMTPI-5E073E67%22%7D%2C%7B%22id%22%3A%22CMTPI-5E59A0FD%22%7D%2C%7B%22id%22%3A%22CMTPI-5E67FFE1%22%7D%2C%7B%22id%22%3A%22CMTPI-61F57FCB%22%7D%2C%7B%22id%22%3A%22CMTPI-62382625%22%7D%2C%7B%22id%22%3A%22CMTPI-63D8A54B%22%7D%2C%7B%22id%22%3A%22CMTPI-640FF151%22%7D%2C%7B%22id%22%3A%22CMTPI-674B4FDD%22%7D%2C%7B%22id%22%3A%22CMTPI-686F79B8%22%7D%2C%7B%22id%22%3A%22CMTPI-697B8462%22%7D%2C%7B%22id%22%3A%22CMTPI-6C948CDE%22%7D%2C%7B%22id%22%3A%22CMTPI-6CFA8301%22%7D%2C%7B%22id%22%3A%22CMTPI-718B3060%22%7D%2C%7B%22id%22%3A%22CMTPI-71FEED05%22%7D%2C%7B%22id%22%3A%22CMTPI-7232FEF3%22%7D%2C%7B%22id%22%3A%22CMTPI-7263294A%22%7D%2C%7B%22id%22%3A%22CMTPI-7346A449%22%7D%2C%7B%22id%22%3A%22CMTPI-740E0FB8%22%7D%2C%7B%22id%22%3A%22CMTPI-762DECC0%22%7D%2C%7B%22id%22%3A%22CMTPI-77B6A0A4%22%7D%2C%7B%22id%22%3A%22CMTPI-77DD778C%22%7D%2C%7B%22id%22%3A%22CMTPI-786A40F7%22%7D%2C%7B%22id%22%3A%22CMTPI-78A1F463%22%7D%2C%7B%22id%22%3A%22CMTPI-795ACE23%22%7D%2C%7B%22id%22%3A%22CMTPI-79A545BA%22%7D%2C%7B%22id%22%3A%22CMTPI-7A1D4A8B%22%7D%2C%7B%22id%22%3A%22CMTPI-7D6DB333%22%7D%2C%7B%22id%22%3A%22CMTPI-7E91FBCE%22%7D%2C%7B%22id%22%3A%22CMTPI-7FE39830%22%7D%2C%7B%22id%22%3A%22CMTPI-83C73318%22%7D%2C%7B%22id%22%3A%22CMTPI-84159E27%22%7D%2C%7B%22id%22%3A%22CMTPI-84B498DD%22%7D%2C%7B%22id%22%3A%22CMTPI-89F0B407%22%7D%2C%7B%22id%22%3A%22CMTPI-8B4FD699%22%7D%2C%7B%22id%22%3A%22CMTPI-8B550176%22%7D%2C%7B%22id%22%3A%22CMTPI-8DCDB384%22%7D%2C%7B%22id%22%3A%22CMTPI-8F0256F5%22%7D%2C%7B%22id%22%3A%22CMTPI-90FEB605%22%7D%2C%7B%22id%22%3A%22CMTPI-91B4B8A6%22%7D%2C%7B%22id%22%3A%22CMTPI-96FC6C06%22%7D%2C%7B%22id%22%3A%22CMTPI-984BCCFF%22%7D%2C%7B%22id%22%3A%22CMTPI-9934B409%22%7D%2C%7B%22id%22%3A%22CMTPI-99CEEDE8%22%7D%2C%7B%22id%22%3A%22CMTPI-99EED9E9%22%7D%2C%7B%22id%22%3A%22CMTPI-9BB36F96%22%7D%2C%7B%22id%22%3A%22CMTPI-9BE6FFE3%22%7D%2C%7B%22id%22%3A%22CMTPI-A1C4A4D2%22%7D%2C%7B%22id%22%3A%22CMTPI-A2DC63AE%22%7D%2C%7B%22id%22%3A%22CMTPI-A2F0F533%22%7D%2C%7B%22id%22%3A%22CMTPI-A483A820%22%7D%2C%7B%22id%22%3A%22CMTPI-A51B55FC%22%7D%2C%7B%22id%22%3A%22CMTPI-A6886128%22%7D%2C%7B%22id%22%3A%22CMTPI-A701553E%22%7D%2C%7B%22id%22%3A%22CMTPI-A91ACFF2%22%7D%2C%7B%22id%22%3A%22CMTPI-A9554386%22%7D%2C%7B%22id%22%3A%22CMTPI-A99A8166%22%7D%2C%7B%22id%22%3A%22CMTPI-AABB9CCA%22%7D%2C%7B%22id%22%3A%22CMTPI-AC2C56B0%22%7D%2C%7B%22id%22%3A%22CMTPI-B00512BA%22%7D%2C%7B%22id%22%3A%22CMTPI-B4CCA6DD%22%7D%2C%7B%22id%22%3A%22CMTPI-B56E58C0%22%7D%2C%7B%22id%22%3A%22CMTPI-B589368E%22%7D%2C%7B%22id%22%3A%22CMTPI-B71A7896%22%7D%2C%7B%22id%22%3A%22CMTPI-B9DA6E48%22%7D%2C%7B%22id%22%3A%22CMTPI-B9E4BFCF%22%7D%2C%7B%22id%22%3A%22CMTPI-BA44BE11%22%7D%2C%7B%22id%22%3A%22CMTPI-BDDD283A%22%7D%2C%7B%22id%22%3A%22CMTPI-BFDC91CF%22%7D%2C%7B%22id%22%3A%22CMTPI-C247D0AF%22%7D%2C%7B%22id%22%3A%22CMTPI-C400F936%22%7D%2C%7B%22id%22%3A%22CMTPI-C4784F98%22%7D%2C%7B%22id%22%3A%22CMTPI-C4EA78D9%22%7D%2C%7B%22id%22%3A%22CMTPI-C52AAAB0%22%7D%2C%7B%22id%22%3A%22CMTPI-C62EB36B%22%7D%2C%7B%22id%22%3A%22CMTPI-C7DF78E4%22%7D%2C%7B%22id%22%3A%22CMTPI-C8AB068D%22%7D%2C%7B%22id%22%3A%22CMTPI-CB93CF8E%22%7D%2C%7B%22id%22%3A%22CMTPI-CC176359%22%7D%2C%7B%22id%22%3A%22CMTPI-CEFA13A3%22%7D%2C%7B%22id%22%3A%22CMTPI-CFB4B3E3%22%7D%2C%7B%22id%22%3A%22CMTPI-D196FF45%22%7D%2C%7B%22id%22%3A%22CMTPI-D1DFAFF8%22%7D%2C%7B%22id%22%3A%22CMTPI-D3D70833%22%7D%2C%7B%22id%22%3A%22CMTPI-D57220A0%22%7D%2C%7B%22id%22%3A%22CMTPI-D69D3CA0%22%7D%2C%7B%22id%22%3A%22CMTPI-D727A638%22%7D%2C%7B%22id%22%3A%22CMTPI-D76CDC84%22%7D%2C%7B%22id%22%3A%22CMTPI-D9642A4D%22%7D%2C%7B%22id%22%3A%22CMTPI-DC46F2B4%22%7D%2C%7B%22id%22%3A%22CMTPI-DF8C4D85%22%7D%2C%7B%22id%22%3A%22CMTPI-E1606495%22%7D%2C%7B%22id%22%3A%22CMTPI-E2876E9D%22%7D%2C%7B%22id%22%3A%22CMTPI-E4A035FB%22%7D%2C%7B%22id%22%3A%22CMTPI-E512F21E%22%7D%2C%7B%22id%22%3A%22CMTPI-E5980AAF%22%7D%2C%7B%22id%22%3A%22CMTPI-E62C5E5E%22%7D%2C%7B%22id%22%3A%22CMTPI-E884C5E3%22%7D%2C%7B%22id%22%3A%22CMTPI-E914FCF7%22%7D%2C%7B%22id%22%3A%22CMTPI-EA82FD75%22%7D%2C%7B%22id%22%3A%22CMTPI-EAC07C3B%22%7D%2C%7B%22id%22%3A%22CMTPI-EBBC6069%22%7D%2C%7B%22id%22%3A%22CMTPI-EBE41FDF%22%7D%2C%7B%22id%22%3A%22CMTPI-ED50DBDE%22%7D%2C%7B%22id%22%3A%22CMTPI-F0583F13%22%7D%2C%7B%22id%22%3A%22CMTPI-F149D4DF%22%7D%2C%7B%22id%22%3A%22CMTPI-F229A2FA%22%7D%2C%7B%22id%22%3A%22CMTPI-F35B60D9%22%7D%2C%7B%22id%22%3A%22CMTPI-F3B6F1FD%22%7D%2C%7B%22id%22%3A%22CMTPI-F591DCE4%22%7D%2C%7B%22id%22%3A%22CMTPI-F70B1614%22%7D%2C%7B%22id%22%3A%22CMTPI-F734BAED%22%7D%2C%7B%22id%22%3A%22CMTPI-F746E76E%22%7D%2C%7B%22id%22%3A%22CMTPI-F92CCD2F%22%7D%2C%7B%22id%22%3A%22CMTPI-F9D85EE2%22%7D%2C%7B%22id%22%3A%22CMTPI-FA8A7712%22%7D%2C%7B%22id%22%3A%22CMTPI-FC945109%22%7D%2C%7B%22id%22%3A%22CMTPI-FCE57443%22%7D%2C%7B%22id%22%3A%22JWBRSAFE%22%7D%2C%7B%22id%22%3A%22JWIAB186%22%7D%2C%7B%22id%22%3A%22JWIAB379%22%7D%2C%7B%22id%22%3A%22JWIAB640%22%7D%5D%7D%5D%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.108.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-108-234.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:32 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Accept-Ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr
510
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.usmagazine.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.usmagazine.com
date
Wed, 28 Jun 2023 17:59:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
264043
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/264043?src_sys=prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.143 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

x-spotx-exception-result
exception
x-spotx-exception-id
SPOTMARKET.HALTED
x-spotx-exception-message
SpotMarket execution was halted.
x-spotx-timing-page-require
0.000339
x-spotx-timing-page-cookie
0.000005
x-spotx-timing-page
0.004642
pragma
no-cache
x-spotx-exception-conf-result
failure
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
x-spotx-timing-page-exception
0.000020
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-page-uri
0.000016
x-spotx-timing-spotmarket-secondary
0.000000
access-control-allow-headers
x-spotx-exception-0-result
failure
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Wed, 28 Jun 2023 17:59:32 GMT
x-spotx-exception-0-message
Halting market due to channel or publisher being disabled
x-spotx-timing-transform
0.000388
x-spotx-timing-spotmarket-primary
0.000301
x-spotx-timing-spotmarket
0.000301
x-spotx-exception-0-id
MARKET_HALTED
x-fe
242
x-spotx-timing-page-misc
0.001781
x-spotx-exception-conf-id
SPOTMARKET.CHANNEL_NOT_ENABLED
x-spotx-timing-page-context
0.000579
last-modified
Wed, 28 Jun 2023 17:59:32 GMT
x-spotx-exception-conf-message
Affiliate ID '264043' is not enabled.
access-control-allow-credentials
true
x-spotx-timing-page-mux
0.001213
330
bc.usmagazine.com/DG/DEFAULT/rest/rpc/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.usmagazine.com/DG/DEFAULT/rest/rpc/330?referer=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&bcsessionid=9b294aa7-adf6-454e-abec-c4c3ac8ed456&bctempid=&overruleReferrer=&time=2023-06-28T17%3A59%3A32%2B00%3A00&ts=1687975172684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-28.ewr53.r.cloudfront.net
Software
- /
Resource Hash
2de01c544241b497778c1e6737850266f4b523f8f581407b53f22085468efc46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1731
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
eLUNcmvA_JJlSbcbFZaLJK139CYTdK82fTlmK9M7UjoC8o9UUn_Xig==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame FAD5 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
db97878c9d5186a87446a9d4af4a6ce4060d34214ea3fac3848bc5c7337067bf
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
5298
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 28 Jun 2023 17:59:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5SD75X0VBHSNG616JKZV
view
securepubads.g.doubleclick.net/pcs/ Frame 2B12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-rnGfimNnkFATHL3-JnpzFaqnqJD_QKp7Y_zMfrUWXzc_hT2PLM89eOhSl_Vym_8WQAZov7botoAE6kd64L3az2oSI2U7HqTV6vfwVW1Vygx7RHe_h1p6bpkHKVdBWdbgbiTWTPl0DLrpZILfLWxjrR5w_an9phOzdNrrPcxOfSEGzKomu_rc8Juc6RyUJhpJR_MUt6tj8xxoxjV7SfcNG71uVMHbvk_VYCxl-NuehVFECKPzDVmFIH4v3rjqENs-jqbUQr472n9q35G-YBlltJiIUQNbEngvf5NIBw7QQ9m81QSS9BzpMwt6XuTuFJRnwdK0HBUr2Zjmn-spU62e4armu2AbwKkzCoeq-BFXXEYqZlY&sai=AMfl-YTg_y5RT27yvmbGudnKV0a0rGAp_yDuJ8O6u5jHuPW34wvnm1iDk5-KMjxyfjWoJIydamMbjyalNAUbqVHMFY8OcQnuuLGb1gOfKKgDuZWWwkqekpLQIbkaC1GHmVY&sig=Cg0ArKJSzHJXElfcppwoEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ajs.js
cdn.undertone.com/js/ Frame 2B12 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/ajs.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:c400:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d27b65c301807fa04a3992694f7cbd7e054c54b72be97910abef13e93bef223

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
_YwN8updwG29vHIjMeLOqlKGHnf96AFY
content-encoding
gzip
via
1.1 079cd4553da15b2329bffae6abe6157e.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 14:26:43 GMT
last-modified
Tue, 27 Jun 2023 13:53:35 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
12770
x-amz-server-side-encryption
AES256
etag
W/"61f65cc417b43f8e4c40df868ff82995"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
MtdIgbZCW0ccbQVevr2R9zQIefU8TxdMepqhxVQlr6FYvBBhRbDo6Q==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2B12 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57261
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687779365227900"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 17:59:32 GMT
/
api.assertcom.de/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 17:59:32 GMT
740dac4c-86fc-4acc-8088-c88f487894cc
crb.kargo.com/api/v1/initsync/ Frame A5C2 		1 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/initsync/740dac4c-86fc-4acc-8088-c88f487894cc?gdpr=0&gdpr_consent=&us_privacy=1---&partners=ttd,Dv360,AppNexus,bsw
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.177.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-177-129.compute-1.amazonaws.com
Software
/
Resource Hash
0ec5c8e17ed703b3f81473e4c6959b0fc7b62964902dd62a0051445d4af71d3a

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
468
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 17:59:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
740dac4c-86fc-4acc-8088-c88f487894cc
cma.kargo.com/api/v1/segments/ 		63 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cma.kargo.com/api/v1/segments/740dac4c-86fc-4acc-8088-c88f487894cc?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.39.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-39-228.compute-1.amazonaws.com
Software
/
Resource Hash
691ec1388be1128efc21fdd836584536c5d4d1fffa668cc259918c45bdb2918e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:32 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.usmagazine.com
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
Expires
Thu, 01 Jan 1970 00:00:00 UTC
view
securepubads.g.doubleclick.net/pcs/ Frame 106F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPqdPYCNf4ZhnChGz28haqaNdAcNpZimDDevfHoyFadoFwAsIysAhxeQLGpL_NMWRZg3gEZ4UI-2CcZE4sUEoFBaspxX20Ynlc2RuirUqlaQfMYtaY0vTa8A1w6ae6HJMVSYdKznpWK1aIyX1nRGT6pQA_P3t9b0j-Q9ELKNV6sWXga9bWlNRWCsZq-NbJ7dOzUVXecgYljUHc0pKdout_W7GJkjlR2oGrf5M5U1TFATs4wJZyYMoU2MqvFzTqvNF7sI1E8uSJKMVAPMfYtJ1HcVIBgncH4blCO7wMUuaYOeckI_Yl10kM7TlfXwQ0HpkNZtYEQYwJugR4_yE_&sai=AMfl-YRlXfKCZuhRVfOF1PG0GxeKjEYTCMJbVJyvT2HnU1z4ZeqkqLGAB300tYzvDk59HtIUL9aGytsdLT69Gq4YpQF36stsLRS3ONlAuuxiPEM2J6YSDL0_uP0_RKW70Q&sig=Cg0ArKJSzDbMsNX-zvs2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
admj
aax-us-east.amazon-adsystem.com/e/dtb/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/admj?b=JF4_QcXRJoBpOHH70TE2ynUAAAGJAykUowEAAAxIAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAP-A8Z&rnd=4206634632751687975172842&pp=z2rpj4&p=1lcd4hs&crid=chsv8n1a
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.181.15 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cf2eff41089d5779f925b153733876ca1b5effc43e0325b5f8cd2f14e84c647d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SZ0CH6S50EPP5MX2YZEA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
31033
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 106F 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57261
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687779365227900"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 17:59:32 GMT
/
api.assertcom.de/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
4532502385
dfp-gateway.s-onetag.com/1/4216/ 		119 B
602 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/4216/4532502385
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-21.jfk50.r.cloudfront.net
Software
/
Resource Hash
2b51df08a930be0b69a56e0035cce31e3c6944747a193c48848d4aad3e620cae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 01:49:51 GMT
via
1.1 f03ced384777449538f7af55da0e2760.cloudfront.net (CloudFront), 1.1 8e923e72a50f75048382f193bf6c8c4e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5, JFK50-P2
age
58181
x-amzn-trace-id
Root=1-649b91bf-34e2363f56dc1db45130ed69;Sampled=0;lineage=9eb5b80d:0
x-amzn-requestid
4644ff1d-5e3e-4f65-a63d-d671d9ec6aaa
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-apigw-id
HNO18GyEiYcF9eg=
content-length
119
x-amz-cf-id
0hvAsuhcKMY94BurOcvz5QGjr_er_Oau0WcAwK1TIr-wUogzqfcKfQ==
9.gif
id5-sync.com/cq/1036/124/0/
Redirect Chain
  • https://id5-sync.com/i/1036/8.gif?id5id=ID5*R7EhQmcazCwxaPrbQLrrQ9KzuKDUkRJpqDh9k7cQ5LlSNoDAUe7ruNL0qnrUPjXIUjeLSAVg4IWjAes3O4D--A&o=api&gdpr_consent=undefined&gdpr=false
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ace8QciIVhe6vqFmaK859GH82vJDVhOO6jnpkcKgww&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F1036%2F3%2F7%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26...
  • https://id5-sync.com/c/1036/3/7/2.gif?puid=4b72649c-7502-4200-9732-0e3f626912f4&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1036%2F441%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/1036/441/6/3.gif?puid=u_d17a1305-2dd4-444f-9878-45d8283b404d&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AADmZ07JOOoAACE6kkaYJA
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1036%2F429%2F4%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/1036/429/4/5.gif?puid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=58&3pid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1036%2F1242%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D...
  • https://id5-sync.com/c/1036/1242/3/6.gif?puid=G5H3cSZHuSINuM55Tu6cBHSs&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AADmZ07JOOoAACE6kkaYJA&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1036%2F1241%2F2%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26...
  • https://id5-sync.com/c/1036/1241/2/7.gif?puid=G5H3cSZHuSINuM55Tu6cBHSs&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=8caea125-1332-49dd-b4e8-4c16d2f9f136&ttl=%%TTL%%
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ace8QciIVhe6vqFmaK859GH82vJDVhOO6jnpkcKgww&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1036%2F124%2F0%2F9.gif%3Fpuid%3...
  • https://id5-sync.com/cq/1036/124/0/9.gif?puid=eda7d366-b8cc-463a-956a-6b796dc0cb7e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/cq/1036/124/0/9.gif?puid=eda7d366-b8cc-463a-956a-6b796dc0cb7e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 28 Jun 2023 17:59:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/cq/1036/124/0/9.gif?puid=eda7d366-b8cc-463a-956a-6b796dc0cb7e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:38 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
view
securepubads.g.doubleclick.net/pcs/ Frame 9E83 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssejhFlTXekkHAwkLILHaAt2JMoe9T3cNznO6ziAAwcMtNMMm7u76lJYk6jUmZ19Lew6W-tlSp8zYNPOrd_7A39I9PrG88GmoYj7W9OytLNE4FZk8KpNSeTjTrxFAgyG0HDPZGD0BeM3ZDlFVSIuv1R3ZP-i1-cMUf_YJgtHpkQCH7pITo-5OLY1mXZ9LneIZj5ynX8wKg7_GTrcNk3zhGCxoVBivuoF0l4MSjqQB0rVGEkA4jlHUZ99IyV5k57hPoZxkVa7Sq5RgNjRfDvCL_bZC-CAR7uLrWduZAjGwYMLUbVyK6n-qI_qNXs4GuKjJ5w98i1WUq7t13t6grd1vzT9pDxyn0&sai=AMfl-YQ1Nvr5qgwYbu-zxAqkwZLEAd_4dsZdV2QS0uAg4hqGnKTJGmKjgQT4aG0oQ-Rd5QVPMYWpzRGrqF5KlucysrOPmaQz9fXB51B1VI2JoMIkgNZU7NrGrxMagXiG3b8&sig=Cg0ArKJSzKInbqBi7wSZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
admj
aax-us-east.amazon-adsystem.com/e/dtb/ 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/admj?b=JCyi6rGmqvH03cvyFTVCXYwAAAGJAykUWAEAAAxIAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBHP8SW&rnd=8425578244841687975172917&pp=z2rpj4&p=1lcd4hs&crid=7vh6qvtb
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.181.15 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8fcb4c6cbfc6704fac07691104b3e527133f03e4bb3774800b7ef708bcc62b1f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GH69A77N828NRCRN2QK2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
31276
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9E83 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57261
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687779365227900"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 17:59:32 GMT
/
api.assertcom.de/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
4533045107
dfp-gateway.s-onetag.com/1/4216/ 		119 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/4216/4533045107
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-21.jfk50.r.cloudfront.net
Software
/
Resource Hash
6d14750264738c92b97d424f3133cc14797efac6f5561c38faa60df674d58e55

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 13:04:43 GMT
via
1.1 ccabfbceff64477665e33f03003a399c.cloudfront.net (CloudFront), 1.1 8e923e72a50f75048382f193bf6c8c4e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5, JFK50-P2
age
17689
x-amzn-trace-id
Root=1-649c2feb-435572ba597064122d33287a;Sampled=0;lineage=9eb5b80d:0
x-amzn-requestid
b766102e-07e4-48da-a641-60db969483bf
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-apigw-id
HOxs4HktiYcF_Cg=
content-length
119
x-amz-cf-id
pbtJK3gEcpKqJkf2uFQRySBPhsnSpdFuiNSVf-q4X5qkams4PTa0UA==
ecm3
s.amazon-adsystem.com/ Frame FAD5
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3309767730813480000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3309767730813480000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EY71ZXAY3BGQ27G9TJGK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3309767730813480000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 28 Jun 2023 17:59:33 GMT
ecm3
s.amazon-adsystem.com/ Frame FAD5
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=4e59a8badc0f0e92fea2abcf6533ab8a
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=4e59a8badc0f0e92fea2abcf6533ab8a
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GHBYYF4J64VWNMXF5YXP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:32 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=4e59a8badc0f0e92fea2abcf6533ab8a
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame FAD5
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7244e3d5
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7244e3d5
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5367VTNBQMSMW4HCJ5EZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=7244e3d5
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
AKvOGxbC8sy2d65o3myOxFhKxJJ3cYWQ12qU-V_wpzrc3y-usFufDg==
ecm3
s.amazon-adsystem.com/ Frame FAD5
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=2C656F80C1374931A3DC1E683CAACB1C&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=2C656F80C1374931A3DC1E683CAACB1C&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
07TGBM1TB761XNV22N5T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 28 Jun 2023 17:59:33 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=2C656F80C1374931A3DC1E683CAACB1C&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 27 Jun 2023 17:59:33 GMT
ecm3
s.amazon-adsystem.com/ Frame FAD5
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=0889790c-caa5-4b98-a28e-ac136bb5afe5
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=0889790c-caa5-4b98-a28e-ac136bb5afe5
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TDH968M1ADR9DDXWEK3Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
server
nginx/1.12.2
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=0889790c-caa5-4b98-a28e-ac136bb5afe5
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
onsite-v2_19104af01f58ff9ed77b29cfb9969cf4.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_19104af01f58ff9ed77b29cfb9969cf4.br.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
427413e732e0c54025326a0120918878b95082fdb86796d55dfeef64458b70d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:32:38 GMT
content-encoding
br
age
1615
x-guploader-uploadid
ADPycdu3uWjnxhrLhVUvQGB05jO6uzTVVE4yNYgu7aiEbuJYL7q5_T2YySvrm38sjjjuAS6qLellYSuPgClzofgc70kBkBdWylSk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5823
last-modified
Mon, 26 Jun 2023 17:32:33 GMT
server
UploadServer
etag
"4790a063101d4a4706fe95c04bb867b8"
x-goog-generation
1687800753283124
x-goog-hash
crc32c=DQwgrg==, md5=R5CgYxAdSkcG/pXAS7hnuA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
5823
accept-ranges
bytes
content-type
text/javascript
ads-v2_dc9bef805b268d42414bbeeff79bf583.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		247 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_dc9bef805b268d42414bbeeff79bf583.br.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ba62a36c2a9634bbe0bc787fb39aef84a6b841e4fdef67aee9793f2c42584cf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 01:02:11 GMT
content-encoding
br
age
61042
x-guploader-uploadid
ADPycdtmYnKqHXA2hCQ7dF4OaMuU6UiZPUntItUK08Di1_TO8E-_TDqQV3zElgaaXrWpUkBGQgYTDC8hAASB3Pds-Lm_9A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44439
last-modified
Mon, 26 Jun 2023 17:32:14 GMT
server
UploadServer
etag
"6d5c4add73933bc8a11c51d7e6e7876d"
x-goog-generation
1687800734755723
x-goog-hash
crc32c=R0MkTQ==, md5=bVxK3XOTO8ihHFHX5ueHbQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
44439
accept-ranges
bytes
content-type
text/javascript
113b6a610aca262f9996bf4decbc5fb0.br.json
assets.bounceexchange.com/assets/gam/4216/ 		101 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/gam/4216/113b6a610aca262f9996bf4decbc5fb0.br.json
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b6228b3122d3d526dee19f27104638cf7f60e75d580699a32eb6453412d40b6c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 18:02:07 GMT
content-encoding
br
age
86246
x-guploader-uploadid
ADPycdsrcSwX5wL6otgtRImHSF8m8NeXBXTd3KCixAB_oTAm3MUcxyHOVU7Y2lvs2VPpeOmTTXqNQMnPS6YBnHkSI_k36iSa2lGg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20974
last-modified
Tue, 27 Jun 2023 18:01:51 GMT
server
UploadServer
etag
"5b9752590141efba54114b494b08b155"
x-goog-generation
1687888911059459
x-goog-hash
crc32c=oo5I4g==, md5=W5dSWQFB77pUEUtJSwixVQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, etag
cache-control
public,max-age=3600
x-goog-stored-content-length
20974
accept-ranges
bytes
content-type
text/plain; charset=UTF-8
ttd
crb.kargo.com/api/v1/sync/ Frame A5C2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=3wvez9v&ttd_tpi=1&ttd_puid=e7ccadfc-ee86-4adc-977c-fa2def473355_411d0d9b-3ba6-321f-0cd5-e5386014c5a3
  • https://crb.kargo.com/api/v1/sync/ttd?qp=cbid&exid=8caea125-1332-49dd-b4e8-4c16d2f9f136&cbid=e7ccadfc-ee86-4adc-977c-fa2def473355_411d0d9b-3ba6-321f-0cd5-e5386014c5a3
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/sync/ttd?qp=cbid&exid=8caea125-1332-49dd-b4e8-4c16d2f9f136&cbid=e7ccadfc-ee86-4adc-977c-fa2def473355_411d0d9b-3ba6-321f-0cd5-e5386014c5a3
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsync/740dac4c-86fc-4acc-8088-c88f487894cc?gdpr=0&gdpr_consent=&us_privacy=1---&partners=ttd,Dv360,AppNexus,bsw
Protocol
HTTP/1.1
Server
44.209.177.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-177-129.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://crb.kargo.com/api/v1/sync/ttd?qp=cbid&exid=8caea125-1332-49dd-b4e8-4c16d2f9f136&cbid=e7ccadfc-ee86-4adc-977c-fa2def473355_411d0d9b-3ba6-321f-0cd5-e5386014c5a3
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
363
411d0d9b-3ba6-321f-0cd5-e5386014c5a3
crb.kargo.com/api/v1/sync/AppNexus/ Frame A5C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2FAppNexus%2F411d0d9b-3ba6-321f-0cd5-e5386014c5a3%3Frid%3De7ccadfc-ee86-4adc-977c-fa2def473355%26gdpr%3D0%26gdpr_consent%3D...
  • https://crb.kargo.com/api/v1/sync/AppNexus/411d0d9b-3ba6-321f-0cd5-e5386014c5a3?rid=e7ccadfc-ee86-4adc-977c-fa2def473355&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&exid=239972947338320392
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/sync/AppNexus/411d0d9b-3ba6-321f-0cd5-e5386014c5a3?rid=e7ccadfc-ee86-4adc-977c-fa2def473355&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&exid=239972947338320392
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsync/740dac4c-86fc-4acc-8088-c88f487894cc?gdpr=0&gdpr_consent=&us_privacy=1---&partners=ttd,Dv360,AppNexus,bsw
Protocol
HTTP/1.1
Server
44.209.177.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-177-129.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
34b5cdfc-6ba2-412e-8f22-4b7c9af37001
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://crb.kargo.com/api/v1/sync/AppNexus/411d0d9b-3ba6-321f-0cd5-e5386014c5a3?rid=e7ccadfc-ee86-4adc-977c-fa2def473355&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&exid=239972947338320392
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bswsync
crb.kargo.com/api/v1/ Frame A5C2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=kargo&redir_url=e7ccadfc-ee86-4adc-977c-fa2def473355_411d0d9b-3ba6-321f-0cd5-e5386014c5a3&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=kargo
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=kargo
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4662830998819244376&ssp=kargo
  • https://crb.kargo.com/api/v1/bswsync?bsw_uuid=e5909bf2-71a8-45a7-b91d-17324c9598fd&dsp_uuid=&dsp_id=&krg_ids=e7ccadfc-ee86-4adc-977c-fa2def473355_411d0d9b-3ba6-321f-0cd5-e5386014c5a3&gdpr=&gdpr_con...
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=e5909bf2-71a8-45a7-b91d-17324c9598fd&dsp_uuid=&dsp_id=&krg_ids=e7ccadfc-ee86-4adc-977c-fa2def473355_411d0d9b-3ba6-321f-0cd5-e5386014c5a3&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsync/740dac4c-86fc-4acc-8088-c88f487894cc?gdpr=0&gdpr_consent=&us_privacy=1---&partners=ttd,Dv360,AppNexus,bsw
Protocol
HTTP/1.1
Server
44.209.177.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-177-129.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:35 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
//crb.kargo.com/api/v1/bswsync?bsw_uuid=e5909bf2-71a8-45a7-b91d-17324c9598fd&dsp_uuid=&dsp_id=&krg_ids=e7ccadfc-ee86-4adc-977c-fa2def473355_411d0d9b-3ba6-321f-0cd5-e5386014c5a3&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 28 Jun 2023 17:59:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
truncated
/ Frame 3F16 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bc9553815a4e18001313cd8a3ce36b4fc450e3ec2e7e2e3131eb43682645ca2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame F059 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928572&campId=970x250&pubId=100784417&chanId=22337608653&placementId=4532524456&pubCreative=138221234125&pubOrder=2214162919&cb=1290752961&custom=leader1&custom2=article&adsafe_par&impId=880022e5-15dd-11ee-aa6a-0ef05de99743
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
/
Resource Hash
44708c9618d425271700dc91923ad9df0267fe71d701969bccfe3c10b41e0746

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3F16 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8dv2hOZbGYXDrWLQBgUTgAfRF7bPMI788G5KapRFEJUrf3DoTn0zuL_Uq5Qjrlr5kn4wt9S-QUAp4cPotKvSOsl-3G-edgEis30nx9vSehHp5gXKoKm5vWRqHY3ZOudXtGvIk3F0pfaiS6x2KrFzFt3eKX-037CBBUOZ3d_M96uBTbnZBSi8SAf7_AAQvFM8laSc6EoFBner1y0hzZV7j3V1-IVK3x4e7hnL56DMMHXgWaDD1p6TpZBbh7EpM22IamgwF9v1_p_tjA8fiBIue-RSSY5oFSEZC_I3lCXFOndFlO0vLTiu1QYpyS5IhytMF4M51Ur-kNVAc9DAhx0-ReeN7&sai=AMfl-YSywlrdrN3GvTzuMZJxshP33IfclXWzuUw-1i0e2-n08MsvFn1B7qhbJCIenNABUC9MWcU26YQeOLqibt443WevTZGxTrrrMfsnYXYSW2cYExVDc7VQeAK8sHGoJA&sig=Cg0ArKJSzH7M6BYPqwOjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 28 Jun 2023 17:59:33 GMT
events
api.permutive.com/v2.0/batch/ 		201 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
1ec30520c0ef1986b4461544a36f86aeb44f815d72e38b9db205e063405e7ac0

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=-2074996123&e=abr&n=9092473179373723&abc=0&abt=162_ad-iab-viewability_v4%2C128_sendDomainToFeedsOn&aid=O0vk4vqJEeWVlAY3v_uBow&amp=0&ask=oEq5AS75&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=3&emi=wpgm491aobvb&i=0&id=RdEySYYI&lid=1rhjtn916jzz&lsa=read&mt=1&pbd=1&pbr=1&pgi=19nsrn1kin58&ph=2&pid=zhNYySv2&pii=0&pl=371&plc=1&pli=pwszav1saogf&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Gwyneth%20Paltrow%27s%20Son%20Moses%20Is%20Chris%20Martin%27s%20Twin%20in%20New%20Photo&pu=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&pv=8.27.1&pyc=0&s=1&sdk=0&stc=1&stpe=1&t=Gwyneth%20Paltrow%20Says%20Coparenting%202%20Kids%20With%20Chris%20Martin%20Is%20%E2%80%98Harder%20Than%20It%20Looks%27%20&tv=3.42.2&vb=0&vi=0&vl=90&wd=660&ab=1&abid=1yqnpgxmmg86&abo=pre&apid=1yqnpgxmmg86&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&asxb=0&asxi=264043&asxt=392&flpy=USD&vpb=%7B%22appnexus.member%22%3A%221287%22%2C%22appnexus.invCode%22%3A%221922098%22%2C%22appnexus.result%22%3A0%2C%22appnexus.code%22%3A0%2C%22appnexus.timeForBidResponse%22%3A591%2C%22pubmatic.id%22%3A%223522894%22%2C%22pubmatic.type%22%3A%22OpenRTB%22%2C%22pubmatic.pubid%22%3A%22160545%22%2C%22pubmatic.result%22%3A0%2C%22pubmatic.code%22%3A0%2C%22pubmatic.timeForBidResponse%22%3A390%2C%22rubicon.pubid%22%3A%229294%22%2C%22rubicon.siteId%22%3A%22357204%22%2C%22rubicon.result%22%3A0%2C%22rubicon.code%22%3A0%2C%22rubicon.timeForBidResponse%22%3A452%2C%22spotx.id%22%3A%22264043%22%2C%22spotx.result%22%3A0%2C%22spotx.code%22%3A0%2C%22spotx.timeForBidResponse%22%3A392%2C%22kargo.placementId%22%3A%22_yf6VUG9T6b%22%2C%22kargo.result%22%3A0%2C%22kargo.code%22%3A0%2C%22kargo.timeForBidResponse%22%3A456%2C%22mediagrid.id%22%3A%22S75%22%2C%22mediagrid.type%22%3A%22OpenRTB%22%2C%22mediagrid.pubid%22%3A%22pbGjPIU8%22%2C%22mediagrid.result%22%3A0%2C%22mediagrid.code%22%3A0%2C%22mediagrid.timeForBidResponse%22%3A454%7D&vto=2000&sa=1687975173229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-lga21962-LGA
date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
amzns2s
rtb.gumgum.com/usync/ Frame 7497 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.5.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-5-17.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8c5c46b0c152e1307711ed9967db330b42c84aededa6e4fe5dc3ac72c486012b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 28 Jun 2023 17:59:33 GMT
etag
W/"0ccb037c15beee94b7f7211c9fa5fc971"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 479F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
50ebc57b37a3cfd74bc4fc249a11f5b6753efae8f957e83f672cbdb638fbc8bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1952
Content-Type
text/html
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync
ms-cookie-sync.presage.io/amazon/ Frame 9595 		900 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
/ Express
Resource Hash
7b3e955eba1e3569c3ca24d4330a93a8d5d1f0d4d53aef90b55a82701353ba69

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
900
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
0
Pragma
no-cache
Surrogate-Control
no-store
Via
1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
X-Amz-Cf-Id
gTZOYf8FoLZiRJZ8UgVTJ-H2oBeVaQmB4mmgjkEMIlCeQFU1JSEKJw==
X-Amz-Cf-Pop
EWR50-C1
X-Cache
Miss from cloudfront
X-Powered-By
Express
cm
u.openx.net/w/1.0/ Frame AAE2
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b84d9264aa289d3c89ba9535b1dbafaa81b6c3056a25ab05107080835872091a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
401
content-type
text/html
date
Wed, 28 Jun 2023 17:59:33 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 28 Jun 2023 17:59:33 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame A630
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6418409603037558770&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6418409603037558770&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
DQ9EW1HJDAZP4F9J1KRQ

Redirect headers

content-length
0
date
Wed, 28 Jun 2023 17:59:32 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6418409603037558770&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 101B
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4dcdb25de00b21d8&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMBhis0ppIlwM4L4b5AAAAAAA&expiration=1688061573&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMBhis0ppIlwM4L4b5AAAAAAA&expiration=1688061573&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
VFVWN1W70P03DN47A1WW

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Wed, 28 Jun 2023 17:59:33 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMBhis0ppIlwM4L4b5AAAAAAA&expiration=1688061573&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 4B10
Redirect Chain
  • https://usr.undertone.com/userPixel/syncr?partnerid=49&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=c3d6c5bd03b7435d96ea84c6e29685c3
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=c3d6c5bd03b7435d96ea84c6e29685c3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JHH1WT2HT7R0NR3P2SVQ

Redirect headers

content-length
0
date
Wed, 28 Jun 2023 17:59:32 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=c3d6c5bd03b7435d96ea84c6e29685c3
server
istio-envoy
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
x-amz-cf-id
L6ss1E76IaKsPa-kLpQbucr0tBOhmBtGVpGca_wSvkMoL-_G1Tuwfw==
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
466 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Protocol
HTTP/1.1
Server
23.92.190.74 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
6302c74c9e389ae0fcef2f8d840ee2a14f2a3e5f14c42908ee1c2c6ea58afbe2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.usmagazine.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://www.usmagazine.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
syncframe
gum.criteo.com/ Frame 9AB5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.usmagazine.com
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 17:59:32 GMT
server
Kestrel
server-processing-duration-in-ticks
237687
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-176eb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Jun 2023 17:59:33 GMT
dj
ads.undertone.com/ Frame 2B12 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.undertone.com/dj?&pid=121&domain=usmagazine.com&placementid=121020&fb=1&cb=41539552240&t=1687975173.296&fv=0&x=0&y=14255&sw=1600&sh=1200&cw=1600&ch=1200&loc=https%3A//www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/&fr=1&env=201&ccpa=1---
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-83.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
0d6ab310b74443d903ccaf59c33a510a8c16ebf7096a6464b0f7f5a90e501aa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 57eada8217c838cfdc4ec177bbe3523c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
x-envoy-upstream-service-time
241
content-length
19717
pragma
no-cache
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
content-type
text/javascript
access-control-allow-origin
https://www.usmagazine.com/
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
_Ca0Xh5RhI-TYIZXQ8S_eQexfxhmsCoNIcTnmbq65ORnyY6J3NpHIw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
vttparser.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/vttparser.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f55a1a15b84cce1e042d6c7bba8b8a33211fd84841d84d52c417a72264e37e91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
via
1.1 varnish
age
3018458
x-cache
HIT
content-length
2155
x-served-by
cache-lga21962-LGA
last-modified
Mon, 22 May 2023 06:27:33 GMT
server
AmazonS3
x-timer
S1687975173.307953,VS0,VE0
etag
"aa71471c3ea1334e461104b1905810d9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
32765
RdEySYYI-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://content.jwplatform.com/strips/RdEySYYI-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/RdEySYYI-120.jpg
65 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/RdEySYYI-120.jpg
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
60b0ad6ca2fd4539789f7c66fdbb4260833684ec2ade807895504383e7d5fd6d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
535
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
65397
x-served-by
cache-iad-kcgs7200100-IAD, cache-lga21962-LGA
last-modified
Tue, 22 Sep 2020 18:50:41 GMT
server
nginx
x-timer
S1687975173.491681,VS0,VE2
etag
"6838a02347ebfbcd2b59062103d4fb3e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
7, 1

Redirect headers

date
Wed, 28 Jun 2023 17:57:28 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
age
125
x-cache
Hit from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/RdEySYYI-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
Xsd5B1uj2Gj9nPHZ5BiKY0YI855pGDqdZEYDi2-BJ0QcED7HatSgmA==
truncated
/ Frame 106F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
994be1d3fd8acb2aec49311bb726723a2f6bd9177eb0e44231c8bb75810609d1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 0816 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928572&campId=300x600&pubId=100784417&chanId=22337427983&placementId=4532502385&pubCreative=138221235455&pubOrder=2214117014&cb=2043174966&custom=rr1&custom2=article&adsafe_par&impId=88009817-15dd-11ee-b7c6-029df53a8851
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
/
Resource Hash
f3dd332fb0de094c0c8bf831950b337ff0c87487f477235d64df71a2e87710a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 106F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDOhIT4O5lzDefvo9g9y05Q_ZyLXEzoAjd4e_YAGv9rxL7p_N2jsaVpKRjr5x-7CwiwWZk7BtyJH-cQKpRx1kJmTxwh3Z-lrlNLHSg6TO7_Id60BUOaCjeKN4qtg9bkeHv1bnY8M2oCxjJwHbiXt52bG17W8appN2k7A8VpJS1m0H-AHPzU4m_AmghJ5RbNjV_L6ZYwHTso6PJwAlkC_QzfbQWlL59NNe7UqLvi_2glYoZcF6CvT68CN2QTj3MS90Zmh9POBipquXfUkBmlNI9hSsk13XPuMXS24c-RwKvJTTGUD3cF5iYsmBZDlJmsRqChl-PiFFlQeHDjOuq0Gs&sai=AMfl-YRKFvGzndpAlJSu27kxRjNwr_gcjH-K8Eq80JYBjZvx7BYIxxLjLOvOjQeoe920tQA4ex7OapM7IdeaOG0JtoXw3w2PaEJtPLVcBYuP-BX_FQHiUYD3VBcMmsecyg&sig=Cg0ArKJSzPJbPVP87LbyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 28 Jun 2023 17:59:33 GMT
truncated
/ Frame 9E83 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6fbe4acb3f0cca1512924e7e98dc80c49b4288765d6a7b565f961b4de203fac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 49C2 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928572&campId=300x250&pubId=100784417&chanId=22337608605&placementId=4533045107&pubCreative=138221230549&pubOrder=2214355341&cb=1741580274&custom=article-inline-box1&custom2=article&adsafe_par&impId=8804ddcc-15dd-11ee-9373-0a44a7e95f5d
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
/
Resource Hash
18b3457531b9f329e7f481b3534e0ee0584a26e9dc2d1e0d77a306fb47fc33fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9E83 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJEvYv1BepRjfIDSpCC9CDZja8gN5yQUaefnLakJxrlJWpqRkpcoW7BaL_oxR_Ch2ysJKcECdcdVmIILaugkyofN1vmf820SJbErsWNxmsqofCiHWtNARs-2D1RyEFBPS43zlAmx1C6t1bBoK36FyBsZO0k4UILv309xfXWZZNOpzshyjsR_TuY42sTvqJU1pRF8wHsuwhFPxZm8Ys8ad9GR-N42eowqe_k2HdzbguMj3UihhI8F7PgbPSwrCZBLRzPUZFvoA8a8U5s6dP5uNi8Q4z8s4rY6ZGVMDXNKJZX1thTIwZ3hgmxRYAJBq15sWteusPn7yCK9MFexepu34Pd13Yxpcxxw&sai=AMfl-YSWmZwxiIBYYQ6-zb4sZiDA3hN5tJmwStk9baXgwWXEkYG-WtfWK1C8UwKbSqISZbFATVAUDcjAWtWHoTXHy1cyBwa-x_lc5IMXQPRamO0WLfCwxJIZMGhUQYlZXUA&sig=Cg0ArKJSzJ9YcIHdUk4hEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 28 Jun 2023 17:59:33 GMT
event
prebid-a.rubiconproject.com/ 		0
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.209.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-209-63.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:33 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.209.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-209-63.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 28 Jun 2023 17:59:33 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 17:59:33 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 59E5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=103398
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 28 Jun 2023 17:59:33 GMT
expires
Thu, 29 Jun 2023 22:42:51 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 34A3 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.194.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-194-180.compute-1.amazonaws.com
Software
/
Resource Hash
d2aa84f8b1b05b81a084b42fc4c556ffa223188d91ace4ed917a527da3dd4419

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 28 Jun 2023 17:59:33 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 6397 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 17:59:33 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 47CD 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
ff15d124a482f31808ac3489eda78ddcf916e4c2c13528bc0cebee1b73480d60
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
930
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6d945594b4-8fxxn
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 7989
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1Ua0ZkT1l0RTJ1TGVKUnd5b3g5cG1RQ1FudjJMT1cxUn5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1Ua0ZkT1l0RTJ1TGVKUnd5b3g5cG1RQ1FudjJMT1cxUn5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
7MXPH232EWFAPKZT7GNG

Redirect headers

age
0
content-length
0
date
Wed, 28 Jun 2023 17:59:33 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1Ua0ZkT1l0RTJ1TGVKUnd5b3g5cG1RQ1FudjJMT1cxUn5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.57
strict-transport-security
max-age=31536000
dinitsync
crb.kargo.com/api/v1/ Frame D5BC 		196 B
686 B 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/dinitsync?partners=A9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.177.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-177-129.compute-1.amazonaws.com
Software
/
Resource Hash
9e3ee5e2fe5eefe256b12c86b4816cc46dbf608074e6ca615b05a36b892a67d9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
185
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
ecm3
s.amazon-adsystem.com/ Frame C8DD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=239972947338320392&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=239972947338320392&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QTDF9HQGK43A2TJGW2PV

Redirect headers

AN-X-Request-Uuid
b6067f89-b3e1-4395-bf8d-dbd21c36f935
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=239972947338320392&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
amazon
ce.lijit.com/beacon/ Frame B6DC
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
069f9f9ea9e99d42ca4d76c7c6df5b92ee7cdcf8fc1bc5ac5780acb825c03cb9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
461
Content-Type
text/html
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
sync-iframe
cs-server-s2s.yellowblue.io/ Frame E20E 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
54630bd955d423aef2806db353af4945c5ae4373a67bbf7f3ff6bdc2255132c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Wed, 28 Jun 2023 17:59:33 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
ecm3
s.amazon-adsystem.com/ Frame 9BD1
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1548623984395205096461
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1548623984395205096461
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
M92RY1VTSJ6T3G15BMJA

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 28 Jun 2023 17:59:33 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1548623984395205096461
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
usersync.gumgum.com/ Frame 7497
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=239972947338320392
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=239972947338320392
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d2e113d2-49a7-40a6-904a-4700d611b4f9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=239972947338320392
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7497
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_d17a1305-2dd4-444f-9878-45d8283b404d&gdpr=&gdpr_consent=&us_privacy=
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e5909bf2-71a8-45a7-b91d-17324c9598fd
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=940c2b41-f2d9-4620-97d9-28b02417b871&ssp=gumgum2&bsw_param=e5909bf2-71a8-45a7-b91d-17324c9598fd
  • https://usersync.gumgum.com/usersync?b=bsw&i=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 28 Jun 2023 17:59:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 7497
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28J-NwjesJFNOb3yYSuf2veWLW6enMHHkMoP-rsVqVCfy0PGmfYQM3Re_5rnFXBTA7%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_d17a1305-2dd4-444f-9878-45d8283b404d&obuid=ENC(J-NwjesJFNOb3yYSuf2veWLW6enMHHkMoP-rsVqVCfy0PGmfYQM3Re_5rnFXBTA7)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid=J-NwjesJFNOb3yYSuf2veWLW6enMHHkMoP-rsVqVCfy0PGmfYQM3Re_5rnFXBTA7&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA...
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=J-NwjesJFNOb3yYSuf2veWLW6enMHHkMoP-rsVqVCfy0PGmfYQM3Re_5rnFXBTA7&uid=8kbckfNH1cfpE9PB_BbIw6ZGhMrpRNKW8UtOXr_k
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=J-NwjesJFNOb3yYSuf2veWLW6enMHHkMoP-rsVqVCfy0PGmfYQM3Re_5rnFXBTA7&uid=8kbckfNH1cfpE9PB_BbIw6ZGhMrpRNKW8UtOXr_k
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:35 GMT
Cache-Control
no-cache
X-TraceId
8f05f38d57bde32c73ed57a2eb5c98af
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=J-NwjesJFNOb3yYSuf2veWLW6enMHHkMoP-rsVqVCfy0PGmfYQM3Re_5rnFXBTA7&uid=8kbckfNH1cfpE9PB_BbIw6ZGhMrpRNKW8UtOXr_k
date
Wed, 28 Jun 2023 17:59:35 GMT
cache-control
private, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
usersync
usersync.gumgum.com/ Frame 7497
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=5b662e55-88f2-0e8f-08ed-c7c820761e62
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=5b662e55-88f2-0e8f-08ed-c7c820761e62
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=5b662e55-88f2-0e8f-08ed-c7c820761e62
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 7497
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134
Date
Wed, 28 Jun 2023 17:59:33 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 7497
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-pp_PxGZE2pcD1JLIPIUKDbbaaD_36uEwGyq7~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-pp_PxGZE2pcD1JLIPIUKDbbaaD_36uEwGyq7~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 28 Jun 2023 17:59:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-pp_PxGZE2pcD1JLIPIUKDbbaaD_36uEwGyq7~A
content-length
0
usersync
usersync.gumgum.com/ Frame 7497
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=265f29b0-d998-4d0c-9f19-b770d7a10271
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=265f29b0-d998-4d0c-9f19-b770d7a10271
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=265f29b0-d998-4d0c-9f19-b770d7a10271
Date
Wed, 28 Jun 2023 17:59:33 GMT
Connection
keep-alive
X-CI-RTID
9c6b2b19-2b08-42a0-9f21-b9fcbfcd795b
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 7497
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=2C61E9DF353D4A649FEA6028B8CD8B11
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=2C61E9DF353D4A649FEA6028B8CD8B11
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
592183050
location
https://usersync.gumgum.com/usersync?b=snc&i=2C61E9DF353D4A649FEA6028B8CD8B11
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 7497 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 28 Jun 2023 17:59:33 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 7497
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_d17a1305-2dd4-444f-9878-45d8283b404d&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=GgTZoJOdf55amNPZ-F1y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVDWOVC2N5FE6ZDGGU2WC3KOKBNC2RRRPE
  • https://usersync.gumgum.com/usersync?b=zem&i=GgTZoJOdf55amNPZ-F1y
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=GgTZoJOdf55amNPZ-F1y
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:34 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=GgTZoJOdf55amNPZ-F1y
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7497
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=eda7d366-b8cc-463a-956a-6b796dc0cb7e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=eda7d366-b8cc-463a-956a-6b796dc0cb7e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=eda7d366-b8cc-463a-956a-6b796dc0cb7e
access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:33 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 7497
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=Aghol5ZjA95W&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=Aghol5ZjA95W&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=Aghol5ZjA95W&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-8fxxn
expires
-1
usersync
usersync.gumgum.com/ Frame 7497
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6418409603037558770
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6418409603037558770
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6418409603037558770
date
Wed, 28 Jun 2023 17:59:33 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7497 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_d17a1305-2dd4-444f-9878-45d8283b404d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GAZ7YBMX8XS5PWZF5Q2G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame AAE2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=f48df658-bc4d-8d23-af98-55b28015d4c4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FPR3NGPKE4140H834YD5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
389cec61-304b-a490-5e41-c1d01771d26d
pr-bh.ybp.yahoo.com/sync/openx/ Frame AAE2 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/389cec61-304b-a490-5e41-c1d01771d26d?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:989d:4d6a:f0:57ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame AAE2 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=f48df658-bc4d-8d23-af98-55b28015d4c4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GQ5HM0QX2GWK72A2FNKQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AAE2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=ac5b8a25-a0e7-36d9-6f96-d725e8261f24&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8caea125-1332-49dd-b4e8-4c16d2f9f136&ttd_puid=ac5b8a25-a0e7-36d9-6f96-d725e8261f24&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8caea125-1332-49dd-b4e8-4c16d2f9f136&ttd_puid=ac5b8a25-a0e7-36d9-6f96-d725e8261f24&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8caea125-1332-49dd-b4e8-4c16d2f9f136&ttd_puid=ac5b8a25-a0e7-36d9-6f96-d725e8261f24&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame AAE2 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODAzNDU5ZWYtNjk5MC02ODdkLTdhNzYtOGQ5YzIyYzRkMTQ0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AAE2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENW01gu2BA-4a3trBLAYZpE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENW01gu2BA-4a3trBLAYZpE&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENW01gu2BA-4a3trBLAYZpE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 9595 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ogury.com&id=e1be7724-be0d-4548-bf4d-6522f4b0b0c0
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AAQE50FJV48YMGS8N4QZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bid-switch
ms-cookie-sync.presage.io/v1/init-sync/ Frame 9595 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/v1/init-sync/bid-switch?iab_string=undefined&web_uid=e1be7724-be0d-4548-bf4d-6522f4b0b0c0&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
Via
1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR50-C1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Tue, 27 Jun 2023 14:49:55 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
kt1GIKft-cWhSYHpk_GN-FrcmdMBeBQ6uuW-Gx05OvGcqVKP7AFrHQ==
Expires
0
init-sync
ms-cookie-sync.presage.io/ttd/ Frame 9595 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/ttd/init-sync?iab_string=undefined&web_uid=e1be7724-be0d-4548-bf4d-6522f4b0b0c0&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
Via
1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR50-C1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Tue, 27 Jun 2023 14:49:55 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
EvGIpcqbcpCBRjxOJcs7Z9sk0LKea-IYfSN6SWVmc22z2iKK1gGJGA==
Expires
0
init-sync
ms-cookie-sync.presage.io/xandr/ Frame 9595 		35 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/xandr/init-sync?iab_string=undefined&web_uid=e1be7724-be0d-4548-bf4d-6522f4b0b0c0&source=tam
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
/ Express
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
Via
1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR50-C1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
35
Pragma
no-cache
Last-Modified
Tue, 27 Jun 2023 14:49:55 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-Amz-Cf-Id
O23kda-eE_9OyAq1AdmEfr6AUarYbQhJU8pbtARqrkbi0QaTbzu2-Q==
Expires
0
crum
dsum-sec.casalemedia.com/ Frame 479F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZJx1AqyAB4e5NDZqrk0bIAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENR1-Mp-3M2yD6BReTakcC0&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENR1-Mp-3M2yD6BReTakcC0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENR1-Mp-3M2yD6BReTakcC0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 479F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEM1UvtVm5eMlkHbktzYD__o&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEM1UvtVm5eMlkHbktzYD__o&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEM1UvtVm5eMlkHbktzYD__o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 479F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8caea125-1332-49dd-b4e8-4c16d2f9f136&expiration=1690567173&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8caea125-1332-49dd-b4e8-4c16d2f9f136&expiration=1690567173&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8caea125-1332-49dd-b4e8-4c16d2f9f136&expiration=1690567173&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame 479F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9AESV24MG5YJ4Q7MTSJ7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 479F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=suw107PtPIWpuTqDvLwhgebsbYip7jvUseGltmzX
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=suw107PtPIWpuTqDvLwhgebsbYip7jvUseGltmzX
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=suw107PtPIWpuTqDvLwhgebsbYip7jvUseGltmzX
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 479F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662096628127738
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662096628127738
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
374
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662096628127738
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7de7d3051fd94205-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 479F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=239972947338320392
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=239972947338320392
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
77730535-5733-4858-a156-b8aff465f7bf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=239972947338320392
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 479F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=jDeRK2Xd1Qezs15
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=jDeRK2Xd1Qezs15
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-07c8a9d3092acd898@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=jDeRK2Xd1Qezs15
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 479F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3MYT9F3BB7A6NS3ASF82
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
event
prebid-a.rubiconproject.com/ 		0
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.209.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-209-63.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:33 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.209.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-209-63.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 28 Jun 2023 17:59:33 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
launcher.bundle.9e1aa82.js
wsv3cdn.audioeye.com/v2/build/ 		80 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/launcher.bundle.9e1aa82.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8801b75dd6534ac6cca2c73e8a7b286703de56b9f71abc6514f6ea8665351d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Jun 2023 00:23:56 GMT
server
cloudflare
age
247
etag
W/"649b7d9c-13e92"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7de7d30299ec4397-EWR
expires
Thu, 27 Jun 2024 17:59:33 GMT
compliance.bundle.9e1aa82.js
wsv3cdn.audioeye.com/v2/build/ 		151 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/compliance.bundle.9e1aa82.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949d724e9e3805489733bac2cefb140ad1116a53e1d18f8cd06da3b7101d7b90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Jun 2023 00:23:56 GMT
server
cloudflare
age
428
etag
W/"649b7d9c-25c42"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7de7d30299ef4397-EWR
expires
Thu, 27 Jun 2024 17:59:33 GMT
event
prebid-a.rubiconproject.com/ 		0
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.209.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-209-63.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:33 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.209.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-209-63.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 28 Jun 2023 17:59:33 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ym.1.js
static.yieldmo.com/ Frame 6985 		465 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.1.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a30bc2024b134085ffd2a2d47ecf9ee008e7c17e684bede7a3f997c5615bf84f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:32:35 GMT
x-amz-version-id
Cekm2CtMp8X.aKyRYXxSSrqvDshE7vvJ
content-encoding
br
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
12419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 22 Jun 2023 14:08:44 GMT
server
AmazonS3
etag
W/"484277567ad23ce9ba280dd76b3b8209"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
2bEE-jhD7hM79sQIqkolNXoifc3aBd1SyLbpZ9l27V8p911C2wr61w==
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6985 		43 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3306094453347824865&pvt=1687975170971&plid=25171153787&imp=3422352838061422437&rep_meta=Gq5Z6ziF5xersku0GJqTiGJp64qNGv_iwg-IkJ5DkYsbnfnwRPAJjy4qB4AyN5cYrILqKiGEHIpAzXuSFC4cXhkVXl4BesriPxjTKKeI_yRwICyj0dnkVRKhWKyEOEXdHotU6HzLuZQG6HS64pcHofSMiYwlMGYUEDArWeMsLQjiXYxPE82u2LUMk3ROVVxX0Pg35nyR-ukW0YOZkxWt3LmuLxo-MYD_fZWyCbsxaTvpiyYKxkhWNwsOOpiGerssSdmQlyOaxAro-x81g0hCQRGgmN7nQkw8ni0bChwVl4eetBnC4I09m9sSfSduFIw07LzA73WJl5bi9TYLYdQ6YJd2ZsR6iFxbdsKXUtpU2pY9HtEacQEy1UjPqprJVnMs
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
imp
aax-us-east.amazon-adsystem.com/e/dtb/ Frame 6985 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/imp?b=JH-UluREV9j3aiIDTgNDAsgAAAGJAykUlwEAAAxIAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBJHJwW&pp=xeu58g&isip=1
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.181.15 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6FJ93939MCP6N67MNZ8S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
43
usersync
usersync.gumgum.com/ Frame C2E3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=4b72649c-7502-4200-9732-0e3f626912f4&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=4b72649c-7502-4200-9732-0e3f626912f4&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
Wed, 28 Jun 2023 17:59:32 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1031 59fd23a master ord ord-pixel-x57 config_version:"1969"
location
https://usersync.gumgum.com/usersync?b=mmh&i=4b72649c-7502-4200-9732-0e3f626912f4&gdpr=&gdpr_consent=
user-sync
sync.adkernel.com/ Frame DFCD 		22 B
192 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
22
Date
Wed, 28 Jun 2023 17:59:33 GMT
Pragma
no-cache
Server
nginx
usersync
usersync.gumgum.com/ Frame B663
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZJx1BQAAAOrsJgAz
  • https://usersync.gumgum.com/usersync?b=atm&i=ZJx1BQAAAOrsJgAz&gdpr=&gdpr_consent=&_test=ZJx1BQAAAOrsJgAz
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZJx1BQAAAOrsJgAz&gdpr=&gdpr_consent=&_test=ZJx1BQAAAOrsJgAz
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 28 Jun 2023 17:59:33 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZJx1BQAAAOrsJgAz&gdpr=&gdpr_consent=&_test=ZJx1BQAAAOrsJgAz
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-lga21937-LGA
x-timer
S1687975174.663877,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame DE3C 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9kMTdhMTMwNS0yZGQ0LTQ0NGYtOTg3OC00NWQ4MjgzYjQwNGQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 17:59:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 535E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=103398
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 28 Jun 2023 17:59:33 GMT
expires
Thu, 29 Jun 2023 22:42:51 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 4646
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=8caea125-1332-49dd-b4e8-4c16d2f9f136
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=8caea125-1332-49dd-b4e8-4c16d2f9f136
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Wed, 28 Jun 2023 17:59:33 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=8caea125-1332-49dd-b4e8-4c16d2f9f136
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
rtset
bh.contextweb.com/bh/ Frame 47CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=SElZaUpuaFpQMWtGckl6UGVaS2g4QQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEH7L6j1ycPjAfPvKg05xK_c&google_cver=1
49 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEH7L6j1ycPjAfPvKg05xK_c&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-8fxxn
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEH7L6j1ycPjAfPvKg05xK_c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 47CD
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=4d4fddcb1c3e21d8&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAInviS_9rlTAMR0oBrAAAAAAA&expiration=1688061573&nuid=&is_secure=true
49 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAInviS_9rlTAMR0oBrAAAAAAA&expiration=1688061573&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-8fxxn
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAInviS_9rlTAMR0oBrAAAAAAA&expiration=1688061573&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rtset
bh.contextweb.com/bh/ Frame 47CD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&gdpr_in_effect=0&gdpr_consent=
49 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&gdpr_in_effect=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-8fxxn
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&gdpr_in_effect=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ecm3
s.amazon-adsystem.com/ Frame 47CD 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=Aghol5ZjA95W&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RXD7DEG1ZGQVWPJXZ6MK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6397 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jun 2023 11:16:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62212
Connection
keep-alive
Content-Length
10113
Expires
Thu, 29 Jun 2023 11:16:25 GMT
usync.html
eus.rubiconproject.com/ Frame 7E15
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
  • https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Requested by
Host: ms-cookie-sync.presage.io
URL: https://ms-cookie-sync.presage.io/amazon/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dogury.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ms-cookie-sync.presage.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 17:59:33 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 28 Jun 2023 17:59:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
server
AkamaiGHost
sid
mug.criteo.com/ Frame 9AB5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=usmagazine.com&sn=ChromeSyncframe&so=0&topUrl=www.usmagazine.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=XpQjf3wyTWcrNDRoQno2V3dTS0U0d1FZekNrRDRhbW5yR1FFckVYemhyQnV0QndRTFlJcTlKV0xxR0JnOE5udnRIY0MzS3VlUDdMNk9PWVVBWE9NVTZDcXZZOEdKOWl5Uy9rSFg3d1BRQjNEclBuUFRKbytCdkl5Q1NLMz...
441 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=XpQjf3wyTWcrNDRoQno2V3dTS0U0d1FZekNrRDRhbW5yR1FFckVYemhyQnV0QndRTFlJcTlKV0xxR0JnOE5udnRIY0MzS3VlUDdMNk9PWVVBWE9NVTZDcXZZOEdKOWl5Uy9rSFg3d1BRQjNEclBuUFRKbytCdkl5Q1NLMzhabk9meHZLSmc4WFIydXNXcVNKVGxvNUZlNjdjMExPZFJ4SW14OXFPblRVbzZMV0RtazMvUm1NbU04SDdXV0lvRWNKUjNnRVRTZTg3NjZncWttc1hvOFpCL1Byd2dBWU9PcFczU1l5WGNWcXNQc3REU0prOHBDZnlOc2FwSUc4SktmWjN3NkdYaE5lZmloWVI4bkx1b0FDVFNRMDdQaEp2aHAxWkIxL1h0Z0hBYVRHck5ZYz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c1030ff136cfc1a150e9ff996a2d0d4337d204e7a7adf6b5615578f6021ae51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2135781
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=XpQjf3wyTWcrNDRoQno2V3dTS0U0d1FZekNrRDRhbW5yR1FFckVYemhyQnV0QndRTFlJcTlKV0xxR0JnOE5udnRIY0MzS3VlUDdMNk9PWVVBWE9NVTZDcXZZOEdKOWl5Uy9rSFg3d1BRQjNEclBuUFRKbytCdkl5Q1NLMzhabk9meHZLSmc4WFIydXNXcVNKVGxvNUZlNjdjMExPZFJ4SW14OXFPblRVbzZMV0RtazMvUm1NbU04SDdXV0lvRWNKUjNnRVRTZTg3NjZncWttc1hvOFpCL1Byd2dBWU9PcFczU1l5WGNWcXNQc3REU0prOHBDZnlOc2FwSUc4SktmWjN3NkdYaE5lZmloWVI4bkx1b0FDVFNRMDdQaEp2aHAxWkIxL1h0Z0hBYVRHck5ZYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
563187
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame D5BC 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=411d0d9b-3ba6-321f-0cd5-e5386014c5a3&ex=kargo.com&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/dinitsync?partners=A9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crb.kargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BAJN1TG6EEY1ZFT5D11C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame B6DC 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=G5H3cSZHuSINuM55Tu6cBHSs&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WEJHKVP610AZ1A7QW5J9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame B6DC
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=4dfdf087-7a88-42e9-8537-c91bdeaab859
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=4dfdf087-7a88-42e9-8537-c91bdeaab859
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.68 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:34 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=4dfdf087-7a88-42e9-8537-c91bdeaab859
date
Wed, 28 Jun 2023 17:59:33 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame B6DC
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LJG0U0S1-Q-EBQ2&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LJG0U0S1-Q-EBQ2&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.68 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:35 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LJG0U0S1-Q-EBQ2&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
693f17ec94b6fd0c82d03268b1ba23d6
Expires
0
merge
ce.lijit.com/ Frame B6DC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=fmx
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=TsQVy5XhU41iMArRnN9PSgW16oY&user_group=1&ssp=fmx&gdpr=0
  • https://ce.lijit.com/merge?pid=26&3pid=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.68 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:35 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=
Date
Wed, 28 Jun 2023 17:59:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sovrn
tr.blismedia.com/v1/api/sync/ Frame B6DC 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame B6DC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=239972947338320392&gdpr=0&gdpr_consent=
43 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=239972947338320392&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.68 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ae96c2f3-f3bd-4201-9e8d-eb0cb75ee986
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=239972947338320392&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8599 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
14792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 13:53:01 GMT
expires
Thu, 27 Jun 2024 13:53:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FA14 		783 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cf70d5b737e1219484a146a0bf0d604ac582ca55e0c76716c671458573e0b579
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jEitoetZ1971R59fqQ-U0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-jEitoetZ1971R59fqQ-U0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 17:59:33 GMT
expires
Wed, 28 Jun 2023 17:59:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ym.1.js
static.yieldmo.com/ Frame 158C 		465 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.1.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a30bc2024b134085ffd2a2d47ecf9ee008e7c17e684bede7a3f997c5615bf84f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:32:35 GMT
x-amz-version-id
Cekm2CtMp8X.aKyRYXxSSrqvDshE7vvJ
content-encoding
br
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
12419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 22 Jun 2023 14:08:44 GMT
server
AmazonS3
etag
W/"484277567ad23ce9ba280dd76b3b8209"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
iuz3Ue7mzWuoTxnnWRH9kemVcgy75FWddU561sS_mKNlJ_ryEnwl4g==
ev
ads.yieldmo.com/v000/t_tkr/ Frame 158C 		43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3306094453373607066&pvt=1687975170974&plid=25171153787&imp=7043891257122629690&rep_meta=zrDXLfLHfaUhBbcvbgANUbmIAKK3mC3Dnu4w3T4-s6FJa31uccwv-Vdqtq3JP6A1Lx9YDtiYitrx0dufo8OQVUs-xRPH3-2riW5lgfMv7hhb8MtzFRon9nPrU2L8J7aQHi-syPz6BrnRZgqlH3KPGMkTWIUNL4HMImM3ggIJJKZtKngLOwnA4ruIpqjmyo3fvFjd86dVrJmHVcalD6UVWpzBVqoWmjo2_6S_rVqkMBdjvLJI4BVcko4HpL3RVEgELEgf0OzeNKzyezrM5KEOE-G5myGvJVmdeMFA26cg-6bdUZK_HOTOmG09ZOumMot55VVg8YGzmcI4MEI7kSeiUKevmwgqah2Evaz-sDaTSaBisSEZXZQ48Ly87_QKU1cU
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
imp
aax-us-east.amazon-adsystem.com/e/dtb/ Frame 158C 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/imp?b=JF4_QcXRJoBpOHH70TE2ynUAAAGJAykUowEAAAxIAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAP-A8Z&pp=z2rpj4&isip=1
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.181.15 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WWXHA17JB730WFHE3J0H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
43
ym.1.js
static.yieldmo.com/ Frame 4FDA 		465 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.1.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a30bc2024b134085ffd2a2d47ecf9ee008e7c17e684bede7a3f997c5615bf84f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:32:35 GMT
x-amz-version-id
Cekm2CtMp8X.aKyRYXxSSrqvDshE7vvJ
content-encoding
br
via
1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
age
12419
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 22 Jun 2023 14:08:44 GMT
server
AmazonS3
etag
W/"484277567ad23ce9ba280dd76b3b8209"
vary
Accept-Encoding, Origin
content-type
application/javascript
x-response-headers-policy
static-yieldmo-com_js_text
cache-control
private, max-age=1800
x-amz-cf-id
DwxiBbeFWbBQBhZWPki24s5mG-hwFtUcc1MIQtnj3-G4feJi75SHWA==
ev
ads.yieldmo.com/v000/t_tkr/ Frame 4FDA 		43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3306094453464407565&pvt=1687975170985&plid=25171153787&imp=5984656341358643568&rep_meta=lvCKt8Y_1t2HT5qxIldZFUbxrwzqL_gqAGGNMWUP8_uTo6Wl7m__4feJyxbHhLGDJELJ9VFiiAIl1BB10nOy5fD12mxg-Eu25sZBiyhOisya9HeMuQlPAXE4xm5DmRmzHNWA6ENd2B65Zz8fV9ybk-32hb2WI0vEmz6_bttKQr2Bp9tta5y--5kCJc2KEeZ8P4Zh6EXTellIF21Fi4VpUCq4bvHiH86fqBYGtOU5Myu89I_a1ndGkub5NVGidg3tK2-FFwcifAumS2pPDPrcOd_JfqcAf76-NRctM50StpTu6tA5dyuPw0irCvu6cEQmCnUAVTkMWDfy9udzblUiZY9-nTy5l6hxL9dXMsxnK33XpJWxa-f4O14abNrVKY5V
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
imp
aax-us-east.amazon-adsystem.com/e/dtb/ Frame 4FDA 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/imp?b=JCyi6rGmqvH03cvyFTVCXYwAAAGJAykUWAEAAAxIAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBHP8SW&pp=z2rpj4&isip=1
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.181.15 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M45TPKHW9Z8CWJ4326NA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
43
ecm3
s.amazon-adsystem.com/ Frame 34A3 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=ge4d6940eec1a82772f4
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2R7X4AJ45BRE17J8HR2A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 34A3 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Z2U0ZDY5NDBlZWMxYTgyNzcyZjQ=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 34A3
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTYzREEwQzktRDFGQS00OTlCLTlFMDEtNUJDRjNBN0I2NjdF&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cbWNa5VE2uUlRghyY3V02Cxv_KAIic0-~A&gdpr=0
0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cbWNa5VE2uUlRghyY3V02Cxv_KAIic0-~A&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cbWNa5VE2uUlRghyY3V02Cxv_KAIic0-~A&gdpr=0
date
Wed, 28 Jun 2023 17:59:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.yieldmo.com/v000/ Frame 34A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=239972947338320392&pn_id=an
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=239972947338320392&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0b2fa53d-71fc-4556-86ec-557d640556fd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.yieldmo.com/v000/sync?userid=239972947338320392&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 34A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEFSJCU21F4tLYmhUmHEwdQc&google_cver=1
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEFSJCU21F4tLYmhUmHEwdQc&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEFSJCU21F4tLYmhUmHEwdQc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 34A3
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=ge4d6940eec1a82772f4
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D501914cb-ae0d-46ea-848b-e9fb36399716%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=239972947338320392&pt=501914cb-ae0d-46ea-848b-e9fb36399716%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=239972947338320392&pt=501914cb-ae0d-46ea-848b-e9fb36399716%2C%2C
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Date
Wed, 28 Jun 2023 17:59:34 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a9f0583c-3ec0-4935-875b-4b3d625a3dd2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=239972947338320392&pt=501914cb-ae0d-46ea-848b-e9fb36399716%2C%2C
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame E20E
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=e5909bf2-71a8-45a7-b91d-17324c9598fd
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=e5909bf2-71a8-45a7-b91d-17324c9598fd
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=e5909bf2-71a8-45a7-b91d-17324c9598fd
Date
Wed, 28 Jun 2023 17:59:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame E20E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=6418409603037558770&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=6418409603037558770&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=6418409603037558770&gdpr=0&gdpr_consent=
date
Wed, 28 Jun 2023 17:59:33 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame E20E
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212196038153722
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212196038153722
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212196038153722
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.yellowblue.io/ Frame E20E
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=1244ecb3-1fde-4a02-8e06-5183c7ad1028&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=1244ecb3-1fde-4a02-8e06-5183c7ad1028&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=1244ecb3-1fde-4a02-8e06-5183c7ad1028&gdpr=0
date
Wed, 28 Jun 2023 17:59:33 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame E20E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://ad.turn.com/r/cs?pid=45&rndcb=350811512
  • https://sync.1rx.io/usersync/turn/3425623714870498952?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-ca2d807d-ab8f-4f79-8335-9a42381...
  • https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Wed, 28 Jun 2023 17:59:35 GMT
Server
Tengine
ETag
RXca2d807dab8f4f7983359a423816c02a005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Content-Type
text/html
Connection
keep-alive
cksync.php
contextual.media.net/ Frame E20E 		61 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 28 Jun 2023 17:59:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Wed, 28 Jun 2023 17:59:33 GMT
cs
cs-server-s2s.yellowblue.io/ Frame E20E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=239972947338320392&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=239972947338320392&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fe11c01d-453c-4c90-b508-af1cf3b191ed
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=239972947338320392&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame E20E
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=22135efb-d39f-4c12-8b25-96a8360f6a50&gdpr_consent=null&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=22135efb-d39f-4c12-8b25-96a8360f6a50&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=22135efb-d39f-4c12-8b25-96a8360f6a50&gdpr_consent=null&gdpr=0
date
Wed, 28 Jun 2023 17:59:34 GMT
server
_
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame E20E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=Aghol5ZjA95W&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=Aghol5ZjA95W&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=Aghol5ZjA95W&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-8fxxn
expires
-1
cs
cs-server-s2s.yellowblue.io/ Frame E20E
Redirect Chain
  • https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=5946695555
  • https://sync.1rx.io/usersync/turn/3425623714870498952?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-ca2d807d-ab8f-4f79-8335-9a42381...
  • https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Wed, 28 Jun 2023 17:59:35 GMT
Server
Tengine
ETag
RXca2d807dab8f4f7983359a423816c02a005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Content-Type
text/html
Connection
keep-alive
cs
cs-server-s2s.yellowblue.io/ Frame E20E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=445b96b3-7708-0b9c-24d1-8bb7c98fcb67
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=445b96b3-7708-0b9c-24d1-8bb7c98fcb67
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=445b96b3-7708-0b9c-24d1-8bb7c98fcb67
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame E20E
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=35dfa2c2-f9f1-430b-9666-f957c6f4bec5
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=35dfa2c2-f9f1-430b-9666-f957c6f4bec5
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:34 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-164
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=35dfa2c2-f9f1-430b-9666-f957c6f4bec5
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.yellowblue.io/ Frame E20E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58760/sync?redir=true&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11591&id=y-F.WkOO1E2uLZ41MlwRkLIgcbo5fmrtUx~A&gdpr_in_effect=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11591&id=y-F.WkOO1E2uLZ41MlwRkLIgcbo5fmrtUx~A&gdpr_in_effect=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11591&id=y-F.WkOO1E2uLZ41MlwRkLIgcbo5fmrtUx~A&gdpr_in_effect=0
date
Wed, 28 Jun 2023 17:59:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cs
cs-server-s2s.yellowblue.io/ Frame E20E
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=ge4d6940eec1a82772f4&gdpr=0&gdpr_consent=&us_privacy=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=ge4d6940eec1a82772f4&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=ge4d6940eec1a82772f4&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.yellowblue.io/ Frame E20E
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=9f7af5f0be739ea15fea914e9542278d&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=9f7af5f0be739ea15fea914e9542278d&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=9f7af5f0be739ea15fea914e9542278d&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1687975174308096-147
cs
cs-server-s2s.yellowblue.io/ Frame E20E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
0
Expires
0
cs
cs-server-s2s.yellowblue.io/ Frame E20E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
date
Wed, 28 Jun 2023 17:59:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame E20E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=QxsVSDQakp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R78V9Q2JGJGJZZNQNP4R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
main.19.8.422.js
static.adsafeprotected.com/ Frame F059 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.422.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4641790cbf5c84b9d6aa65f79f2f4fd3ef897776478d7912e16e31878e7e4d59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 19:23:57 GMT
x-amz-version-id
H3hjPBlpconOojZjf5.4mwu2oDHU4Z1_
content-encoding
gzip
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
167737
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 26 Jun 2023 17:26:27 GMT
server
AmazonS3
etag
W/"b5f188372cbe7773137be3f8908d1b84"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
yHpUXt6nOaS4izQg1iaYXCNJnk3RXcxFjbaBuuEQ9Twu8mvzsqQIOA==
usersync
usersync.gumgum.com/ Frame 0BA9
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZJx1BsCo5tAAAO21GzwAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZJx1BsCo5tAAAO21GzwAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:34 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:34 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZJx1BsCo5tAAAO21GzwAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
93
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40207.dc2p.scaleout.jp
X-SO-IP
5.181.234.134
X-SO-Key
ZJx1BsCo5tAAAO21GzwAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"5.181.234.134","key":"ZJx1BsCo5tAAAO21GzwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40207"}
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40207
gumgum
cs.admanmedia.com/sync/ Frame 1BEA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=u_d17a1305-2dd4-444f-9878-45d8283b404d&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 28 Jun 2023 17:59:33 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame 31D8 		43 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 4A18
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=DrY0oVYN8sevkqz4p13d&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=DrY0oVYN8sevkqz4p13d&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:34 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 28 Jun 2023 17:59:34 GMT Wed, 28 Jun 2023 17:59:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=DrY0oVYN8sevkqz4p13d&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 56D4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 17:59:33 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 28 Jun 2023 17:59:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
main.19.8.422.js
static.adsafeprotected.com/ Frame 0816 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.422.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4641790cbf5c84b9d6aa65f79f2f4fd3ef897776478d7912e16e31878e7e4d59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 19:23:57 GMT
x-amz-version-id
H3hjPBlpconOojZjf5.4mwu2oDHU4Z1_
content-encoding
gzip
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
167737
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 26 Jun 2023 17:26:27 GMT
server
AmazonS3
etag
W/"b5f188372cbe7773137be3f8908d1b84"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
IZii0_7DU6gKDFOmWMC55a_qZx2lREkWQbr6oiFPK1NdFRsvk1Nktg==
usync.html
eus.rubiconproject.com/ Frame A27A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 17:59:33 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 28 Jun 2023 17:59:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame C712 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
main.19.8.422.js
static.adsafeprotected.com/ Frame 49C2 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.422.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4641790cbf5c84b9d6aa65f79f2f4fd3ef897776478d7912e16e31878e7e4d59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 19:23:57 GMT
x-amz-version-id
H3hjPBlpconOojZjf5.4mwu2oDHU4Z1_
content-encoding
gzip
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
167737
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 26 Jun 2023 17:26:27 GMT
server
AmazonS3
etag
W/"b5f188372cbe7773137be3f8908d1b84"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
IwBD7m0n4gMUx7zKn7mBBaHsjuVZQlFgfE22Fv8w59mIdNgGewT-Bg==
usync.js
eus.rubiconproject.com/ Frame 7E15 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jun 2023 11:16:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62212
Connection
keep-alive
Content-Length
10113
Expires
Thu, 29 Jun 2023 11:16:25 GMT
usync.html
eus.rubiconproject.com/ Frame EB63
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=12776&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776&gdpr=0&gdpr_consent=
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 17:59:33 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 28 Jun 2023 17:59:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776&gdpr=0&gdpr_consent=
server
AkamaiGHost
usermatch
ssum-sec.casalemedia.com/ Frame 50B1 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
a0ed2bd3c17859c63823de720d1dfd9069679644463a910f4af0cfb5f203e45f

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1710
Content-Type
text/html
Date
Wed, 28 Jun 2023 17:59:33 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
e
evt.undertone.com/ Frame 2B12 		0
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evt.undertone.com/e?bannerid=1887944&campaignid=494396&zoneid=195636&clang=en&ccat=2306,91652,69126,22025,7435,69132,47886,91664,44566,32793,69147,17183,18208,91680,17186,140832,17190,91688,134697,10288,91696,16951,154677,92985,91704,88384,91712,47937,154695,21318,21320,91720,88395,152392,79178,154702,7501,5198,46159,154701,91728,129104,24657,24146,51796,151895,130391,7510,79192,91736,7513,110424,15963,117087,17764,88420,7526,20838,19047,7527,135269,88425,33128,7528,30824,7529,7531,7532,13422,7541,35445,128889,88440,7545,145784,7546,145785,5248,7553,7554,5252,140682,140683,44682,12940,5261,46733,24728,69272,44697,10395,134044,44705,13475,93090,44708,18853,44715,44723,44724,17845,44725,152770,44737,69059,44738,44741,22984,44749,62413,18893,17869,12750,13006,69329,12752,44754,125397,2261,17114,3802,46813,47838,46814,43998,46815,128993,52962,154592,44774,140267,44779,16621,152301,69102,69109,130295,47862,36087,36088,69369,121082,25086,139773&cb=41539552240&bk=rwz5z9&id=ff074964d0b7408ab310ab92cd61d2ee&stid=3&uasv=v22&st=https%3A%2F%2Fwww.usmagazine.com%2F&ut_pii_allowed=1&pid=121&ut_placement_id=121020&aduid=75&io=708725&io_li=339664&time_zone=America/New_York&e=render
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.usmagazine.com/
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
FMW_0ylKt3o-48r5LhK27_-gxkziJHdZmTwcsUtADIrNkzHGK201vg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
l
evt.undertone.com/ Frame 2B12 		0
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evt.undertone.com/l?bannerid=1887944&campaignid=494396&zoneid=195636&clang=en&ccat=2306,91652,69126,22025,7435,69132,47886,91664,44566,32793,69147,17183,18208,91680,17186,140832,17190,91688,134697,10288,91696,16951,154677,92985,91704,88384,91712,47937,154695,21318,21320,91720,88395,152392,79178,154702,7501,5198,46159,154701,91728,129104,24657,24146,51796,151895,130391,7510,79192,91736,7513,110424,15963,117087,17764,88420,7526,20838,19047,7527,135269,88425,33128,7528,30824,7529,7531,7532,13422,7541,35445,128889,88440,7545,145784,7546,145785,5248,7553,7554,5252,140682,140683,44682,12940,5261,46733,24728,69272,44697,10395,134044,44705,13475,93090,44708,18853,44715,44723,44724,17845,44725,152770,44737,69059,44738,44741,22984,44749,62413,18893,17869,12750,13006,69329,12752,44754,125397,2261,17114,3802,46813,47838,46814,43998,46815,128993,52962,154592,44774,140267,44779,16621,152301,69102,69109,130295,47862,36087,36088,69369,121082,25086,139773&cb=41539552240&bk=rwz5z9&id=ff074964d0b7408ab310ab92cd61d2ee&stid=3&uasv=v22&st=https%3A%2F%2Fwww.usmagazine.com%2F&pid=121&deimp=1&dtver=2&ut_pii_allowed=1&has_capping=0&platform=DESKTOP&placement_type=INTERSTITIAL&ut_placement_id=121020&aduid=75&om=0&ip=5.181.234.134&camp_ed=19631&io=708725&io_li=339664&time_zone=America/New_York
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
cache
date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.usmagazine.com/
cache-control
public, max-age=3600
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
x-amz-cf-id
26W04zzrVKpSC5fw13_fL7l0mTV16RSX9iRnEDxZxHCzKmnxSZ0Z9A==
B29730455.364790415;dc_pre=CJnEhMXF5v8CFYnKyAodfrcEOg;dc_trk_aid=556689325;dc_trk_cid=185189264;ord=8dccae1c1d9a4c73a444a871c9729cd6;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=0;tfua=;gdpr=0...
ad.doubleclick.net/ddm/trackimp/N46002.271389UNDERTONE.COM6/ Frame 2B12
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N46002.271389UNDERTONE.COM6/B29730455.364790415;dc_trk_aid=556689325;dc_trk_cid=185189264;ord=8dccae1c1d9a4c73a444a871c9729cd6;dc_lat=;dc_rdid=;tag_for_child...
  • https://ad.doubleclick.net/ddm/trackimp/N46002.271389UNDERTONE.COM6/B29730455.364790415;dc_pre=CJnEhMXF5v8CFYnKyAodfrcEOg;dc_trk_aid=556689325;dc_trk_cid=185189264;ord=8dccae1c1d9a4c73a444a871c9729...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N46002.271389UNDERTONE.COM6/B29730455.364790415;dc_pre=CJnEhMXF5v8CFYnKyAodfrcEOg;dc_trk_aid=556689325;dc_trk_cid=185189264;ord=8dccae1c1d9a4c73a444a871c9729cd6;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=0;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H3
Server
142.250.65.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N46002.271389UNDERTONE.COM6/B29730455.364790415;dc_pre=CJnEhMXF5v8CFYnKyAodfrcEOg;dc_trk_aid=556689325;dc_trk_cid=185189264;ord=8dccae1c1d9a4c73a444a871c9729cd6;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=0;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
tapestry.tapad.com/tapestry/ Frame 2B12
Redirect Chain
  • https://p.placed.com/api/v2/sync/impression?partner=undertone&version=1.0&plaid=spacecoastmaysept&payload_campaign_identifier=339664&payload_timestamp=e2197b5c8f9f439d96f89bdb03895d94&payload_type=...
  • https://tapestry.tapad.com/tapestry/1?ta_partner_id=1862&ta_partner_did=undertone-d3fd4e11-acf8-462f-bf34-d19828afd165&ta_format=png
95 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=1862&ta_partner_did=undertone-d3fd4e11-acf8-462f-bf34-d19828afd165&ta_format=png
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/png
date
Wed, 28 Jun 2023 17:59:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

x-served-by
cache-lga21944-LGA
date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 ip-172-22-24-221.ec2.internal, 1.1 varnish
server
Apache-Coyote/1.1
age
0
x-timer
S1687975174.907602,VS0,VE9
x-cache
MISS
location
https://tapestry.tapad.com/tapestry/1?ta_partner_id=1862&ta_partner_did=undertone-d3fd4e11-acf8-462f-bf34-d19828afd165&ta_format=png
accept-ranges
bytes
content-length
0
x-cache-hits
0
sync
usr.undertone.com/userPixel/ Frame 2B12
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=239972947338320392
0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=239972947338320392
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
C34j1iPVmcEKBu_i7-WNb5_XRKXPYH9ZklWlZVXpJ1nUi7X-yyYNaw==

Redirect headers

Date
Wed, 28 Jun 2023 17:59:33 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4a478b2b-9c2a-41a3-8d8c-ebe4c119cd34
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=239972947338320392
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 2B12
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=e736ed02-a048-0aba-0513-c8e21f8a3f76
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=e736ed02-a048-0aba-0513-c8e21f8a3f76
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
EIxBSGuDVG7fuenT9rjJCuU3m6ZCgx6M3zoPG377EAHiMNVPQCq36g==

Redirect headers

date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=e736ed02-a048-0aba-0513-c8e21f8a3f76
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 2B12
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=0&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=0&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ehLOIPpE2uEbk6TtmAK70p4Rb3HoyBz5~A
0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ehLOIPpE2uEbk6TtmAK70p4Rb3HoyBz5~A
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
wCu5gkK2EnOmwZeKsgt_RxDXhOTuQgNkvXJIFWnXqmFa2i_AMz93rw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-ehLOIPpE2uEbk6TtmAK70p4Rb3HoyBz5~A
date
Wed, 28 Jun 2023 17:59:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 2B12
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LJG0U0S1-Q-EBQ2&gdpr=0
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LJG0U0S1-Q-EBQ2&gdpr=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
VLf03_-pFXcb7Rv9mVNgvlEI_d5G2DpQBZ9TFDLfwq_va1wUldIcsg==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LJG0U0S1-Q-EBQ2&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
Expires
0
sync
usr.undertone.com/userPixel/ Frame 2B12
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=8caea125-1332-49dd-b4e8-4c16d2f9f136&ttl=1690567173
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=8caea125-1332-49dd-b4e8-4c16d2f9f136&ttl=1690567173
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
u3XGX7kjFL5bliVV4J4b8wEgn63N0Mo6UuugTcM0fv8w5xtN_PWVXA==

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=8caea125-1332-49dd-b4e8-4c16d2f9f136&ttl=1690567173
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
249
sync
usr.undertone.com/userPixel/ Frame 2B12
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.underton...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DE63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
0
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
AM-zketaujkzjs7Qh6XTU58QlwsJlY89u5XbJapCbVW6gl7SWPPUbA==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
date
Wed, 28 Jun 2023 17:59:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
t.gif
cw.addthis.com/ Frame 2B12 		0
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.8.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-8-161.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 28 Jun 2023 17:59:34 GMT
b
ads.scorecardresearch.com/ Frame 2B12 		0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.scorecardresearch.com/b?c1=9&c2=2113&c3=2&cs_xi=4hvb6axf4rznsspn3pq4j7jkc
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-92.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 2c6a244ba6cf015578de7d0a0b6908d4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P1
x-amz-cf-id
byowfhnAC1h3KK7FclzvwlIygs8wRmaYBIZND5jV3tDz5BR7mpbZwA==
x-cache
Miss from cloudfront
u
evt.undertone.com/ Frame 2B12
Redirect Chain
  • https://tags.bluekai.com/site/15597?id=4hvb6axf4rznsspn3pq4j7jkc&redir=https://ads.undertone.com/u?dp=1%26uid=$BK_UUID
  • https://ads.undertone.com/u?dp=1&uid=3CJXwZ5Z99eFujhA
  • https://evt.undertone.com/u?dp=1&uid=3CJXwZ5Z99eFujhA
0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evt.undertone.com/u?dp=1&uid=3CJXwZ5Z99eFujhA
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
pbC2lMwpHop_wW3pHskq8yYtzypOm1S1TI-y0FpamMOXoIoLrFYjHw==

Redirect headers

date
Wed, 28 Jun 2023 17:59:34 GMT
via
1.1 57eada8217c838cfdc4ec177bbe3523c.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
location
https://evt.undertone.com/u?dp=1&uid=3CJXwZ5Z99eFujhA
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
kRx5uTkil5oc9A2hFmdWxczs4i9evWWVjRfuM_CmwLb_XLdPCmkBzw==
sync
usr.undertone.com/userPixel/ Frame 2B12
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ?gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-LLEoLINE2uHcvWSuZg75RZgiclcHyPjZKEewfV8-~A&gdpr=0
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-LLEoLINE2uHcvWSuZg75RZgiclcHyPjZKEewfV8-~A&gdpr=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
4
content-length
0
x-amz-cf-id
9IQ8eb6h8a5TdWuxB7fRHrEkWpyq4ZninJbHHYvwtOpXdeETRzG-kg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-LLEoLINE2uHcvWSuZg75RZgiclcHyPjZKEewfV8-~A&gdpr=0
date
Wed, 28 Jun 2023 17:59:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 2B12
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
GHogyiXqNsz4amNvJa2BC0qXmN-5dhW6va_rT2Qoy2uH4HWmcNEW_w==

Redirect headers

date
Wed, 28 Jun 2023 17:59:35 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g.pixel
aa.agkn.com/adscores/ Frame 2B12 		0
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9211197038&_cb=1687975173594&puid=4hvb6axf4rznsspn3pq4j7jkc
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-37.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P3
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
x-amz-cf-id
RPbRvcEnkGLj8-YHnbiPFE85BRHyxgqZgOFcByBEbA0mLdrGFGNu-g==
expires
0
demconf.jpg
dpm.demdex.net/ Frame 2B12
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=4hvb6axf4rznsspn3pq4j7jkc
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=4hvb6axf4rznsspn3pq4j7jkc
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=4hvb6axf4rznsspn3pq4j7jkc
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Server
54.148.15.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-15-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v046-00cae9894.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Oxi5q0cMSU0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v046-0fb4966c9.edge-usw2.demdex.com 8 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
xv6chdRsRZo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=4hvb6axf4rznsspn3pq4j7jkc
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
p.adsymptotic.com/d/px/ Frame 2B12
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=4hvb6axf4rznsspn3pq4j7jkc
  • https://idsync.rlcdn.com/1000.gif?memo=CITSGBIlCiEIARCakQEaGTRodmI2YXhmNHJ6bnNzcG4zcHE0ajdqa2MQABoNCIXq8aQGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=77be8789db0a5bbd3d99e741f37c3c0b91669b015d13d4371d3a1125856bd755791426b5417dce21&_=2
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=00759824
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=00759824
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
104.21.60.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date
Wed, 28 Jun 2023 17:59:34 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=00759824
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch.gif
beacon.krxd.net/ Frame 2B12 		0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=4hvb6axf4rznsspn3pq4j7jkc
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.96.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-96-29.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
beacon-n009-ash-prod.krxd.net
date
Wed, 28 Jun 2023 17:59:33 GMT
cache-control
private, no-cache, no-store
x-request-time
D=107 t=1687975173
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
truncated
/ Frame 2B12 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42df4212ac4100a8e98269ca00bef1f148f84a54227d0daadff2297cf3072035

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame C8E9 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928572&campId=1x1&pubId=18820937&chanId=22684479945&placementId=5692923351&pubCreative=138349712489&pubOrder=2140378470&cb=1019241747&custom=interSpot&custom2=article&adsafe_par&impId=8801d091-15dd-11ee-9e95-028169c47751
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
/
Resource Hash
ac432d855795a6925931eb74b5b861b4e9d0d5936158ac5b0a4461946e9a32a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:33 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame E69A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
34816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-encoding
gzip
content-length
1073
content-type
text/html; charset=UTF-8
date
Wed, 28 Jun 2023 08:19:18 GMT
etag
"e68ef57e60c2e2bb2ac2aa8f9d1ca4ba"
last-modified
Mon, 26 Jun 2023 17:32:07 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1687800727057781
x-goog-hash
crc32c=hx9mhQ== md5=5o71fmDC4rsqwqqPnRykug==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1073
x-guploader-uploadid
ADPycdvlCR-6xrrRkhJB_WrALrXqq7A9ZhN6J4_D_A4sjBK_0kw2psgnun9NlPJT0pA2wEJSUymG0dkiV7OK22sz581t0w
site-menu.bundle.9e1aa82.js
wsv3cdn.audioeye.com/v2/build/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/site-menu.bundle.9e1aa82.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1e6db712926b0f3c56117698fa3ad4b226a3cff660b50505b7ee55ae37812b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Jun 2023 00:23:56 GMT
server
cloudflare
age
406
etag
W/"649b7d9c-d337"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7de7d3065fa34397-EWR
expires
Thu, 27 Jun 2024 17:59:34 GMT
usync.js
eus.rubiconproject.com/ Frame 56D4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jun 2023 11:16:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62211
Connection
keep-alive
Content-Length
10113
Expires
Thu, 29 Jun 2023 11:16:25 GMT
/
ads.sparkflow.net/ Frame 2B12 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.sparkflow.net/?g=101248&x=ff074964d0b7408ab310ab92cd61d2ee&udms_encode=eyJ1ZG1zIjp7InJpZCI6ImZmMDc0OTY0ZDBiNzQwOGFiMzEwYWI5MmNkNjFkMmVlIiwiemlkIjoiMTIxMDIwIiwiY2lkIjoiNDk0Mzk2IiwiYmlkIjoiMTg4Nzk0NCJ9LCJtYWNyb3MiOnsicmFuZG9tIjoiOTRhNDI4MGY0ZmY0NDUzMjg5NDdjOGM5OTQwMzBlZjMiLCJiYW5uZXJpZCI6IjE4ODc5NDQiLCJjYW1wYWlnbmlkIjoiNDk0Mzk2IiwiaW9saW5laXRlbWlkIjoiMzM5NjY0IiwiZG9tYWluIjoidXNtYWdhemluZS5jb20iLCJ6b25laWQiOiIxMjEwMjAiLCJkbnQiOiIwIiwiaWQiOiJmZjA3NDk2NGQwYjc0MDhhYjMxMGFiOTJjZDYxZDJlZSIsImJ1bmRsZWlkIjoiIiwibW9iaWxlX2RldmljZV9pZCI6IiIsImNvcHBhIjoiMCIsImdkcHIiOiIwIiwiZ2RwcnN0ciI6IiJ9fQ&macro_encode=eyJ1dF9pc19zb3J0IjoiMSIsInV0X2NsdXN0ZXJpZCI6IjI1IiwidXRfY291bnRyeSI6InVzIiwidXRfY291bnRyeV9uYW1lIjoiVW5pdGVkIFN0YXRlcyIsInV0X3N0YXRlIjoibnkiLCJ1dF9zdGF0ZV9uYW1lIjoiTmV3IFlvcmsiLCJ1dF9jaXR5X25hbWUiOiJuZXcgeW9yayIsInV0X3ppcF9jb2RlIjoiMTAwMTMiLCJ1dF9kbWEiOiI1MDEiLCJ1dF9kbWFfbmFtZSI6Ik5ldyBZb3JrIiwidXRfbGF0aXR1ZGUiOiI0MC43MiIsInV0X2xvbmdpdHVkZSI6Ii03NC4wIiwidXRfdG9kYXlfdGVtcF9jdXJyZW50IjoiNzgiLCJ1dF90b2RheV90ZW1wX2hpZ2giOiI4MiIsInV0X3RvZGF5X3RlbXBfbG93IjoiNjUiLCJ1dF90b2RheV93ZWF0aGVyX3R5cGUiOiJyYWluIHNob3dlcnMsdGh1bmRlcnN0b3JtcyIsInV0X3RvbW9ycm93X3RlbXBfaGlnaCI6Ijg1IiwidXRfdG9tb3Jyb3dfdGVtcF9sb3ciOiI2NyIsInV0X3RvbW9ycm93X3dlYXRoZXJfdHlwZSI6IlBhcnRseSBTdW5ueSIsInV0X2F1ZGllbmNlIjoiIiwidXRfYWR1bml0aWQiOiI3NSIsInV0X3RyYWRlX2FyZWEiOiJfIn0&r=92838
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.149.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-149-108.compute-1.amazonaws.com
Software
istio-envoy / Express
Resource Hash
b45d59dc67ac9e74bcffaeda49af58c1e9e67972717054e6b656d71322aea8a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
content-encoding
gzip
server
istio-envoy
x-powered-by
Express
vary
Accept-Encoding
transfer-encoding
chunked
content-type
text/javascript; charset=utf-8
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-envoy-upstream-service-time
4
Connection
keep-alive
usync.js
eus.rubiconproject.com/ Frame A27A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jun 2023 11:16:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62211
Connection
keep-alive
Content-Length
10113
Expires
Thu, 29 Jun 2023 11:16:25 GMT
dcm
s.amazon-adsystem.com/ Frame 50B1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B62GZZM3ZYHEKD1Z2MBQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 50B1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZJx1AqyAB4e5NDZqrk0bIAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENR1-Mp-3M2yD6BReTakcC0&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENR1-Mp-3M2yD6BReTakcC0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENR1-Mp-3M2yD6BReTakcC0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 50B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEM1UvtVm5eMlkHbktzYD__o&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEM1UvtVm5eMlkHbktzYD__o&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEM1UvtVm5eMlkHbktzYD__o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 50B1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8caea125-1332-49dd-b4e8-4c16d2f9f136&expiration=1690567174&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8caea125-1332-49dd-b4e8-4c16d2f9f136&expiration=1690567174&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8caea125-1332-49dd-b4e8-4c16d2f9f136&expiration=1690567174&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
ibs:dpid=23728&dpuuid=ZJx1AqyAB4e5NDZqrk0bIAAA%261381
dpm.demdex.net/ Frame 50B1 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZJx1AqyAB4e5NDZqrk0bIAAA%261381?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.15.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-15-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v046-0ff23cb3e.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
zD+ty5O5QTU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum.casalemedia.com/ Frame 50B1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=239972947338320392
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=239972947338320392
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 28 Jun 2023 17:59:34 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8aa42cd0-662b-4d48-ac68-75ca07d263ce
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=239972947338320392
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 50B1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3425623714870498952
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3425623714870498952
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3425623714870498952
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 50B1
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477416032030645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477416032030645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477416032030645
Date
Wed, 28 Jun 2023 17:59:34 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
usr.undertone.com/userPixel/ Frame 50B1 		0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:33 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
fdfRCar8neScznBcLGznqu7djqjy8p3YlxRJyY013KjByxKYtNApzQ==
meta
api.assertcom.de/ 		0
312 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/meta
Requested by
Host: 8fby8peddod4qetsz.ay.delivery
URL: https://8fby8peddod4qetsz.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
meta
api.assertcom.de/ 		0
311 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/meta
Requested by
Host: 8fby8peddod4qetsz.ay.delivery
URL: https://8fby8peddod4qetsz.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 59E5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69475379&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
085f5f7344140704c1559879f93f2b800f3e0cc3059cd028f31158973093aafb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 28 Jun 2023 17:59:33 GMT
content-length
1633
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame EB63 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jun 2023 11:16:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62211
Connection
keep-alive
Content-Length
10113
Expires
Thu, 29 Jun 2023 11:16:25 GMT
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Wed, 28 Jun 2023 17:59:34 GMT
cast_sender.js
www.gstatic.com/eureka/clank/114/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/114/cast_sender.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15225
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 15:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 29 Jun 2023 17:08:28 GMT
rid
match.adsrvr.org/track/ Frame 6985
Redirect Chain
  • https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
  • https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
108 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
ebe5c202d500de367e475b82eee58a41fb92cfc4ae9c0d0f793e0d354081dc00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 28 Jul 2023 17:59:34 GMT

Redirect headers

date
Wed, 28 Jun 2023 01:21:59 GMT
via
1.1 b601959712c1f21193a489b5759f70ba.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
59856
vary
Origin
access-control-allow-methods
GET
x-cache
Hit from cloudfront
location
https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
L7Sgs-TtTm4QDUIWPBsLe6vqFp0g97QhBBoivl7HrzVYoTsb23UdTA==
ymcas
ads.yieldmo.com/ Frame E4D7 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
c21b599ffc06467fb3e17a742e18929c3978ffc56f9c47967472c55460505fda

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 28 Jun 2023 17:59:34 GMT
pragma
no-cache
vary
accept-encoding
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:34 GMT
x-amzn-RequestId
f3d51fff-12e1-d5b1-aec3-68b95b48390b
100.index.html
static.yieldmo.com/sdk/template/js/ Frame 6985 		396 KB
106 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js/100.index.html
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5cdc0a3c87cf269b335d01e9e933aa041b057496437fac1dba0f8daff5f3b59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
Ut_VjdDRyjjMfRyWxXJqibv8xHHjhYrY
content-encoding
br
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 06:41:32 GMT
x-amz-cf-pop
JFK50-P4
age
40683
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 08 Jun 2023 21:37:23 GMT
server
AmazonS3
etag
W/"6440136df3eb94e6ea61cd7443080bbe"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
x-response-headers-policy
static-yieldmo-com_js_text
cache-control
private, max-age=1800
x-amz-cf-id
bBZI6Wdy2O1jUSaYCW0cGdNC0MODU87jtCuw8GcIhzU2CIr5IDYB4g==
/
kinesis.us-east-1.amazonaws.com/ Frame 6985 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
1b30fbc447d072b5a6cd8839ceac3285a0c54a6bdc3c2cee08b57a5f2ea727e0

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=59548b855b8c433529dbc342d009c4bb8d70ea814d8c3e57daa91a15d29848cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
00685d6271d2289fd063db5cc52474a06c36ba82da57508afe8eb2e77f9d003b
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175934Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:34 GMT
x-amzn-RequestId
dd6ecbe3-4f43-1615-8078-bca506eafaaf
Content-Length
133
x-amz-id-2
Ahm7fRSGZfPRJ/99BjBT/nl4gt4B4tnE+a7tzlX/DC4ZtI+dgqcc9EA3klNWUjicI8bUxoalEdXFDbaeAGLSqxf5/MKtiWMc
Content-Type
application/x-amz-json-1.1
ecm3
s.amazon-adsystem.com/ Frame 6397
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LJG0U0S1-Q-EBQ2
  • https://s.amazon-adsystem.com/ecm3?id=LJG0U0S1-Q-EBQ2&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LJG0U0S1-Q-EBQ2&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZASVJ7MHGV93R8H5Q1J5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LJG0U0S1-Q-EBQ2&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
rid
match.adsrvr.org/track/ Frame 158C
Redirect Chain
  • https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
  • https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
108 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
ebe5c202d500de367e475b82eee58a41fb92cfc4ae9c0d0f793e0d354081dc00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:34 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 28 Jul 2023 17:59:34 GMT

Redirect headers

date
Wed, 28 Jun 2023 01:21:59 GMT
via
1.1 b601959712c1f21193a489b5759f70ba.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
59856
vary
Origin
access-control-allow-methods
GET
x-cache
Hit from cloudfront
location
https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
UYCl-kD3B0TpNtsT8i5Om9Ke8STCbli8tCWJYalnzeoNUzKQW83AYg==
ymcas
ads.yieldmo.com/ Frame 505A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:34 GMT
pragma
no-cache
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:34 GMT
x-amzn-RequestId
de95ce30-e797-905d-8383-b976ae3e7ce7
53.handlebars.js
static.yieldmo.com/sdk/template/js/desktop/ Frame 158C 		336 KB
92 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js/desktop/53.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9752d82531103027271d019d8b7905e2e1c2ab5c02d34630b1ed79f4d421b5ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
O.SwQ.6C9zDwzZRJ_RNnJNztvZvuicQz
content-encoding
gzip
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 04:46:34 GMT
x-amz-cf-pop
JFK50-P4
age
47581
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 08 Jun 2023 21:37:24 GMT
server
AmazonS3
etag
W/"a02fea73d6654591828bd43ad9c0225c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
x-response-headers-policy
static-yieldmo-com_js_text
cache-control
private, max-age=1800
x-amz-cf-id
n-KjrlrmHmzIGkGnlup3zjxuFT4tgyT5CNDDf3cNH7oyO3AsUxQxXQ==
/
kinesis.us-east-1.amazonaws.com/ Frame 158C 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
d7180dad9ce60cfa324daec6872ed121b9f4e5e349d54ba425cb6ebf0cf42c3b

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f0be6c332e3da0f0fb2a09930a0f6916ef717b66807857567679255f0bdd17d9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
4adb010911c2bde7fe95e8ae591671eed92b1ed3c73265c18245370e3062ce74
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175934Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:34 GMT
x-amzn-RequestId
fee8f086-c643-a334-a3fe-87c08fea4f8e
Content-Length
133
x-amz-id-2
N44yb/cINNjqdJcQAFgOyBA5/uy3T7oJYnYF1WulLvIS7pFjECjifPM39NgQIEDvh40nqHq1PQ+ZnyV2YSlpWe8AR2Xtjk+O
Content-Type
application/x-amz-json-1.1
rid
match.adsrvr.org/track/ Frame 4FDA
Redirect Chain
  • https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
  • https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
108 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
5dbae88e110bbd340b50ade8ea6a398d0fcb7c4c2ee2baf18f2b1593218ad49d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 28 Jul 2023 17:59:35 GMT

Redirect headers

date
Wed, 28 Jun 2023 01:21:59 GMT
via
1.1 b601959712c1f21193a489b5759f70ba.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
59856
vary
Origin
access-control-allow-methods
GET
x-cache
Hit from cloudfront
location
https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
3aLE6LnxOkB4EBFYNY4mHCTtMTYyFaOvbubCgFFx8bmc9rt5tMvpDA==
ymcas
ads.yieldmo.com/ Frame 0F11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:34 GMT
pragma
no-cache
48.handlebars.js
static.yieldmo.com/sdk/template/js_a/desktop/ Frame 4FDA 		357 KB
95 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js_a/desktop/48.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96286b0e2aa5f534f95fd4acaea7b0987b262a91583dbd703fb7f19e48978d23

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
4Uu8g14W8wLZLQmdVt1516uJNAMW77s9
content-encoding
gzip
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 04:42:21 GMT
x-amz-cf-pop
JFK50-P4
age
47834
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 08 Jun 2023 21:37:27 GMT
server
AmazonS3
etag
W/"848a67ff9273e0b857507b5a30bf402d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
x-response-headers-policy
static-yieldmo-com_js_text
cache-control
private, max-age=1800
x-amz-cf-id
Irj5y4wqBbTY4JqtaBgqcQlZhMk6ksfpCV8lu6eHrzeoaFu1T_eCiw==
/
kinesis.us-east-1.amazonaws.com/ Frame 4FDA 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
af4fc40f0a54c6f57e23a7728605f90be7b8e98524dbf8a349c1163c1c12163d

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=636dfe8297cd93dac67918e61cd91535d4228977ec904fc87efef5141e85597b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
3659b5e5f7490c1874a6e8704f02ee136c02a1b657d55617e1a8b4fe7ac7331b
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175934Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:34 GMT
x-amzn-RequestId
e8a3f557-9ed8-5e36-b5b5-8211d771b28c
Content-Length
133
x-amz-id-2
YaJpjNzrCp3ADdK71vLXxjpq9nuBy7EsTp39KM9jVOmGMkdXyKawJIqZEjnHbxTkYOWAD+3K2F1PiQFQm+lTQgMj7DrbND/Q
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:34 GMT
x-amzn-RequestId
d7313bff-8169-e584-8a27-4cb9c8c0093e
sca.17.6.2.js
static.adsafeprotected.com/ Frame 37FB 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
7558100
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
YK5Iypu8hVh6CclMCLOlptJIdJuN7mUTLQdvLrrGhtfbi7vdPVLODQ==
mon
pixel.adsafeprotected.com/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928572&campId=970x250&pubId=100784417&chanId=22337608653&placementId=4532524456&pubCreative=138221234125&pubOrder=2214162919&cb=1290752961&custom=leader1&custom2=article&adsafe_par&impId=880022e5-15dd-11ee-aa6a-0ef05de99743&adsafe_url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.usmagazine.com%2F&adsafe_type=f&adsafe_jsinfo=,id:37e3873f-ff20-0f99-31ee-ace7bf98e81e,c:gRblkx,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-647467dcbd-5fmrg,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:315.190.970.250,am:i,cc:315.190.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:771,mot:0,app:0,maw:0,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c*.928572%7C1c1%7C1c2%7C1d%7C1e1%7C1e2%7C1e3%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1014,oid:89675499-15dd-11ee-83c0-ee8f7b1b8275,v:19.8.422,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
server
nginx
x-server-name
app25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=37e3873f-ff20-0f99-31ee-ace7bf98e81e&tv=%7Bc:gRblkA,pingTime:-8,time:1016,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1016,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1013,wc:0.0.1600.1200,ac:315.190.970.250,am:i,cc:315.190.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B239~100%5D,as:%5B239~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c*.928572%7C1c1%7C1c2%7C1d%7C1e1%7C1e2%7C1e3%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1015%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 3F16 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviH9m5nGaBqEatd8Jm60naDjhS5n27dtwLjvVUHHxe9atGpRQaufG-s8dUAv83K5CLj1HLhzQma5Htq3j-1AJQ3eb8TF0sObH1pi6w66Yd2Weh911u&sig=Cg0ArKJSzAlcNeyTDskPEAE&id=lidar2&mcvt=1649&p=190,315,440,1285&mtos=1649,1649,1649,1649,1649&tos=1649,0,0,0,0&v=20230626&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2826284106&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687975172573&rpt=630&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 6255 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 17:59:35 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame BD19 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40669
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 28 Jun 2023 17:59:35 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 21 Jun 2023 06:41:32 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
95562
X-Served-By
cache-lga21960-LGA
X-Timer
S1687975175.087702,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9227 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160545
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=103396
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 28 Jun 2023 17:59:35 GMT
expires
Thu, 29 Jun 2023 22:42:51 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=themediagrid&ssp_user_id=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-Q2SklDBE2pmeQzjb5s0nGQxgZp0ys6i2TiKwog--~A&expires=5&ssp=themediagrid
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-Q2SklDBE2pmeQzjb5s0nGQxgZp0ys6i2TiKwog--~A&expires=5&ssp=themediagrid
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Wed, 28 Jun 2023 17:59:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-Q2SklDBE2pmeQzjb5s0nGQxgZp0ys6i2TiKwog--~A&expires=5&ssp=themediagrid
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FA14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306270101&jk=4313694890951919&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
sync
ads.yieldmo.com/v000/ Frame E4D7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=ge4d6940eec1a82772f4
  • https://ads.yieldmo.com/v000/sync?tdid=8caea125-1332-49dd-b4e8-4c16d2f9f136
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=8caea125-1332-49dd-b4e8-4c16d2f9f136
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=8caea125-1332-49dd-b4e8-4c16d2f9f136
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
sync
ads.yieldmo.com/ Frame E4D7
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LJG0U0S1-Q-EBQ2
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LJG0U0S1-Q-EBQ2
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LJG0U0S1-Q-EBQ2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
sync
ads.yieldmo.com/v000/ Frame E4D7
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5389792780
  • https://sync.1rx.io/usersync/tradedesk/8caea125-1332-49dd-b4e8-4c16d2f9f136
  • https://sync.targeting.unrulymedia.com/csync/RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-ca2d807d-ab8f-4f79-8335-9a423816c0...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Wed, 28 Jun 2023 17:59:36 GMT
Server
Tengine
ETag
RXca2d807dab8f4f7983359a423816c02a005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Content-Type
text/html
Connection
keep-alive
dcm
s.amazon-adsystem.com/ Frame E4D7 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=f6211fd7-a601-40e8-9dd6-61bde519f43d&id=ge4d6940eec1a82772f4
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FDA64TW478BV3G4CWKHK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58529/ Frame E4D7 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=ge4d6940eec1a82772f4
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.yieldmo.com/v000/ Frame E4D7
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1
  • https://ads.yieldmo.com/v000/sync?userid=77c88898-7a4b-4d09-b363-5fe491a39eef&pn_id=b
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=77c88898-7a4b-4d09-b363-5fe491a39eef&pn_id=b
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Wed, 28 Jun 2023 17:58:51 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://ads.yieldmo.com/v000/sync?userid=77c88898-7a4b-4d09-b363-5fe491a39eef&pn_id=b
cache-control
private,no-cache
content-length
206
expires
-1
CookieSyncYieldMo
rtb.adentifi.com/ Frame E4D7 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncYieldMo
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
sync
ads.yieldmo.com/ Frame E4D7
Redirect Chain
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=8e2e216241b185d&is_secure=true&networkId=42851&version=1
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAIp9pPnAgDQAN2cqNUAAAAAAA&expiration=1688061588&is_secure=true
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAIp9pPnAgDQAN2cqNUAAAAAAA&expiration=1688061588&is_secure=true
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:48 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAIp9pPnAgDQAN2cqNUAAAAAAA&expiration=1688061588&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ads.yieldmo.com/ Frame E4D7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=yieldmo
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=MTgbSzA5Eh0qbRQbP2gPGWU4QxAqOhVMMjWIr3ab
  • https://ads.yieldmo.com/sync?userid=e5909bf2-71a8-45a7-b91d-17324c9598fd&pn_id=bsw&extinit=&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=e5909bf2-71a8-45a7-b91d-17324c9598fd&pn_id=bsw&extinit=&gdpr=0&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Location
//ads.yieldmo.com/sync?userid=e5909bf2-71a8-45a7-b91d-17324c9598fd&pn_id=bsw&extinit=&gdpr=0&gdpr_consent=
Date
Wed, 28 Jun 2023 17:59:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame E4D7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
  • https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=607e9990-e2f4-465c-b434-147e953d38a5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=607e9990-e2f4-465c-b434-147e953d38a5
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=607e9990-e2f4-465c-b434-147e953d38a5
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2969189
content-length
0
expires
Wed, 28 Jun 2023 00:00:00 GMT
sync
sync-openx.ads.yieldmo.com/ Frame E4D7
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D
  • https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c8501938-32e3-0cf8-32f3-cb4b14cd0aba
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c8501938-32e3-0cf8-32f3-cb4b14cd0aba
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.203.194.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-194-180.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

date
Wed, 28 Jun 2023 17:59:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c8501938-32e3-0cf8-32f3-cb4b14cd0aba
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ads.yieldmo.com/v000/ Frame E4D7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=76&redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fmm_user_id%3D%5BMM_UUID%5D
  • https://ads.yieldmo.com/v000/sync?mm_user_id=4b72649c-7502-4200-9732-0e3f626912f4
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?mm_user_id=4b72649c-7502-4200-9732-0e3f626912f4
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Wed, 28 Jun 2023 17:59:35 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x55 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://ads.yieldmo.com/v000/sync?mm_user_id=4b72649c-7502-4200-9732-0e3f626912f4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 28 Jun 2023 17:59:34 GMT
sync
ads.yieldmo.com/ Frame E4D7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=TsQVy5XhU41iMArRnN9PSgW16oY&gdpr=&gdpr_consent=
43 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=TsQVy5XhU41iMArRnN9PSgW16oY&gdpr=&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=TsQVy5XhU41iMArRnN9PSgW16oY&gdpr=&gdpr_consent=
Date
Wed, 28 Jun 2023 17:59:35 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
396846.gif
idsync.rlcdn.com/ Frame E4D7
Redirect Chain
  • https://idsync.rlcdn.com/397286.gif?partner_uid=ge4d6940eec1a82772f4
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f99df543-6da0-00b9-30ef-57d6d1bd7efc
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f99df543-6da0-00b9-30ef-57d6d1bd7efc
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 28 Jun 2023 17:59:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f99df543-6da0-00b9-30ef-57d6d1bd7efc
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
sync-iqzone.ads.yieldmo.com/ Frame E4D7
Redirect Chain
  • https://xsync.iqzone.com/psync?t=s&e=366&cb=https%3A%2F%2Fsync-iqzone.ads.yieldmo.com%2Fsync%3Fpn_id%3Diqzone%26id%3D%25USER_ID%25
  • https://sync-iqzone.ads.yieldmo.com/sync?pn_id=iqzone&id=375f7fd0-4f51-4599-a9e6-22f5fc28fccd
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-iqzone.ads.yieldmo.com/sync?pn_id=iqzone&id=375f7fd0-4f51-4599-a9e6-22f5fc28fccd
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.203.194.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-194-180.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Wed, 28 Jun 2023 17:59:35 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://sync-iqzone.ads.yieldmo.com/sync?pn_id=iqzone&id=375f7fd0-4f51-4599-a9e6-22f5fc28fccd
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sync
sync-eq.ads.yieldmo.com/ Frame E4D7
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent=
  • https://sync-eq.ads.yieldmo.com/sync?pn_id=eq&id=6418409603037558770&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-eq.ads.yieldmo.com/sync?pn_id=eq&id=6418409603037558770&gdpr=0&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.203.194.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-194-180.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-eq.ads.yieldmo.com/sync?pn_id=eq&id=6418409603037558770&gdpr=0&gdpr_consent=
date
Wed, 28 Jun 2023 17:59:34 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame E4D7 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_sc&google_hm=Z2U0ZDY5NDBlZWMxYTgyNzcyZjQ=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame E4D7
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E
  • https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=3309767730813480000V10
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=3309767730813480000V10
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 28 Jun 2023 17:59:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=3309767730813480000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Wed, 28 Jun 2023 17:59:35 GMT
sync
ads.yieldmo.com/v000/ Frame E4D7
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=4dfdf087-7a88-42e9-8537-c91bdeaab859&gdpr=&gdpr_pd=&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=4dfdf087-7a88-42e9-8537-c91bdeaab859&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=4dfdf087-7a88-42e9-8537-c91bdeaab859&gdpr=&gdpr_pd=&gdpr_consent=
date
Wed, 28 Jun 2023 17:59:35 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g.pixel
aa.agkn.com/adscores/ Frame E4D7 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212291508&puid=ge4d6940eec1a82772f4
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-37.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
via
1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P3
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
MPNWQaisp5IphETXS2JxtZUrgkA6n6aO6-GImFp1z_q8No5V9ozQ8g==
expires
0
sync
ads.yieldmo.com/v000/ Frame E4D7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=GgTZoJOdf55amNPZ-F1y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6YLEOMXHS2LFNRSG23ZOMNXW2L3WGAYDAL3TPFXGGP3F...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6YLEOMXHS2LFNRSG23ZOMNXW2L3WGAYDAL3TPFXGGP3FPBRWQYLOM5ST26LJMVWGI3LPEZYG4X3JMQ6XUJTVONSXE2LEHVDWOVC2N5FE6ZDGGU2WC3KOKBNC2RRRPE
  • https://ads.yieldmo.com/v000/sync?pn_id=z&userid=GgTZoJOdf55amNPZ-F1y
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=z&userid=GgTZoJOdf55amNPZ-F1y
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:36 GMT
Content-Type
text/html; charset=utf-8
Location
https://ads.yieldmo.com/v000/sync?pn_id=z&userid=GgTZoJOdf55amNPZ-F1y
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
96
Expires
Thu, 01 Dec 1994 16:00:00 GMT
26980
stags.bluekai.com/site/ Frame E4D7 		62 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/26980?limit=0&id=ge4d6940eec1a82772f4
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.21.62 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-21-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 28 Jun 2023 17:59:35 GMT
content-length
62
content-type
image/gif
sync
sync-beeswax.ads.yieldmo.com/ Frame E4D7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/mo
  • https://sync-beeswax.ads.yieldmo.com/sync?pn_id=beeswax&ext=1&id=AADmZ07JOOoAACE6kkaYJA
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-beeswax.ads.yieldmo.com/sync?pn_id=beeswax&ext=1&id=AADmZ07JOOoAACE6kkaYJA
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.203.194.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-194-180.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-beeswax.ads.yieldmo.com/sync?pn_id=beeswax&ext=1&id=AADmZ07JOOoAACE6kkaYJA
Date
Wed, 28 Jun 2023 17:59:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/ Frame E4D7
Redirect Chain
  • https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D
  • https://ads.yieldmo.com/sync?pn_id=loopme&id=22135efb-d39f-4c12-8b25-96a8360f6a50
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=loopme&id=22135efb-d39f-4c12-8b25-96a8360f6a50
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/sync?pn_id=loopme&id=22135efb-d39f-4c12-8b25-96a8360f6a50
date
Wed, 28 Jun 2023 17:59:35 GMT
server
_
content-length
0
yieldmo
cs.admanmedia.com/sync/ Frame E4D7 		0
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/yieldmo?redir=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fuserid%3D%7B%24PARTNER_UID%7D%26pn_id%3Daa
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:35 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
sync
sync-adform.ads.yieldmo.com/ Frame E4D7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1283
  • https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=4662830998819244376
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=4662830998819244376
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.203.194.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-194-180.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=4662830998819244376
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sca.17.6.2.js
static.adsafeprotected.com/ Frame 3CF0 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
7558100
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
fSMNKhNlpKcil0SLZLl3cPOcwJXOucgongR-1RA3sdCOznor7QI6bg==
mon
pixel.adsafeprotected.com/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928572&campId=300x600&pubId=100784417&chanId=22337427983&placementId=4532502385&pubCreative=138221235455&pubOrder=2214117014&cb=2043174966&custom=rr1&custom2=article&adsafe_par&impId=88009817-15dd-11ee-b7c6-029df53a8851&adsafe_url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.usmagazine.com%2F&adsafe_type=f&adsafe_jsinfo=,id:61aa82ee-fa3c-9af6-776e-e30dafa96c82,c:gRbloC,sl:partialViewPlus,em:true,fr:true,thd:1,mn:jsserver-primary-647467dcbd-xgrht,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1130.772.300.600,am:i,cc:1130.772.300.600,piv:71,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1190,mot:0,app:0,maw:0,fm:tIv1O4b+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d%7C1e1%7C1e2%7C1e3%7C1f%7C1g*.928572%7C1g1%7C1g2%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r,idMap:1g*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1232,oid:897b7899-15dd-11ee-9dfb-7a7dbcc8a801,v:19.8.422,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
server
nginx
x-server-name
app15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 106F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzTDh_UN1V_nPCgITG4c2O4vdHgQQ03T38ohlNj34iqIYqh6cJJzxsMukaP5k-qYycghLouOumLqLSGsrZOG5rqQgUPmTSr1tSwxCgIV38W_7sMY-S&sig=Cg0ArKJSzN_oKF8H32dDEAE&id=lidar2&mcvt=1642&p=772,1130,1372,1430&mtos=0,0,1642,1642,1642&tos=0,0,1642,0,0&v=20230626&bin=7&avms=nio&bs=1600,1200&mc=0.71&vu=1&app=0&itpl=19&adk=4046027892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687975172824&rpt=530&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.422.js
static.adsafeprotected.com/ Frame C8E9 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.422.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4641790cbf5c84b9d6aa65f79f2f4fd3ef897776478d7912e16e31878e7e4d59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 19:23:57 GMT
x-amz-version-id
H3hjPBlpconOojZjf5.4mwu2oDHU4Z1_
content-encoding
gzip
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
167739
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 26 Jun 2023 17:26:27 GMT
server
AmazonS3
etag
W/"b5f188372cbe7773137be3f8908d1b84"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
izRCTm1D6lJl2scufFA_SibRdFn1CjtPDiy2EXsMvrBQeBcAp1rp2A==
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=37e3873f-ff20-0f99-31ee-ace7bf98e81e&tv=%7Bc:gRblqY,pingTime:0,time:1412,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1013%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1412,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1013,wc:0.0.1600.1200,ac:315.190.970.250,am:i,cc:315.190.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B635~100%5D,as:%5B635~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c*.928572%7C1c1%7C1c2%7C1d%7C1e1%7C1e2%7C1e3%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1015%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame A55E 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
7558101
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
9URZNjfoILjjMXNgAknBmqRGUUyC9P1SU0b87ZYbpZH7I-yy8zs4fg==
mon
pixel.adsafeprotected.com/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928572&campId=300x250&pubId=100784417&chanId=22337608605&placementId=4533045107&pubCreative=138221230549&pubOrder=2214355341&cb=1741580274&custom=article-inline-box1&custom2=article&adsafe_par&impId=8804ddcc-15dd-11ee-9373-0a44a7e95f5d&adsafe_url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.usmagazine.com%2F&adsafe_type=f&adsafe_jsinfo=,id:32f8372f-f0c3-dc88-59ea-d7ef54884939,c:gRblrU,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-647467dcbd-fjlnd,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:590.1486.300.250,am:i,cc:590.1486.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1341,mot:0,app:0,maw:0,fm:tIv1O5n+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d%7C1e1%7C1e2%7C1e3%7C1f%7C1g1%7C1g2%7C1g3%7C1h*.928572%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1361,oid:8986c338-15dd-11ee-8a58-260e96177d30,v:19.8.422,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
server
nginx
x-server-name
app13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
1256
check.analytics.rlcdn.com/check/ 		25 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-102.jfk50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
via
1.1 d3a2886dcf7e47b1e56baf628c69dc24.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-amzn-trace-id
Root=1-649c7507-4d03227e53e7e3446b7c168d
x-amzn-requestid
a089223a-8bcf-47f8-91bd-38a0f041e84f
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
HPc5MEisDoEFvUw=
content-length
25
x-amz-cf-id
e35muqa5EQYNdoBKM0V6fdS6_MADhAYY8GMf-NlGgAs17zj_quQXFw==
1256
check.analytics.rlcdn.com/check/ 		25 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-102.jfk50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
via
1.1 d3a2886dcf7e47b1e56baf628c69dc24.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-amzn-trace-id
Root=1-649c7507-28679c4b3bd560cb5adffacc
x-amzn-requestid
18aeb3e8-611c-429a-ac45-98ae06457c1d
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
HPc5MFrBDoEFWbg=
content-length
25
x-amz-cf-id
RaokQWcQ_fsUm_SwiQiT0KdGneF5zTTVDsGXxJ_K9S1gqGapkf6q3w==
1256
check.analytics.rlcdn.com/check/ 		25 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-102.jfk50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
via
1.1 d3a2886dcf7e47b1e56baf628c69dc24.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-amzn-trace-id
Root=1-649c7507-24aad6b464a18c7c1664f93f
x-amzn-requestid
eeae53d6-6c34-4044-b3f1-bb1912ff9cc2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
HPc5MHk8DoEFXRw=
content-length
25
x-amz-cf-id
VH4J8BSGv2LGpFDHkW13AelNXOvpr4PNwdRtUfp76bkzGN3_UF46OA==
1256
check.analytics.rlcdn.com/check/ 		25 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-102.jfk50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
via
1.1 d3a2886dcf7e47b1e56baf628c69dc24.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-amzn-trace-id
Root=1-649c7507-44481b281d88fc1c1cf6b83f
x-amzn-requestid
5dd83f4f-e478-4d21-80b4-67b2ea760d44
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
HPc5MHYljoEFYAQ=
content-length
25
x-amz-cf-id
f9MJYOh74NtmhtkZS2qJIFjnWowsvPLZ89R6vHfICPy4HPuY-JhY9Q==
user-sync
ms-cookie-sync.presage.io/ Frame 7E15
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=ogury&gdpr_consent=undefined&gdpr_consent=undefined&khaos=LJG0U0S1-Q-EBQ2
  • https://ms-cookie-sync.presage.io/user-sync?magnite_id=LJG0U0S1-Q-EBQ2&gdpr_consent=undefined
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms-cookie-sync.presage.io/user-sync?magnite_id=LJG0U0S1-Q-EBQ2&gdpr_consent=undefined
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=ogury&endpoint=us-east&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
13.225.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-57.ewr50.r.cloudfront.net
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:36 GMT
Via
1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR50-C1
X-Powered-By
Express
Surrogate-Control
no-store
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
L1RVQddZzyiRr4_gcTLllNLQlJOLuj2rrswP0GQkhz6-RcBmBrd5lw==
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ms-cookie-sync.presage.io/user-sync?magnite_id=LJG0U0S1-Q-EBQ2&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
/
kinesis.us-east-1.amazonaws.com/ Frame 6985 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
d81d5ecf82bbddaf161bb5da75f5ccdefaedb8d25847a33273b4b694fea5637c

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=db22737667b42150c6d54c7ad1e9d50173feee23d578a1c1f316b6717b566e84
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
aa2ebbfea000392a10af9e4728f1243d4b5378b28a1e934bf2201c96c8f2dbf3
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175935Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:35 GMT
x-amzn-RequestId
f8f1e6bd-5fbb-46d0-a5e7-91fa1612aa6a
Content-Length
133
x-amz-id-2
WGWgRgO5ZqTG8icjbMN8hEEwnC32UNzRoJJiPasf38HD1OPybAolS5tjuKbk14QycbkikWhUEQhhvgS7gKeznrVepVbhy7hi
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:35 GMT
x-amzn-RequestId
f2ecdd48-70c1-641c-affa-aa0f396888a6
/
kinesis.us-east-1.amazonaws.com/ Frame 158C 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
8caff3a73b398a08c4fd959e5119aa9f587405a6efc2887137fd37e9c3033c4f

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=1d6b04143bc043184c7285f94ac01f874a218b6ffe073c91ca3db2b376316a60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
1419348f78883b62eceb012cec5752af9f09f3f83d3b6a7a6b7db78212438398
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175935Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:35 GMT
x-amzn-RequestId
d8030a68-a049-2962-8515-7d2fe0d8447a
Content-Length
133
x-amz-id-2
Ydt+/pMi7+Iw+skEWay0cfcNdxHY4P7YGt2LvYzXK8SkuYKJwVqTC9nvtavg2Mh8FG50kkoJxqd0NE8WdmmQfz+zX5MCQ3Ba
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:35 GMT
x-amzn-RequestId
f01fab8c-0d76-798a-ad09-dccb44df9530
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:35 GMT
x-amzn-RequestId
fd96fb9e-69e4-76d9-a080-8cd9204d9a63
/
kinesis.us-east-1.amazonaws.com/ Frame 4FDA 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
0220cd1a0d131e6209a56a046d4bd60de192ab2593f8b4cc8a900aee5bd07231

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=055a69c211be299e3d227c925cfa8311937506df664ce25662852539fbf26d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
5f537ff8ebe83ebfc88e3719e6288b9a817b6c3283aca9292d052900c089d401
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175935Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:35 GMT
x-amzn-RequestId
fa94cac9-5ee0-97e7-a782-bd8e17497b5d
Content-Length
133
x-amz-id-2
zKmTlm1r1HvSISmnW+SBHqdjpd5xmNpKcImBDoClP4yDkmXgpEui5gUs4oRJ9/qrQyzSqL6YfBmgM34fZQ5rZkK7bqanZVRC
Content-Type
application/x-amz-json-1.1
usync.js
eus.rubiconproject.com/ Frame 6255 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jun 2023 11:16:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62210
Connection
keep-alive
Content-Length
10113
Expires
Thu, 29 Jun 2023 11:16:25 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=37e3873f-ff20-0f99-31ee-ace7bf98e81e&tv=%7Bc:gRblvM,pingTime:-2,time:1710,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:536,beZ:538,mfA:1307,cmA:1309,inA:1309,inZ:1318,prA:1318,prZ:1536,si:1550,poA:1553,poZ:1587,cmZ:1587,mfZ:1587,loA:1974,loZ:1982,ltA:2245,ltZ:2245,mdA:540,mdZ:548%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.254,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1013%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1710,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1013,wc:0.0.1600.1200,ac:315.190.970.250,am:i,cc:315.190.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B933~100%5D,as:%5B933~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c*.928572%7C1c1%7C1c2%7C1d%7C1e1%7C1e2%7C1e3%7C1f%7C1g.928572%7C1g1%7C1g2%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1015,slid:%5Bgoogle_ads_iframe_/4216/usweekly/leader1/article_0,google_ads_iframe_/4216/usweekly/leader1/article_0__container__,leader1,top-ad-slot-0,main%5D,sinceFw:692,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usersync
usersync.gumgum.com/ Frame 56D4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LJG0U0S1-Q-EBQ2
  • https://usersync.gumgum.com/usersync?b=mag&i=LJG0U0S1-Q-EBQ2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LJG0U0S1-Q-EBQ2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LJG0U0S1-Q-EBQ2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
cs
cs.yellowblue.io/ Frame A27A
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LJG0U0S1-Q-EBQ2
  • https://cs.yellowblue.io/cs?aid=11590&id=LJG0U0S1-Q-EBQ2
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LJG0U0S1-Q-EBQ2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
H2
Server
3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-148-228.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LJG0U0S1-Q-EBQ2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
pagead2.googlesyndication.com/bg/ Frame 8599 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
sffe /
Resource Hash
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 17:50:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
86975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14515
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 17:50:07 GMT
/
www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/ Frame 6985 		295 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
date
Wed, 28 Jun 2023 17:59:35 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
age
1075
x-powered-by
WordPress VIP <https://wpvip.com>
x-cache
hit
host-header
a9130478a60e5f9135f765b23f26593b
content-length
56498
x-rq
jfk2 85 188 443
server
nginx
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=300, must-revalidate
accept-ranges
bytes
link
<https://www.usmagazine.com/wp-json/>; rel="https://api.w.org/", <https://www.usmagazine.com/wp-json/wp/v2/posts/3328688>; rel="alternate"; type="application/json", <https://www.usmagazine.com/?p=3328688>; rel=shortlink
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:35 GMT
x-amzn-RequestId
f1ddc9d3-c41c-306d-accb-be948db5dcd7
/
kinesis.us-east-1.amazonaws.com/ Frame 6985 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
b05f66b073b3b9d84d359334025cf3d9a0c0806ac456bcfe66cbdfd777f6e29f

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=2a8416cfedb5555ec247d340c6f1411999f31adf148e22468cc8467d0d0a33ea
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
00d4eb35884179fef08f0b47d08c65326d759108340967ccf267b0ee04301d60
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175935Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:35 GMT
x-amzn-RequestId
f4ef3340-a7df-2b57-a9f9-4407ee76c7ed
Content-Length
133
x-amz-id-2
B+dzuGJoSlQOfKYYzPzdXhOaA2Q9mS+xglt41feTQtpsV2ZysgdmpyToo8EWrzL5x161ohVcXjusYHEUQwdAR88DSpOW/rCR
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6985 		0
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.15-498&imp=3422352838061422437&plid=25171153787&pvid=3306094453347824865&fmtid=100&e=15&rep_meta=Gq5Z6ziF5xersku0GJqTiGJp64qNGv_iwg-IkJ5DkYsbnfnwRPAJjy4qB4AyN5cYrILqKiGEHIpAzXuSFC4cXhkVXl4BesriPxjTKKeI_yRwICyj0dnkVRKhWKyEOEXdHotU6HzLuZQG6HS64pcHofSMiYwlMGYUEDArWeMsLQjiXYxPE82u2LUMk3ROVVxX0Pg35nyR-ukW0YOZkxWt3LmuLxo-MYD_fZWyCbsxaTvpiyYKxkhWNwsOOpiGerssSdmQlyOaxAro-x81g0hCQRGgmN7nQkw8ni0bChwVl4eetBnC4I09m9sSfSduFIw07LzA73WJl5bi9TYLYdQ6YJd2ZsR6iFxbdsKXUtpU2pY9HtEacQEy1UjPqprJVnMs&fver=6.9.43-F100-101-B285&offsetX=0&offsetY=0&pvt=1687975170971&stime=1687975175579&etime=1687975175580&viewportHeight=1200&viewportWidth=1600&adSlotLeft=190%2C315&adSlotRight=190%2C315
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
ad-choices.svg
static.yieldmo.com/images/ Frame 6985 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Wed, 28 Jun 2023 16:24:19 GMT
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
5725
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
0L8LOUny65h1C52kt0VlK7uHg4ius3u5lkEREyp-wsuUVXbAbnVOsQ==
p
sb.scorecardresearch.com/ Frame 6985 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=f8e1a2ba8984a5513668
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-18.jfk50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
TXDmp3wH8CI10UaDAbGiLrfjnfXmHW7DbcH3bRekyv4gAkHk0YLrrQ==
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 722C 		85 B
261 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 28 Jun 2023 17:59:50 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lga21937-LGA
x-timer
S1687975176.614494,VS0,VE15040
sync
sync-pm.ads.yieldmo.com/ Frame 5B2A
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477416032030645
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DE63DA0C9-D1FA-499B-9E01-5BCF3A7B667E%26gdpr%3D0%26gdpr_consent%3D
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
43 B
980 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.194.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-194-180.compute-1.amazonaws.com
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
43
content-type
image/gif;charset=utf-8
date
Wed, 28 Jun 2023 17:59:35 GMT
pragma
no-cache

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 28 Jun 2023 17:59:35 GMT
location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ecm3
s.amazon-adsystem.com/ Frame EDD2 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDE63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:35 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PNJAC2BPDVVYX03BPC5C
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 59E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5j2gydH6SZueAVvPOntmfg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=103395
accept-ranges
bytes
content-length
5554
expires
Thu, 29 Jun 2023 22:42:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 59E5
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=501914cb-ae0d-46ea-848b-e9fb36399716&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=78738974830512867113324223811627894363&pt=501914cb-ae0d-46ea-848b-e9fb36399716%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=78738974830512867113324223811627894363&pt=501914cb-ae0d-46ea-848b-e9fb36399716%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

DCS
dcs-prod-usw2-2-v046-0368dd142.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
MLzqEGQ/T2I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=78738974830512867113324223811627894363&pt=501914cb-ae0d-46ea-848b-e9fb36399716%2C%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
xuid
eb2.3lift.com/ Frame 59E5 		37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 28 Jun 2023 17:59:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame 59E5
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&vxii_pid=12&vxii_pid1=10067&vxii_rcid=376abe3f-d3c5-4dec-b30b-62e299479154
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&vxii_pid=12&vxii_pid1=10067&vxii_rcid=376abe3f-d3c5-4dec-b30b-62e299479154
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.196.240.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-240-12.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Wed, 28 Jun 2023 17:59:36 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&vxii_pid=12&vxii_pid1=10067&vxii_rcid=376abe3f-d3c5-4dec-b30b-62e299479154
date
Wed, 28 Jun 2023 17:59:35 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 59E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHsYcRaCGRGABKdBgob6gW8&google_cver=1
42 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHsYcRaCGRGABKdBgob6gW8&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHsYcRaCGRGABKdBgob6gW8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 59E5
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2C656F80C1374931A3DC1E683CAACB1C
42 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2C656F80C1374931A3DC1E683CAACB1C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 28 Jun 2023 17:59:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2C656F80C1374931A3DC1E683CAACB1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 27 Jun 2023 17:59:35 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 59E5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3425623714870498952&gdpr=0&gdpr_consent=&us_privacy=
1 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3425623714870498952&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 28 Jun 2023 17:59:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3425623714870498952&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 59E5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8caea125-1332-49dd-b4e8-4c16d2f9f136&gdpr=0&gdpr_consent=
42 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8caea125-1332-49dd-b4e8-4c16d2f9f136&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8caea125-1332-49dd-b4e8-4c16d2f9f136&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
usmagazine_spgx_pubfix.js
ops-cdn.undertone.com/pubfix/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ops-cdn.undertone.com/pubfix/usmagazine_spgx_pubfix.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-55.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d8877709fdc317e8be1aae75f84e1cc5f0f735d7f7ac491bbe808714955444b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:22 GMT
content-encoding
gzip
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Thu, 20 Sep 2018 18:20:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
38655
etag
W/"853c5a1e7e03528625d15adbd651204d"
x-amz-meta-cb-modifiedtime
Thu, 20 Sep 2018 18:11:21 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-cf-id
-jQBike6Ny5-nmM5hpqmYxNc_74hIg2DzE0ZZTj9X_SiTKc85dMe5g==
m67-0.html
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		163 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6eb34b3d90455b0bde933e6ab0921a63eb59fab1321b2175f8353d07d0fb9e9

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2553247
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
51842
content-type
text/html
date
Tue, 30 May 2023 04:45:30 GMT
etag
"56ad747b922ad8db90be2a7c3f58837f"
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-id
R_TD6nViD5uQ_XrHISsAj3yKa3N1Wh4MlIsnuI-CsNzxSxiZQx1Jgw==
x-amz-cf-pop
EWR53-C3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
pski39hIcX9llsHuGCl3fduanbTFi5y7
x-cache
Hit from cloudfront
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 2B12 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:16:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2024 14:16:10 GMT
/
ads.sparkflow.net/e/ Frame 2B12 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.sparkflow.net/e/?i=101248,102647&uid=8a062bc015dd11eea9f9174ce71884e5_0&v=201&e=3ps,,&x=ff074964d0b7408ab310ab92cd61d2ee&udms=%7B%22rid%22%3A%22ff074964d0b7408ab310ab92cd61d2ee%22%2C%22zid%22%3A%22121020%22%2C%22cid%22%3A%22494396%22%2C%22bid%22%3A%221887944%22%7D&sfcb=ljg0u56t0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.149.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-149-108.compute-1.amazonaws.com
Software
istio-envoy / Express
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
server
istio-envoy
x-powered-by
Express
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-envoy-upstream-service-time
2
Connection
keep-alive
Content-Length
43
/
ads.sparkflow.net/e/ Frame 2B12 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.sparkflow.net/e/?i=101248,102647&uid=8a062bc015dd11eea9f9174ce71884e5_0&v=201&e=pre,,&x=ff074964d0b7408ab310ab92cd61d2ee&udms=%7B%22rid%22%3A%22ff074964d0b7408ab310ab92cd61d2ee%22%2C%22zid%22%3A%22121020%22%2C%22cid%22%3A%22494396%22%2C%22bid%22%3A%221887944%22%7D&sfcb=ljg0u5701
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.149.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-149-108.compute-1.amazonaws.com
Software
istio-envoy / Express
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
server
istio-envoy
x-powered-by
Express
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-envoy-upstream-service-time
2
Connection
keep-alive
Content-Length
43
/
ads.sparkflow.net/e/ Frame 2B12 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.sparkflow.net/e/?i=101248,102647&uid=8a062bc015dd11eea9f9174ce71884e5_0&v=201&e=pvi,,&x=ff074964d0b7408ab310ab92cd61d2ee&udms=%7B%22rid%22%3A%22ff074964d0b7408ab310ab92cd61d2ee%22%2C%22zid%22%3A%22121020%22%2C%22cid%22%3A%22494396%22%2C%22bid%22%3A%221887944%22%7D&sfcb=ljg0u5702
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.149.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-149-108.compute-1.amazonaws.com
Software
istio-envoy / Express
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
server
istio-envoy
x-powered-by
Express
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
43
ad-choices.svg
static.yieldmo.com/images/ Frame 158C 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Wed, 28 Jun 2023 16:24:19 GMT
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
5725
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
oVavVgL-KGCnVK0487Z9wWb24t6qH7hpEVM-lI2afV3mqpnvvg-z8w==
r1.6398c7e511a101.51141467;cb=691053
rtr.innovid.com/ Frame 158C 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtr.innovid.com/r1.6398c7e511a101.51141467;cb=691053?ivc_deviceid_raw=&ivc_inapp_optout=0&ivc_transaction=08f82aee-836b-40b1-a0c5-462f70f8c071&ivc_creativeid=chsv8n1a&ivc_placementid=weznb10&ivc_dealid=&ivc_publisherid=2052105591845454873&ivc_site=www.usmagazine.com&ivc_supplyvendor=yieldmo&ivc_campaignid=pbrdcua&ivc_dsp=ttd&ivc_ttdimpid=08f82aee-836b-40b1-a0c5-462f70f8c071&ivc_ttdid=&ivc_signalid=&ivc_ttd_dco_mappingrule_macro=&ivc_ttd_mappingrule_single_output=&dipn=deviceid&deviceid=&ivc_deviceid_raw=
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.229.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-229-84.compute-1.amazonaws.com
Software
/
Resource Hash
98680bc84f14ad126a57df4c30e3cf3e6d533423a737b560e06757512b2d9119

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
content-type
text/xml
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
18324
expires
-1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:35 GMT
x-amzn-RequestId
c57404b7-c3c5-0f3a-9862-73f0e6f46bc0
/
kinesis.us-east-1.amazonaws.com/ Frame 158C 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
69a7b04c699c611d98331dd2f0293642e76dad048bfda63b509783bf34abea08

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=60bb2986eb83c4f5e01afa81a63b063cebb8ed41a9f323aead0954aface37566
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
04548b51f91ab1badf2db79f8c3f0f5c7f6c65a0d4ee9eba4a2343b089256b58
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175935Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:35 GMT
x-amzn-RequestId
e5b7805e-cdc0-e643-b8a1-f719e8f182b9
Content-Length
133
x-amz-id-2
/fCQwUWI9QaKJ8MLCe1aQnIKGwbPyi0eXCkECQSBCDsivaHWSwC2f10b2PLHGdS5b1eg2va8Hs81pFHycMOpYBTWmirQCJ/p
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 158C 		0
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.15-498&imp=7043891257122629690&plid=25171153787&pvid=3306094453373607066&fmtid=53&e=15&rep_meta=zrDXLfLHfaUhBbcvbgANUbmIAKK3mC3Dnu4w3T4-s6FJa31uccwv-Vdqtq3JP6A1Lx9YDtiYitrx0dufo8OQVUs-xRPH3-2riW5lgfMv7hhb8MtzFRon9nPrU2L8J7aQHi-syPz6BrnRZgqlH3KPGMkTWIUNL4HMImM3ggIJJKZtKngLOwnA4ruIpqjmyo3fvFjd86dVrJmHVcalD6UVWpzBVqoWmjo2_6S_rVqkMBdjvLJI4BVcko4HpL3RVEgELEgf0OzeNKzyezrM5KEOE-G5myGvJVmdeMFA26cg-6bdUZK_HOTOmG09ZOumMot55VVg8YGzmcI4MEI7kSeiUKevmwgqah2Evaz-sDaTSaBisSEZXZQ48Ly87_QKU1cU&offsetX=0&offsetY=0&pvt=1687975170974&stime=1687975175808&etime=1687975175808&viewportHeight=1200&viewportWidth=1600&adSlotLeft=772%2C1130&adSlotRight=772%2C1130
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
p
sb.scorecardresearch.com/ Frame 158C 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=443b2febd3750ecb2615
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-18.jfk50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
6IHCPUUQwJO2yEPktyRKOUw8arPlcFxmBo8Icl7CrXpDws9-ptdS8A==
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=61aa82ee-fa3c-9af6-776e-e30dafa96c82&tv=%7Bc:gRblCn,pingTime:-2,time:2084,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:412,beZ:413,mfA:1602,cmA:1603,inA:1603,inZ:1604,prA:1604,prZ:1638,si:1644,poA:1645,poZ:1660,cmZ:1660,mfZ:1660,loA:1974,loZ:1977,ltA:2496,ltZ:2496,mdA:414,mdZ:428%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.604,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:71,vs:pp,r:,w:300,h:600,t:1231%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:0,pp:2084,pm:0%7D,slEvents:%5B%7Bsl:pp,t:1231,wc:0.0.1600.1200,ac:1130.772.300.600,am:i,cc:1130.772.300.600,piv:71,obst:0,th:0,reas:,bkn:%7Bpiv:%5B894~50%5D,as:%5B894~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c.928572%7C1c1%7C1c2%7C1c3%7C1d%7C1e1%7C1e2%7C1e3%7C1f%7C1g*.928572%7C1g1%7C1g2%7C1h.928572%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r,idMap:1g*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1232,slid:%5Bgoogle_ads_iframe_/4216/usweekly/rr1/article_0,google_ads_iframe_/4216/usweekly/rr1/article_0__container__,rr1,rr1-match,right-rail-ad-slot-content-top,main%5D,sinceFw:851,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ad-choices.svg
static.yieldmo.com/images/ Frame 4FDA 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Wed, 28 Jun 2023 16:24:19 GMT
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
5725
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
wmOjpgHHO6UkhaoKb3HX740YOmS91SC2i15b8hC_dJ-ECCql2EL6pw==
r1.63937250748c43.46887811;cb=650713
rtr.innovid.com/ Frame 4FDA 		20 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtr.innovid.com/r1.63937250748c43.46887811;cb=650713?ivc_deviceid_raw=&ivc_inapp_optout=0&ivc_transaction=5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4&ivc_creativeid=7vh6qvtb&ivc_placementid=weznb10&ivc_dealid=&ivc_publisherid=2052105591845454873&ivc_site=www.usmagazine.com&ivc_supplyvendor=yieldmo&ivc_campaignid=pbrdcua&ivc_dsp=ttd&ivc_ttdimpid=5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4&ivc_ttdid=&ivc_signalid=&ivc_ttd_dco_mappingrule_macro=&ivc_ttd_mappingrule_single_output=&dipn=deviceid&deviceid=&ivc_deviceid_raw=
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.229.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-229-84.compute-1.amazonaws.com
Software
/
Resource Hash
cedbf93a9585406bd12b8d2851e9a1072660efceba56b33b249aa87d3c6ddaa2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
content-type
text/xml
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
20860
expires
-1
/
kinesis.us-east-1.amazonaws.com/ Frame 4FDA 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
d9287248af5bfe7de884669240ab3d91d4bc8b1e1d02b78383cd71af794454de

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=1b441eaca785abd6481e74de12b0cf6ae8290eb49925927da642be3e4b3c6ab9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
95dbdfbf09b441eee8dd17ba0878276419c0fabc3472fe08154a819e0be166a1
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175935Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:36 GMT
x-amzn-RequestId
e9bc6a3e-9b20-6cfb-b4aa-1d76be110801
Content-Length
133
x-amz-id-2
Xts3nBW1LahEKpHgcnOx8UypZNkHtAMDTGkuhR8kPu/h7HLdqRmtBsQbibuZxchAhqmIq34VV+5Suacb1ZxQPBhGIapN+QGt
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 4FDA 		0
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.15-498&imp=5984656341358643568&plid=25171153787&pvid=3306094453464407565&fmtid=48&e=15&rep_meta=lvCKt8Y_1t2HT5qxIldZFUbxrwzqL_gqAGGNMWUP8_uTo6Wl7m__4feJyxbHhLGDJELJ9VFiiAIl1BB10nOy5fD12mxg-Eu25sZBiyhOisya9HeMuQlPAXE4xm5DmRmzHNWA6ENd2B65Zz8fV9ybk-32hb2WI0vEmz6_bttKQr2Bp9tta5y--5kCJc2KEeZ8P4Zh6EXTellIF21Fi4VpUCq4bvHiH86fqBYGtOU5Myu89I_a1ndGkub5NVGidg3tK2-FFwcifAumS2pPDPrcOd_JfqcAf76-NRctM50StpTu6tA5dyuPw0irCvu6cEQmCnUAVTkMWDfy9udzblUiZY9-nTy5l6hxL9dXMsxnK33XpJWxa-f4O14abNrVKY5V&offsetX=0&offsetY=0&pvt=1687975170985&stime=1687975175986&etime=1687975175986&viewportHeight=1200&viewportWidth=1600&adSlotLeft=1486%2C590&adSlotRight=1486%2C590
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
p
sb.scorecardresearch.com/ Frame 4FDA 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=7414ea23c5376e57e9e0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-18.jfk50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
ui1OJvSoTFAG_9cZ2XNk8ipO69rhzF5bHvOPnBQrid_HDgiEb1MOfA==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:35 GMT
x-amzn-RequestId
d328b2c6-daab-5adf-8e3e-c581ff9a3e25
sync
usr.undertone.com/userPixel/ Frame EB63
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr=0&gdpr_consent=&gdpr=0&khaos=LJG0U0S1-Q-EBQ2
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LJG0U0S1-Q-EBQ2&gdpr=0
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LJG0U0S1-Q-EBQ2&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776&gdpr=0&gdpr_consent=
Protocol
H2
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:35 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
B45Zt5C7szYfVRkOkVkjltP94jvFh59vOeli_DeQfUMNcmI1ntmtvA==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LJG0U0S1-Q-EBQ2&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
async_usersync
ib.adnxs.com/ Frame BD19 		0
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:36 GMT
AN-X-Request-Uuid
958fb842-e6a8-4dcb-bab5-160d9b92ecd6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=32f8372f-f0c3-dc88-59ea-d7ef54884939&tv=%7Bc:gRblGA,pingTime:-2,time:2271,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:438,beZ:440,mfA:1779,cmA:1780,inA:1780,inZ:1782,prA:1782,prZ:1796,si:1799,poA:1799,poZ:1813,cmZ:1813,mfZ:1813,loA:2048,loZ:2051,ltA:2708,ltZ:2708,mdA:442,mdZ:464%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.254,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:1361%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2272,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1361,wc:0.0.1600.1200,ac:590.1486.300.250,am:i,cc:590.1486.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B930~0%5D,as:%5B930~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tIv1O4b+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d%7C1e1%7C1e2%7C1e3%7C1f%7C1g.928572%7C1g1%7C1g2%7C1g3%7C1h*.928572%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r,idMap:1h*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1361,slid:%5Bgoogle_ads_iframe_/4216/usweekly/inline-box1/article_0,google_ads_iframe_/4216/usweekly/inline-box1/article_0__container__,article-inline-box1,AMc7e3dy,main%5D,sinceFw:908,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
r1.63937250748c43.46887811;cb=743617
rtr.innovid.com/ Frame 6985 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtr.innovid.com/r1.63937250748c43.46887811;cb=743617?ivc_deviceid_raw=&ivc_inapp_optout=0&ivc_transaction=9f95ba01-2fda-4f1b-822a-4186aef14de0&ivc_creativeid=7vh6qvtb&ivc_placementid=weznb10&ivc_dealid=&ivc_publisherid=2052105591845454873&ivc_site=www.usmagazine.com&ivc_supplyvendor=yieldmo&ivc_campaignid=pbrdcua&ivc_dsp=ttd&ivc_ttdimpid=9f95ba01-2fda-4f1b-822a-4186aef14de0&ivc_ttdid=&ivc_signalid=&ivc_ttd_dco_mappingrule_macro=&ivc_ttd_mappingrule_single_output=&dipn=deviceid&deviceid=&ivc_deviceid_raw=
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.229.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-229-84.compute-1.amazonaws.com
Software
/
Resource Hash
d4cb18dee05b3d666b0540dac9c843237caedfa822142b45a394a01af6cddc00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
content-type
text/xml
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
18324
expires
-1
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=37e3873f-ff20-0f99-31ee-ace7bf98e81e&tv=%7Bc:gRblH7,pingTime:1,time:2413,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1013%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2413,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1013,wc:0.0.1600.1200,ac:315.190.970.250,am:i,cc:315.190.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1636~100%5D,as:%5B1636~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:949,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c*.928572%7C1c1%7C1c2%7C1d%7C1e1%7C1e2%7C1e3%7C1f%7C1g.928572%7C1g1%7C1g2%7C1h.928572%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1015,sis:1738%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=37e3873f-ff20-0f99-31ee-ace7bf98e81e&tv=%7Bc:gRblH8,pingTime:1,time:2414,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1013%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2414,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1013,wc:0.0.1600.1200,ac:315.190.970.250,am:i,cc:315.190.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1637~100%5D,as:%5B1637~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:949,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c*.928572%7C1c1%7C1c2%7C1d%7C1e1%7C1e2%7C1e3%7C1f%7C1g.928572%7C1g1%7C1g2%7C1h.928572%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1015,sis:1738,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=37e3873f-ff20-0f99-31ee-ace7bf98e81e&tv=%7Bc:gRblH8,pingTime:1,time:2414,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1013%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2414,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1013,wc:0.0.1600.1200,ac:315.190.970.250,am:i,cc:315.190.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1637~100%5D,as:%5B1637~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:949,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c*.928572%7C1c1%7C1c2%7C1d%7C1e1%7C1e2%7C1e3%7C1f%7C1g.928572%7C1g1%7C1g2%7C1h.928572%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1015,sis:1738,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt31.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
events
api.permutive.com/v2.0/batch/ 		201 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6222899bdb4d3878253335ed2810a4874dfbb4b5fc80f1220ae279aa2a78a598

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
init1.js
api.bounceexchange.com/bounce/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=1080&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAOAdgE5SBWfUw20zYALxCgAZMB3AUwCMcqYDwD6qACZQATOWLFMAJx44QAGzhoMBQu3YAPfFN2KeMHgqUKoCHlxwA6AOYgQj1T3tIQAW2wBDVVVUBEcROAVVKAALYGAABxwAUgBmAEFEqQAxDMyuPPs4HG8-Rz9mYI8vbxykHnc+BSEATwBabx8krJs7HMcuJptgKJa4gOAFEDsWlQQ2kBxlFtQcFqQoxpXihTQEFeAuYKXZ7pGokFAczAA3ZaERLxAAa1QeKETSACEMqVU475T0lIpDF4p0qGkMlQspCsnkuAUiiUyhVPD4YZlavVGsBWu1vGCurYCZk+gMeEMRmMJlMZnMFitlqt1oytjs9gdZocTnEzhcpFDskCMgBhb4Kf4QoHdBzOVzuVHVIVSUVAnh6CWpIhkSiESjJcjkAAs7wAItgXM9Xu8vkDxBINd98DRSMRDYbkobiFRCIb2GRSFJkv9ld8buINVqKNRaN7DYR9fgRaGHZ9vjg4HxvEJhOIRBhBMINTAAgsk0C+Eg4hMYKh3PahWli6pS6QTabrn4FDgANqjRyiHFxHgAXSgnbQSHcHa73bDPBAIhugj47lH4zgPGnPfHqEnogQfm8I6gAHF+oMohl2AAFKmTDKkTrsADKGCvAFl5sorwBJJ-C5kn3fHcEAfJ8ABUOSvYIrwAOVsK9r15EAt27Hc93uPxhGcBQmlHABpCQcFQ8QYDiEQFBXEAkEeUcAlUSZUL8XMl1QFdj3XTcrk7Ht2nEAJF1udjRybBZUPTTNsx4XN8yEY9RK4njuz4PwaJrQIRHEHg4gYpojwQYBR1QisqxAdSeAkESS0UmdEC07YMFEVjhKgTjUK8AyeAMkRgBKHBR0xfhsSaEVAoaZor348ROmFYU6iCiKjEI6LQvi8KcSvPEYrC4Kr2lEV4Lsa4tJgZTK2rWsLPEKzm03B5LR8lwRFUTt+1gazMD4OIOEwcluu7AAidD3AGgAaAakCwngcKaMaBrOI8BuHTA4mAPBhrqnwdNQPxkFEGAWscKBriiPwoCAA
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
b3241b81089f124b449224ccc74ff1a49ebbf368a758b3421179c586e0f65e18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 28 Jun 2023 17:59:36 GMT
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
16
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
740dac4c-86fc-4acc-8088-c88f487894cc
crb.kargo.com/api/v1/ids/ 		356 B
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/ids/740dac4c-86fc-4acc-8088-c88f487894cc?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.177.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-177-129.compute-1.amazonaws.com
Software
/
Resource Hash
96c2328ea485e5a0a760a7ba76192e6451b3e89168640551132d90d2630dd45d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:36 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.usmagazine.com
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
356
Expires
Thu, 01 Jan 1970 00:00:00 UTC
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=61aa82ee-fa3c-9af6-776e-e30dafa96c82&tv=%7Bc:gRblNv,pingTime:1,time:2774,type:p,clog:%5B%7Bpiv:71,vs:pp,r:,w:300,h:600,t:1231%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:0,pp:2774,pm:0%7D,slEvents:%5B%7Bsl:pp,t:1231,wc:0.0.1600.1200,ac:1130.772.300.600,am:i,cc:1130.772.300.600,piv:71,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1583~50%5D,as:%5B1583~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c.928572%7C1c1%7C1c2%7C1c3%7C1d%7C1e1%7C1e2%7C1e3%7C1f%7C1g*.928572%7C1g1%7C1g2%7C1h.928572%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1232,sis:2256%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt33.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame B348 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
7558109
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
A5fCkMUykMcwGvGwpusFXZKSqMWVcgGESpjVC4O-NccZpdOW87Fk2A==
mon
pixel.adsafeprotected.com/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928572&campId=1x1&pubId=18820937&chanId=22684479945&placementId=5692923351&pubCreative=138349712489&pubOrder=2140378470&cb=1019241747&custom=interSpot&custom2=article&adsafe_par&impId=8801d091-15dd-11ee-9e95-028169c47751&adsafe_url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.usmagazine.com%2F&adsafe_type=f&adsafe_jsinfo=,id:df5f9fb2-8672-6f57-9df5-61c2a83f469a,c:gRblQx,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-647467dcbd-92stb,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:0.14255.1.1,am:i,cc:0.14255.1.1,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1454,mot:0,app:0,maw:0,fm:tIv1OpG+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d%7C1e*.928572%7C1e1%7C1e2%7C1e3%7C1f%7C1g1%7C1g2%7C1g3%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:svg.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1630,oid:89d335a5-15dd-11ee-bdec-fe833c79e1a2,v:19.8.422,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
server
nginx
x-server-name
app20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame 4FDA 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53fd0c406b25a9ff0e61841c01adbe888aaf9a5f11e6c524afa172f98961ed44

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
omweb-v1.js
static.yieldmo.com/omid-scripts/ Frame 4FDA 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/omid-scripts/omweb-v1.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ece2d503c3d61167a38f5e60d947217bdc46c690ef0bf8d4982ea9dac9cfa83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
9W2gP5Fq4oqINe4Bf82Jitv2BBvPLa6N
content-encoding
br
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 12:11:14 GMT
x-amz-cf-pop
JFK50-P4
age
20910
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-meta-replication-status
COMPLETED
last-modified
Fri, 18 Nov 2022 18:27:29 GMT
server
AmazonS3
etag
W/"b8c21d4f48e67fa16c2a3bb9f0f9df87"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-meta-version-id
KHtTy0Xg0RPs0vSqiPWDUO3HdFThbqfl
x-amz-cf-id
EcsUlTLXmu-HhKz5Vs4AhYytIrVuzlyBpkGfsAVBVtuQT-TBpFbPRg==
/
insight.adsrvr.org/enduser/video/ Frame 4FDA 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=creativeView&imp=5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4&ag=weznb10&crid=7vh6qvtb&cf=5128590&fq=0&t=1&td_s=www.usmagazine.com&rcats=&mste=&mfld=3&mssi=&mfsi=&sv=yieldmo&uhow=84&agsa=&wp=2.152562&rgz=69026&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=2052105591845454873&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAI4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICIi80MjE2L3Vzd2Vla2x5L2lubGluZS1ib3gxL2FydGljbGU.&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&npt=&adpt=ym_lyieldmo&fpa=179&pcm=3&ict=Unknown&said=3306094453464407565%3A0&auct=1&tail=1&sfe=16d3f503&vp=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
yieldmo
va6-bid.adsrvr.org/bid/feedback/ Frame 4FDA 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://va6-bid.adsrvr.org/bid/feedback/yieldmo?t=1&iid=5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4&crid=7vh6qvtb&wp=2.152562&aid=5984656341358643568&wpc=USD&sfe=16d3f503&puid=&tdid=&pid=s4vf6ci&ag=weznb10&adv=cxx0ttd&sig=1UMy629FYrjOlEW-Is6idxRQYzTZ7WNfn-eMqzD1MEGQ.&bp=12&cf=5128590&fq=0&td_s=www.usmagazine.com&rcats=&mste=&mfld=3&mssi=&mfsi=&uhow=84&agsa=&rgz=69026&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=01&mlang=&svpid=2052105591845454873&did=&rcxt=Other&lat=40.080000&lon=-100.400000&tmpc=&daid=&vp=0&osi=&osv=&bffi=41&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAI4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICIi80MjE2L3Vzd2Vla2x5L2lubGluZS1ib3gxL2FydGljbGU.&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&adpt=ym_lyieldmo&fpa=179&pcm=3&said=3306094453464407565%3A0&ict=Unknown&auct=1&im=1&mc=b67c3643-45a9-47ff-86ff-e42bfe8c978a&abr=5a2fe262-2128-4161-bcb5-f9fa152d6f82&tail=1
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.162.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
B29145201.355715623;dc_pre=CODatcbF5v8CFTYOiAkdpAIF7w;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=235010;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/ Frame 4FDA
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=235010;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_pre=CODatcbF5v8CFTYOiAkdpAIF7w;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=235010;dc_lat=;dc_rdid=;tag_fo...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_pre=CODatcbF5v8CFTYOiAkdpAIF7w;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=235010;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H3
Server
142.250.65.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_pre=CODatcbF5v8CFTYOiAkdpAIF7w;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=235010;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dlezd4z
view.adjust.com/impression/ Frame 4FDA 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.adjust.com/impression/dlezd4z?campaign=pbrdcua&adgroup=weznb10&creative=7vh6qvtb&ttd_imp_id=5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.151.204.50 , United States, ASN61273 (ADJUST-NL, DE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UAm, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness
x-frame-options
SAMEORIGIN
content-type
image/gif
x-robots-tag
noindex
content-length
35
1x1.gif
ag.innovid.com/ Frame 4FDA
Redirect Chain
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&devic...
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&devi...
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26ivc_p%3DNS4xODEuMjM0LjEzNA%3D%3D%26ivc_u%3DTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzY%3D%26ivc_ts%3DMTY4Nzk3NTE3NjE3NA%3D%3D%26ivc_r%3DdmlyZ2luaWE%3D%26ivc_al%3DTm9fQWNjZXB0X0xhbmd1YWdlX0hlYWRlcg%3D%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
3.132.38.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-97.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
server
nginx
content-type
text/plain
location
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26ivc_p%3DNS4xODEuMjM0LjEzNA%3D%3D%26ivc_u%3DTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzY%3D%26ivc_ts%3DMTY4Nzk3NTE3NjE3NA%3D%3D%26ivc_r%3DdmlyZ2luaWE%3D%26ivc_al%3DTm9fQWNjZXB0X0xhbmd1YWdlX0hlYWRlcg%3D%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control
no-cache
content-length
0
expires
-1
uuid
rtr.innovid.com/placement/17e2if/ Frame 4FDA 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtr.innovid.com/placement/17e2if/uuid?cb=028f2154-ee28-37b5-7de7-fd3b051dbeb7&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D5d4e7bd8-2c7a-4626-b70f-4fc6b8a443c4%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26ivc_p%3DNS4xODEuMjM0LjEzNA%3D%3D%26ivc_u%3DTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzY%3D%26ivc_ts%3DMTY4Nzk3NTE3NjE3NA%3D%3D%26ivc_r%3DdmlyZ2luaWE%3D%26ivc_al%3DTm9fQWNjZXB0X0xhbmd1YWdlX0hlYWRlcg%3D%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.229.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-229-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
cache-control
no-cache
content-length
0
expires
-1
/
insight.adsrvr.org/enduser/video/ Frame 158C 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=creativeView&imp=08f82aee-836b-40b1-a0c5-462f70f8c071&ag=weznb10&crid=chsv8n1a&cf=5128590&fq=0&t=1&td_s=www.usmagazine.com&rcats=&mste=&mfld=3&mssi=&mfsi=&sv=yieldmo&uhow=84&agsa=&wp=2.152562&rgz=69026&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=2052105591845454873&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAI4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICGi80MjE2L3Vzd2Vla2x5L3JyMS9hcnRpY2xl&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&npt=&adpt=ym_lyieldmo&fpa=179&pcm=3&ict=Unknown&said=3306094453373607066%3A0&auct=1&tail=1&sfe=16d3f503&vp=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
yieldmo
va6-bid.adsrvr.org/bid/feedback/ Frame 158C 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://va6-bid.adsrvr.org/bid/feedback/yieldmo?t=1&iid=08f82aee-836b-40b1-a0c5-462f70f8c071&crid=chsv8n1a&wp=2.152562&aid=7043891257122629690&wpc=USD&sfe=16d3f503&puid=&tdid=&pid=s4vf6ci&ag=weznb10&adv=cxx0ttd&sig=1qDUwRrKAF8VZxI30q3F40xuiUKsQW2_oE0Tq33M-A6A.&bp=12&cf=5128590&fq=0&td_s=www.usmagazine.com&rcats=&mste=&mfld=3&mssi=&mfsi=&uhow=84&agsa=&rgz=69026&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=01&mlang=&svpid=2052105591845454873&did=&rcxt=Other&lat=40.080000&lon=-100.400000&tmpc=&daid=&vp=0&osi=&osv=&bffi=41&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAI4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICGi80MjE2L3Vzd2Vla2x5L3JyMS9hcnRpY2xl&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&adpt=ym_lyieldmo&fpa=179&pcm=3&said=3306094453373607066%3A0&ict=Unknown&auct=1&im=1&mc=b67c3643-45a9-47ff-86ff-e42bfe8c978a&abr=2c6c701b-be14-4781-a60c-389d2b009ef7&tail=1
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.162.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:35 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
B29145201.355715623;dc_pre=CNXUtsbF5v8CFa1FcgodtV8GpQ;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=925631;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/ Frame 158C
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=925631;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_pre=CNXUtsbF5v8CFa1FcgodtV8GpQ;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=925631;dc_lat=;dc_rdid=;tag_fo...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_pre=CNXUtsbF5v8CFa1FcgodtV8GpQ;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=925631;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H3
Server
142.250.65.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:36 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_pre=CNXUtsbF5v8CFa1FcgodtV8GpQ;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=925631;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dlezd4z
view.adjust.com/impression/ Frame 158C 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.adjust.com/impression/dlezd4z?campaign=pbrdcua&adgroup=weznb10&creative=chsv8n1a&ttd_imp_id=08f82aee-836b-40b1-a0c5-462f70f8c071
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.151.204.50 , United States, ASN61273 (ADJUST-NL, DE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UAm, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness
x-frame-options
SAMEORIGIN
content-type
image/gif
x-robots-tag
noindex
content-length
35
1x1.gif
ag.innovid.com/ Frame 158C
Redirect Chain
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&devic...
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&devi...
43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
3.132.38.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-97.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
server
nginx
content-type
text/plain
location
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control
no-cache
content-length
0
expires
-1
uuid
rtr.innovid.com/placement/17e2ih/ Frame 158C 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtr.innovid.com/placement/17e2ih/uuid?cb=0786ae11-a5ab-2ba8-c18b-2a68f70161c7&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.229.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-229-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
cache-control
no-cache
content-length
0
expires
-1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 63C9 		94 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: creative-p.undertone.com
URL: https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:16:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2024 14:16:10 GMT
mraid.min.js
creative-p.undertone.com/sparkflow/formats/4.20.201/ Frame 63C9 		0
0
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:36 GMT
x-amzn-RequestId
d3ed4186-0dc9-3663-8efb-36ce68c0c2bb
/
kinesis.us-east-1.amazonaws.com/ Frame 6985 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
b354912e8c2e827c89a1177c00b44b5ee52701095cd2ac5584770a054e5371a4

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=56e295c674d03303e28dc81dfc9f880dc3f8479585d6ce206287c4d6b85f13a4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
3e3cb698c4673a78546c831e0b71607be665f850adc0c781780b0119f9a5efdd
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175936Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:36 GMT
x-amzn-RequestId
e38468f0-c6bd-2432-be92-1fb8a3b4d0ea
Content-Length
133
x-amz-id-2
grrokv2JZpkMJcSUN52+/SVY9zlz636YTk4SISqQ+biVrCu7SYXt43rlivXG3df3sqK/sMVgJJa8usst0HoQNUh/LvKyNVns
Content-Type
application/x-amz-json-1.1
m67-0.html
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		163 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6eb34b3d90455b0bde933e6ab0921a63eb59fab1321b2175f8353d07d0fb9e9

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2553247
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
51842
content-type
text/html
date
Tue, 30 May 2023 04:45:30 GMT
etag
"56ad747b922ad8db90be2a7c3f58837f"
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-id
RQhw06v6lcwpDrqD3lHIpY-qbWv5r2oUyHjZomWFsYLH6xUpRttlLg==
x-amz-cf-pop
EWR53-C3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
pski39hIcX9llsHuGCl3fduanbTFi5y7
x-cache
Hit from cloudfront
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
truncated
/ Frame 6985 		345 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a372739722bdde0db757690e1344d1d67601a0b90e6e441c3e718aec89e475e7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 6985 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
864ab3bbf464d56cc65e2f337539392b98aad013aa8df5b0b7492c8f55ce9913

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
6_source_146939_803979.mp4
s-static.innovid.com/media/encoded/01_23/599402/ Frame 4FDA 		832 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://s-static.innovid.com/media/encoded/01_23/599402/6_source_146939_803979.mp4
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.47 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-47.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.usmagazine.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
eXMZdfCfiRAF9YzkPucj09Usmow_.Gmu
Date
Wed, 28 Jun 2023 17:59:37 GMT
Last-Modified
Wed, 04 Jan 2023 15:47:02 GMT
Server
AmazonS3
x-amz-request-id
1KG9H4QN25KVRDGB
ETag
"499eac23a3190e4352f1d89c4101ca35"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-852357/852358
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
852358
x-amz-id-2
fh1qxkV7qvmwfsscRYLxg4R0Acp/XFZeOVP2UAOWwtzpQFJKs0pja+JoZQ6f6J6WRPNwM/mNZkA=
6_source_146939_803979.mp4
s-static.innovid.com/media/encoded/01_23/599402/ Frame 158C 		673 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://s-static.innovid.com/media/encoded/01_23/599402/6_source_146939_803979.mp4
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.47 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-47.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.usmagazine.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
eXMZdfCfiRAF9YzkPucj09Usmow_.Gmu
Date
Wed, 28 Jun 2023 17:59:37 GMT
Last-Modified
Wed, 04 Jan 2023 15:47:02 GMT
Server
AmazonS3
x-amz-request-id
1KG9H4QN25KVRDGB
ETag
"499eac23a3190e4352f1d89c4101ca35"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-852357/852358
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
852358
x-amz-id-2
fh1qxkV7qvmwfsscRYLxg4R0Acp/XFZeOVP2UAOWwtzpQFJKs0pja+JoZQ6f6J6WRPNwM/mNZkA=
/
kinesis.us-east-1.amazonaws.com/ Frame 158C 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
b8897ad5b0a5171066c8e9edddabee1e3fe5be12608f7a0e67d9326a1bbe4a6e

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=8b413d9d12c6cb8dedaee4e372353629ded361c241b6d64bdf34366dd6547d47
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
fb26cfe3849eae173a682956905590003091c8bc5e1b737d00fc21e6471a0b95
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175937Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:37 GMT
x-amzn-RequestId
d942d535-f980-f2f6-8454-a27ccef81f80
Content-Length
133
x-amz-id-2
VVPjUTb0UZkTm1Cnx3ku0B71kWMtBarbSY5lbrsesBXwRvnQMOAe1QZOM9oTj3SaED7QIns1tzjCuM3a3ah9oKP/l5qlFNSB
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:37 GMT
x-amzn-RequestId
df846287-74a1-5802-8292-15ce43d9b574
/
kinesis.us-east-1.amazonaws.com/ Frame 4FDA 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
0d593c3f432ac667d5d7cf5f165f143d87ba93d884d79d485cecab30d5923df6

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=635ccdb6a7d8486df33a69b77fafce498aaaad7c7ec07ff98efd6e19e5000eaf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
3ecf097da0c9f62351e54302cd630d86304aca5123195f3a2082c32ddb407b11
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175937Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:37 GMT
x-amzn-RequestId
e642b23f-a9ce-c74c-bb54-c576a0b9f0b0
Content-Length
133
x-amz-id-2
w+HM4GtDVLqgK5M2yFKxM3S8/ZaX13dPo3eUJBz3yWFGKGCrVRzTZxq9nqJnG1zRJH4gZj+JGRnCfxzoCnuuVJ2Kemdj8iQ8
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:37 GMT
x-amzn-RequestId
db485ce3-3210-fa90-865e-2baa056817e6
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=df5f9fb2-8672-6f57-9df5-61c2a83f469a&tv=%7Bc:gRblWI,pingTime:-2,time:2012,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1188,beZ:1189,mfA:2641,cmA:2642,inA:2642,inZ:2646,prA:2646,prZ:2704,si:2817,poA:2818,poZ:2834,cmZ:2834,mfZ:2834,loA:3030,loZ:3037,ltA:3199,ltZ:3199,mdA:1191,mdZ:1208%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1,h:1,t:1629%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2012,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1629,wc:0.0.1600.1200,ac:0.14255.1.1,am:i,cc:0.14255.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B556~0%5D,as:%5B556~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tIv1OpG+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d%7C1e*.928572%7C1e1%7C1e2%7C1e3%7C1f%7C1g1%7C1g2%7C1g3%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s,idMap:1e*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:svg.qs,siq:1630,slid:%5Bgoogle_ads_iframe_/4216/usweekly/interstitial/article_0,google_ads_iframe_/4216/usweekly/interstitial/article_0__container__,interSpot%5D,sinceFw:381,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt32.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame 2B12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwSdV7WU3INK6fPM0xMMILPiGYlnMZOiSPaTcyNcO3yRCPagIand-BJ3DeDRvNLkVuc7WqUTAGAheaVNPSGorsIuU64J-hSw-evEMYRI6Q8sLiFamJxmErjcG_5xma_GNXebhFIWsbVJSJWtI9ymrBonAeOimvdRNdVooNbVm6onzpB5lqqysRgak5cKI3jCsv-smoATJOSilne9vIFr9EjV9lR3D8EkkRLU_Oai9LikwRI7eiF3ZUB0a4xBVBI5IAznwIKx8WXYcEfZ3_Y3fRdmShxju7FZAZIjAZcGc9L5XcQlkMDyJy4JuKdCn31rNtvH-DHShl3bO3-V7qrp9l8nwyoqmGVMo&sai=AMfl-YT7l9oCT6mGW-aHFWkly-TO98hLkKC8eHTjEiIhcfqjLbadooL9rJXKO3Jjqbxi-FV0V1CvtHoNuyoaO7odTVYwTLBbno5EFW39Btd2riKAZM71ralmcF_iHJBEzxU&sig=Cg0ArKJSzDPz0jGx2jdJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 28 Jun 2023 17:59:43 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.usmagazine.com%2F&domain=www.usmagazine.com&cw=1&pbt=1&lsw=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 28 Jun 2023 17:59:37 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
201158
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		42 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000000xvFOlAAM&gdpr=0&src=pbjs&ver=7.50.0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.usmagazine.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
json
gum.criteo.com/sid/ 		0
0
b
c3.a-mo.net/
Redirect Chain
  • https://id.a-mx.com/sync/?tagId=&ref=https://news.google.com/&u=https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/&tl=https://www.usmagazi...
  • https://c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D
0
0
envelope
api.rlcdn.com/api/identity/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame BD19 		0
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:37 GMT
AN-X-Request-Uuid
7bd15223-1ad7-4b37-a5a1-139ef6dc61ca
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
isyn
prebid.a-mo.net/ Frame FC4E 		2 KB
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
1126fad23b3fc56a6aff08b02e296e195cef8eea01c5bcc622a9159fe9ba24c3

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
643
content-type
text/html; charset=utf-8
date
Wed, 28 Jun 2023 17:59:37 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
usync.html
eus.rubiconproject.com/ Frame 7461 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 17:59:37 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=8caea125-1332-49dd-b4e8-4c16d2f9f136
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=PpIrlgHl&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=8caea125-1332-49dd-b4e8-4c16d2f9f136
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=8caea125-1332-49dd-b4e8-4c16d2f9f136
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=8caea125-1332-49dd-b4e8-4c16d2f9f136
Protocol
H2
Server
34.194.96.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-96-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
beacon-n013-ash-prod.krxd.net
date
Wed, 28 Jun 2023 17:59:37 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1687975177
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=8caea125-1332-49dd-b4e8-4c16d2f9f136
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
227
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 63C9 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: creative-p.undertone.com
URL: https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:16:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2024 14:16:10 GMT
mraid.min.js
creative-p.undertone.com/sparkflow/formats/4.20.201/ Frame 63C9 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative-p.undertone.com/sparkflow/formats/4.20.201/mraid.min.js
Requested by
Host: creative-p.undertone.com
URL: https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d6cbf2e2f1fbe42d8225122edecc32f6b16bc97c375dab9a8e55a2611bb737

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:59:47 GMT
content-encoding
gzip
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-version-id
qv6OewCrwCO9b4UHQjAAryzj5Nd8wbV3
x-amz-cf-pop
EWR53-C3
age
35991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
12647
last-modified
Thu, 27 Oct 2022 13:59:21 GMT
server
AmazonS3
etag
"d5fafdb9ab9ae9fe5d26d6164e6decfc"
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
VtDKlOR1ez4qD6akBEM-HiSPh5Yw3gmuozQmly8_JTwBgIJNZXvdAg==
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=37e3873f-ff20-0f99-31ee-ace7bf98e81e&tv=%7Bc:gRbm0R,pingTime:-10,time:3637,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687975177349%7C%7Cacd735a6a99a03306926ae4c3d10d166%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7C0b29ca854fb3ec5f87ac3409d21aacff%7C%7C3f93d0975cb8086310a9278fcbe6536f%7C%7C35bcc4c24cf32f463dacc5430207858e%7C%7Cfc33973b443d57c7932fd6e19b0fdb02%7C%7Ca693b35b972fe147c6340e38cd37da2c%7C%7C1663701684,env:%7Bar:self.0%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ABEE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.196.184.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-184-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.usmagazine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=103394
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 28 Jun 2023 17:59:37 GMT
expires
Thu, 29 Jun 2023 22:42:51 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
contextual
contextual-analytics.wunderkind.co/api/ 		145 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://contextual-analytics.wunderkind.co/api/contextual?url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&website_id=2988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
c4ec86804856af54d054588f1e52a5f5603d3087a19bb94be2fe6551c583c036

Request headers

Accept
*/*
Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
date
Wed, 28 Jun 2023 17:59:37 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
content-type
application/json
visit
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLpJSXUWRnoXOSZJAE4ADjYAZRQAMxQkECd6V3dVADJQCBgkBAbkAaQcTAQhRjQCAjRLRnjsnvAoaAo+HjRTdARYJFIcNMhIU2FqduMaejorugF7xngs9BQScYXs29p4hEsbFsgAE8ALRZbJna60cZCL5oASA8aQNLA7akSCZITAsAETCggiIMDA8DA+IZYnPJCQHiEyACHhE3HQlFpAiQAhfZZ9aADbGkWBUnG6HCSVTMZic1Y8gh8gWYQHCnTi3qreLwNlZYDNEAoGyWMA4SgubTUbYYAD6QNMuWo8ku1GozSp8UsNBt1FC9tAvAQBDNyt11ttrvRsED7tdjpAzoQZswKByrqD9pi8MRaTYAAUUGiMQByM7MWo4tiEAlsACSBfSLQLeEjmHzbDEdMwbB4ogmmZZbMT4ftkejZviKEgCGmSEBibkduoDl4ZzdHuovAapjNSF1BESU5n2dIgl7S5QvD9KwDO+DSFDh9dYN42dPEHP9qT1CapEQN-tYFgNiyUFHE8cT6QNp1dd9PxfPtqBsFBEgaMhSDNb0LAIQEcmwC8oMXV0bHiUxMgQywQF4LC32zSCcPtWA+GQNlxkfEBnxtMD7RDMMl0WbAsEgC10AXV8fj+AFJ3dITbBEth73nEJgl+CSoFE5g5zOYJxP+RS2DBLJVPUySdGhVSRAmASXAAEQlGBFgICIQAQA0jVdXgSLIyR6EkFwqnUdQ5HUKp6A0ZgqhcFxqDkL9qC9HcRWCioXHclxVGodRqH8zRoOAC9HPMkJwOASBotUWL4o8zxoJQdkX2nVhoNIUwyKOE4IVYyEvnuARHjAZ40FeHgEA+LIvj0xS8R0r5DNhVMECRFFs3RQRCWxXEwQJIlCVJGtQXrGkWwZYEmVMbtKtaqCjwE6rcs9UxMqq4xJEu5cyNI07XSQMjDKmGY5n6xZBpe+14nywrioSsqlwgZ6WOMYF7ugtB4je26XAqB6-qhmql1IIHbpi5GSsSw0LPgZAdmwaB-gW5AcGrbIEC6YnUAwMngGQCAcWFAoihKMpGEqKp6cQRmeOgCwRwaAgkCyHAVH4GEdGkAWSaZmBvVAH5LXs70wAiNlTC6VUwHVZBoDSFAwC4lnKQQXgcHFDACGgRYaPRQFFm9HAAFVai6e3HYIZ2JzdhA5E92pjB9n0-YDhF43sj3MCga26kgEcEDACOHYGNAQHZkQAE0M+5Mcc8wOMchwYyBDYPOJYiQv4kUivOx0GukDr33THxFPSCD4UxUkOR65xKlxmwXuRHDu97PFARbBAkicGoap+eVKkbdxuLQeS1L6HULpVajBAF7cjyvJ8vyAvUIKQrCrpTQQUAJmPrpEAAR1DTAfgX8VnTs7AqRyIbeMphhRFTxglUoFRJD63CDxFApgQCWzZpgHAKc0CDwPj8HAvA747AtICK0OAByWBfv7JAWDZ42C6KTXADMgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdMoQLbggBeMAdhEwDGAezb1BEdBABGqGLgCeAWjaiStfvHU0w8Bf1zYlodLlTCtSwsN4rhhCISUwng7HKcdUuPk9zw+Z1tNY2xhXGF6ADJQSFgEREFWCLYoEDkQaSlCTGIAdgAhaipYiAB9RWAIYrJKKip0n0EpGqoAYWLYABMIYTLYQhgs6vra4rNkEapqDvrGmGby3hA2KbH6gHE9A2xqAAYABRBTc3gAcnU9gGUbfYBZe0d9gElLtvcXe-neC-2AFQCvH2fH2ADkEPsDmEIq1Zg1vAspGVBCBcBAwMJUAoahRigBpGBddTTdrFLoAM2AZVQWWEggA1ji6g10OgLLDiiAuv0XEMWqNcfUJmtSfVVF1jjzBsMmcVyccHBz6oRkNI2PI0dybIM0bL6vL0IrRqKqNIQAzyTBWWUesA2QpVrxcHqSSS4dJBMBzJapISXQajW7isheD1vDZygM+WtBVRhUqqCInRAnRVwMT1onJDI5IoZhIpLJ5NiqHsJUSZm1s0W86WCRX2gWc8X9qo2Oo2k2ayW9poO+CtDU8gARGLgaBwJAiYT0uCDLgQTCkABsVDHcUniRAvBsC2OOHwRHWdFojHgLHYnB4-CEonE1dzyjb2j79F0+gghmMxzMFic1lsVQHCcFwlDcDwVG+PxASCJQQmAaFIloKIRDYYBEjQzA9hQ0R0NwQRySwnC0JQQhgEwABGKJxUXbD4BkHUIEJTAqAATgADnYqIox8LpKOXdi8lYvIAFYKLyVcABYqHYkTJKiHpYAkZiKLEvJ2MkyTSEk2Tl0kvZBLyKhSHXCcEBUqIHAAR0mXhlL4qjmjgJ0fFWQhcBWciKIEoTRPEvJSFYkSUPQZyPOAGAoAgVBBhsTAPLAEzFIWRculMioFCqTB5kWSzhDQCRMHo6QonHJ1MFYaKgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
ssp.behave.com/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbouncex%26bsw_param%3De5909bf2-71a8-45a7-b91d-17324c9598f...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=4b72649c-7502-4200-9732-0e3f626912f4&expires=30&ssp=bouncex&bsw_param=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=&gdpr_consent=
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=e5909bf2-71a8-45a7-b91d-17324c9598fd
43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.behave.com/sync?tp_id=2&tp_uid=e5909bf2-71a8-45a7-b91d-17324c9598fd
Protocol
HTTP/1.1
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//ssp.behave.com/sync?tp_id=2&tp_uid=e5909bf2-71a8-45a7-b91d-17324c9598fd
Date
Wed, 28 Jun 2023 17:59:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
article_view
events.bouncex.net/track.gif/ 		42 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/article_view?wklz=IYJwLglgxgNgpgLkmeBeA4gdwJ4Ds5gAWApAEwAMACsDGCAPaZkBsZAzABykCMA7MWwBCAZzLk+AWgCacUBIDyMACZiAyvVxiAsvWFxRFADL16AawPkAkkri5IUGmLD0xAEWAqKAYUIgIFrVBITQoIEPIAOTgmCkpCemcAMiDoeAQAVxAYVEIwMAAHUTYAQTIAMXLMKoA6dOEAW2AAc2AALzC4aqh6evKoOHgAIz8wbAl6noMy-Ewpppx8Igl8mjpGYQlhDXHdfQl-CShfA8bwMI2wTDD93AkZ5fjncuSz2EQIRqa4VEr8w40wLYwOV0vkYPQPFMKKQ2OVyKxSGUsHgCIQJNRaAxZhJJDI5IolBJ1LcdHoNpYNsAifkIHkwk0JJZPnAJPQAGYSdyEnwHQJnW7XKKYdGPejVABW+SaAjKUAY+QErnI+QAHmQAKykLykXiqjVaijkZVq0iarzcbhsbh60jMED6CCtOCK7iG-VeZi8dUsACO6RotOwio4COYwjoEAVbHcMBgL3saXy6UGSmAgNQ0LYEnhElIHAAKhaBMVyLCSqbswAWYtG+OpRA2YRyyOQDQYBaosQYtYxcjAXCechwFUSQh1Qb9wc+PwBFKaACipGIHHIxAAnGuLKYIEoLN07GF0s6KE8KPkGAA3Y-kIhppyEOBBiiga9EOAQEBiFb2uyiRfL1cNzEeowggcZ9GqMR8wfMQ2XoEB6jgT8KG6UF4GIf8V3XTcxEkbBZGQ8gthCLxtF2AxSIocEzDgQcYAgUxXxgihhBpOlcGlUJmTEdkxEIfxYOACY6kEt9kMo8hKwRCSwjEYAxBAF8v2gMRhEIF9B0GJ8qFWLEyAk9VVy1MQLwgeSKAfQjLFwcNmkU3oKFUZwQG0jQoKPYRUyfCSACl0nwMQdUgihrPva9hFwYAFWMk9mPICYxM2NyKCUdIXCokxGMHYh1UEFgH1jSMBDy9VXDrN4EGAdIiHg1BqAgL41DWaryrSRjsEweDdx+XKyFIfohhGJ8lxi-qBjgYZAzEVNdz6-S+q8cbJtGMQAGkdwMEbKLGwapooCZ6k2+bSB2iahrEGYjtGoUjtK1rED0KBW1wVBFt2laKB0Q77oQYZZCUOV0nqQZhFQH7OpAJQvHofywFQZhmDXH6YH7Jp-S+VBbAkABVVRkeAcMJiUDNyBhbNmFzAsixKUtiwrSSa3IRIie+JnMAm4RaXfYnSDXDgOESUzOcgYnuGYDheDXL0+GYUhKzzdVK0SGxTP6HdUG4dU+A4StKzYSsOHVZhK3ICXeBhRIVi+UzonV7hEj0P1bDVnnElgCAgUgRDbPqfINfFyXpd4XhKz4N36KBKKICvEBObbMBmjYZW4FV74lEt5o4AAfVGfJvhSN4HZhkB+lQdnBmSL47FQOokKAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
6_source_146939_803979.mp4
s-static.innovid.com/media/encoded/01_23/599402/ Frame 6985 		832 KB
833 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s-static.innovid.com/media/encoded/01_23/599402/6_source_146939_803979.mp4
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.47 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-47.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3645a93a5df50ba3e08c4f4b15da3f3ca57522c81bf0567722c6f9cb1196fc98

Request headers

Referer
https://www.usmagazine.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
eXMZdfCfiRAF9YzkPucj09Usmow_.Gmu
Date
Wed, 28 Jun 2023 17:59:37 GMT
Last-Modified
Wed, 04 Jan 2023 15:47:02 GMT
Server
AmazonS3
x-amz-request-id
1KG9H4QN25KVRDGB
ETag
"499eac23a3190e4352f1d89c4101ca35"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-852357/852358
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
852358
x-amz-id-2
fh1qxkV7qvmwfsscRYLxg4R0Acp/XFZeOVP2UAOWwtzpQFJKs0pja+JoZQ6f6J6WRPNwM/mNZkA=
cframe.js
assets.a-mo.net/js/ Frame FC4E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.158.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
via
1.1 e6d15137ec23376f4c8a22e6edb289bc.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
EWR52-C1
age
464
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 27 Mar 2023 18:10:34 GMT
server
cloudflare
etag
W/"60125fcf1fcf576eebb45554f83ada73"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7de7d31d5e564245-EWR
x-amz-cf-id
Kh5PYKK-1zdbuzqz4uQ7rOqSRz_txlo_llUBJy7TPGTOz88540TiZQ==
expires
Wed, 28 Jun 2023 18:59:37 GMT
usync.js
eus.rubiconproject.com/ Frame 7461 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jun 2023 11:16:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62208
Connection
keep-alive
Content-Length
10113
Expires
Thu, 29 Jun 2023 11:16:25 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=32f8372f-f0c3-dc88-59ea-d7ef54884939&tv=%7Bc:gRbm3h,pingTime:-10,time:3678,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687975177499%7C%7C44bffac5714aac9fe20662095702c97b%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Cf3f0c6e07b15c1ae0882ea293d00a605%7C%7C2b98c7133f8179a8a2f32e507163f0a0%7C%7C711e995075a38b2221bdf5d4469d5212%7C%7Cac50fc2a9d2a9f72f558e47ec5d6e43a%7C%7Ca7e2fd367c3ba7d723e6576019232dd8%7C%7C1663701684,env:%7Bar:self.0%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt30.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
omweb-v1.js
static.yieldmo.com/omid-scripts/ Frame 6985 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/omid-scripts/omweb-v1.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ece2d503c3d61167a38f5e60d947217bdc46c690ef0bf8d4982ea9dac9cfa83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
9W2gP5Fq4oqINe4Bf82Jitv2BBvPLa6N
content-encoding
br
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 12:11:14 GMT
x-amz-cf-pop
JFK50-P4
age
20910
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-meta-replication-status
COMPLETED
last-modified
Fri, 18 Nov 2022 18:27:29 GMT
server
AmazonS3
etag
W/"b8c21d4f48e67fa16c2a3bb9f0f9df87"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-meta-version-id
KHtTy0Xg0RPs0vSqiPWDUO3HdFThbqfl
x-amz-cf-id
y4I44TNZvFiQiLSsYLSedugvfHcWeh23lPa0K1hidsugmY6m-Tu1eQ==
/
insight.adsrvr.org/enduser/video/ Frame 6985 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=creativeView&imp=9f95ba01-2fda-4f1b-822a-4186aef14de0&ag=weznb10&crid=7vh6qvtb&cf=5128590&fq=0&t=1&td_s=www.usmagazine.com&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=yieldmo&uhow=84&agsa=&wp=2.817740&rgz=69026&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=2052105591845454873&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAM4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICHi80MjE2L3Vzd2Vla2x5L2xlYWRlcjEvYXJ0aWNsZQ..&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&npt=&adpt=ym_lyieldmo&fpa=157&pcm=3&ict=Unknown&said=3306094453347824865%3A0&auct=1&tail=1&sfe=16d3f502&vp=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
yieldmo
va6-bid.adsrvr.org/bid/feedback/ Frame 6985 		807 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://va6-bid.adsrvr.org/bid/feedback/yieldmo?t=1&iid=9f95ba01-2fda-4f1b-822a-4186aef14de0&crid=7vh6qvtb&wp=2.817740&aid=3422352838061422437&wpc=USD&sfe=16d3f502&puid=&tdid=&pid=s4vf6ci&ag=weznb10&adv=cxx0ttd&sig=1YFoT6gO38-gF1Wdm-XOavhgLzc3cGhtzGHgJvif2duI.&bp=18&cf=5128590&fq=0&td_s=www.usmagazine.com&rcats=&mste=&mfld=2&mssi=&mfsi=&uhow=84&agsa=&rgz=69026&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=01&mlang=&svpid=2052105591845454873&did=&rcxt=Other&lat=40.080000&lon=-100.400000&tmpc=&daid=&vp=0&osi=&osv=&bffi=41&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAM4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICHi80MjE2L3Vzd2Vla2x5L2xlYWRlcjEvYXJ0aWNsZQ..&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&adpt=ym_lyieldmo&fpa=157&pcm=3&said=3306094453347824865%3A0&ict=Unknown&auct=1&im=1&mc=b67c3643-45a9-47ff-86ff-e42bfe8c978a&abr=613efff5-9acc-4c2f-9d54-a32d706f5fdd&tail=1
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.162.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
B29145201.355715623;dc_pre=CMvh5MbF5v8CFcOQnwodEXcFhg;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=996260;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/ Frame 6985
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=996260;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_pre=CMvh5MbF5v8CFcOQnwodEXcFhg;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=996260;dc_lat=;dc_rdid=;tag_fo...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_pre=CMvh5MbF5v8CFcOQnwodEXcFhg;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=996260;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H3
Server
142.250.65.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N351805.284566THETRADEDESK/B29145201.355715623;dc_pre=CMvh5MbF5v8CFcOQnwodEXcFhg;dc_trk_aid=546566077;dc_trk_cid=184214492;ord=996260;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dlezd4z
view.adjust.com/impression/ Frame 6985 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.adjust.com/impression/dlezd4z?campaign=pbrdcua&adgroup=weznb10&creative=7vh6qvtb&ttd_imp_id=9f95ba01-2fda-4f1b-822a-4186aef14de0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.151.204.50 , United States, ASN61273 (ADJUST-NL, DE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UAm, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness
x-frame-options
SAMEORIGIN
content-type
image/gif
x-robots-tag
noindex
content-length
35
1x1.gif
ag.innovid.com/ Frame 6985
Redirect Chain
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&devic...
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&devi...
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
3.132.38.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-97.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
server
nginx
content-type
text/plain
location
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=init&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control
no-cache
content-length
0
expires
-1
uuid
rtr.innovid.com/placement/17e2if/ Frame 6985 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtr.innovid.com/placement/17e2if/uuid?cb=028f2154-ee28-37b5-7de7-fd3b051dbeb7&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.229.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-229-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
cache-control
no-cache
content-length
0
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame 535E 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83796160&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0231701c76b6f90099e9fd15bfe5d261a37c38767f32a26d42f3688159106450

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 28 Jun 2023 17:59:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
event
prebid-a.rubiconproject.com/ 		0
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.209.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-209-63.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:37 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.209.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-209-63.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 28 Jun 2023 17:59:37 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
6_source_146939_803979.mp4
s-static.innovid.com/media/encoded/01_23/599402/ Frame 6985 		729 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://s-static.innovid.com/media/encoded/01_23/599402/6_source_146939_803979.mp4
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.47 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-47.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.usmagazine.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
eXMZdfCfiRAF9YzkPucj09Usmow_.Gmu
Date
Wed, 28 Jun 2023 17:59:37 GMT
Last-Modified
Wed, 04 Jan 2023 15:47:02 GMT
Server
AmazonS3
x-amz-request-id
1KG9H4QN25KVRDGB
ETag
"499eac23a3190e4352f1d89c4101ca35"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-852357/852358
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
852358
x-amz-id-2
fh1qxkV7qvmwfsscRYLxg4R0Acp/XFZeOVP2UAOWwtzpQFJKs0pja+JoZQ6f6J6WRPNwM/mNZkA=
error.php
api.assertcom.de/ 		0
311 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/error.php
Requested by
Host: 8fby8peddod4qetsz.ay.delivery
URL: https://8fby8peddod4qetsz.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 59E5 		0
49 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
reloadCampaigns.js
api.bounceexchange.com/bounce/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=1405&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAOAdgE5SBWfUugJgAZNgAvEKZgdwFMAjHKmA8A+qgAmUeuWLFMAJx44QAGzhoMBQo0YAPfE2aKYPeYvlQEPLjgB0AcxAh7KnraQgAttgCGKlagI9iJw8ipQABbAwAAOOACkAMwAgvH0AGJp6Vw5tnA4nj72PqyBbh6eWUg8rnzyQgCeALSeXgkZVjZZ9lwNVsARTTF+wPIgNk3KCC0gOEpNqDhNSBH1S4XyaAhLwFyBC9OdQxEgoFmYAG6LQiIeIADWqDxQ8aQAQmn0KjGfSan09CisXaVBSaSoGXBGRyXDyBSKJTK7i8UPS1Vq9WAzVanhBHWsePSPT6PAGQxGYwmUxmcyWi2Wq3pGy2Oz2032RxiJzO9AhmQBaQAwp95L8wQDOnZHM5XMjKgL6MKATxdGLkkQyJRCJRSIlZELPosRI4RLTBBg1aM4DwDQCjfYYqalOaEGqYH45q8ACLYJyPZ6vD4A8QSNWffA0UjEAAs0cS0eIVEI0cYZFI9ESv0Vnyu4jVGoo1FohHo0foiejtvoFzD70+ODgfE8QmE4hEGEEwjdHpt2YBfCQMTGMFQrlDAvF9HdKk9AtIXqrMAuwHzJELkcIVZ8IDVjCr3zDAKBcXB4r5qJhcMKxVKVjlqPR-Ex2LaqMlqOJ-UGwxUo3GS2pVpaQWJYVjWFofE2QJWX2DlrGOU4d15SEFSVegfHaeg-j3PtqxiGsJ3VKs80Iz4SKw3DRVIiUCQcJwXHKFFUM+JBl1XTUi1ITdcMEci-gotD7CQKisJSCgq3lUTkhwtCVDYwiC0oDdvUuSCcAAbWGexRCxGIeAAXSgSC0CQVxVPkDTcx4EARCuQQ+FcQyrR4cyNOM1BTNEBAfE8AyoAAcV6L80kYAAFClxjSUh2kYABlC0mAAWVmJQQoASRiwVGRixL3NdehopCgAVNkQsCEKADlrBC0LuRAVz1Pczzbh8YRHHkBpDIAaQkHAGvEGBHXkByQCQe5DL8FRxganw2zs1AHL85yGtacQ-Fs65FsM6c5gahsmxbHg2w7IQ-J2lyLjU9S+B8MaR38ERxB4GIpoaXyEGAQyGoHIcQHungJG2nsGsQJ7NgwUR5q2qBlsuiz1I8D6eA+kRgCKHBDMfOpGiFLHnxCtbxHaQVBRqJ8caYHqidxsnsaxEKcWJvGKcYd9FSqmxfQeJ5UacEQVEg7TYGBvgYk4TBSTF9SACImtcaWABppaQVqeHahpFelk5fOl-TMBiYA8DllyKhe1AfGQUQYAF+woEuCIfDt-CJAIBRfwaPSoC0nSPZ4BWrJsqHXAV42RG83yQ6g5qVbakAOoVgahpGsaQ7mzbg9B0xQCsDb7ODxHhBRtH7D6sJw+eOHzcWoA
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
9bb38f676e251c5e71c34dd290adf6072104c68785dcf1f5907342e2eff9a096

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 28 Jun 2023 17:59:37 GMT
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
13
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
2988
dfp.bouncex.net/pub/ 		6 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp.bouncex.net/pub/2988?li=4532524456|5692923351|4532502385|4533045107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
8db8c4f4d67801f964c6cbb00000c3acea658b6e4ba6dd7641136e0f06f9ae98

Request headers

Accept
*/*
Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
via
1.1 google
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.usmagazine.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6
reloadcampaigns
events.bouncex.net/track.gif/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmH1DCAD6JAJ7IQvHqwDMAQSnUSaOIym8AwlIpoYICEJ040DSX1kK+JYITPSeWvkpWMhWJHYtSA4gHdRWCAkABa8AAwAClBg1hC+AOQ44QDKEFjhALIQOEzhAJJJPGEawTSFYRnOWInhACq+aOlFjeEAciC+4RHBEGTqDorAyqrCCCQgGBDAouryUgDSuoX2jjwwAGbIQsAMEHAA1rOWPNGQneYDTjCGaMamR1LWtv2riBAw0Td3auZzfOvRHIvKQ4Qh0RBoEjja5pYzjB7-QGeS48OhQA7rNBgMBCPTISCiRAgLAkBH2FZSOhwZDACCYxi6MkAsBAi6rQhYPRDNLCIwmH7SP48J7I1ZwNLjEkiKAYZZePhwcAgOg0MSaRWMFWQmZFD4wQoaDRKrVqoqLfXq42qnVhN6IA0a5XW8KBXwG9pu9TsAAiADJQJBYAgUOhsPh3ETmFQaPRGP7wNB4EhUJhcHgxBJmAJhBmzBodHoDHz7g5nCM3B5NGXXGMJlMdRoNlsdpADlXrsWfhoOVyyIEvvy8+KScSSNLZb63npmGFfb5lXCQLpmDwAJwADnXvr5yhgzAAjAA2dfsVfsACs+-Yh54ABYeOvz7ffXodIrl-vL+x17fbzJb4+h63mEJ7sDwMi+tmOgdB+vo5AAjrYWDvnuEGqGgo7KESpDJgex6nheV7sGBaFgBhJJQMgaAUCAwDGGkzAkDKEGvioIDMDAkEyjm4jsdWIBwRAhDAIqzDznQvrcSSzDELRQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:37 GMT
x-amzn-RequestId
ff0cbeeb-5998-2270-a21a-c9a23020200d
/
kinesis.us-east-1.amazonaws.com/ Frame 158C 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
c59c2bcc3a5f7104572b9597f7349f56aee5d793e48c0a7d3193bcdbe988c0af

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=0cb1e911c4a423c4558bbaa5a48f58568a171d4f302e3625133027aaccadadcf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
383c002241ea4ce7ec7ddfa99e58f4eb84f348838e2c25784fc85f13ed9b2ba0
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175937Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:37 GMT
x-amzn-RequestId
c6f28253-423b-a497-9be4-f51aa6c514ab
Content-Length
133
x-amz-id-2
1wAGKAuTWdBLoPV/i1cnLGmIyNJkXC3mybMcXBhslNTePGOYpbVddoSfQKHbWg2b8xyGlpjRAm6fFxsjACCsJ4OBIhAKdBzz
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 158C 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=vplay&bitrate=300&ct=0&decodedFrames=0&droppedFrames=0&dur=15.06&height=360&isInFullScreen=false&ui=0&volume=false&width=640&fver=0.0.0&crid=2230414324961059571&imp=7043891257122629690&plid=25171153787&pvid=3306094453373607066&fmtid=53&offsetX=0&offsetY=0&pvt=1687975170974&stime=1687975177730&etime=1687975177730&viewportHeight=1200&viewportWidth=1600&adSlotLeft=772%2C1130&adSlotRight=772%2C1130
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame 158C 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
002ad71fac0a0db52ae5b8dbc2476f92045a59bda13a71eab12ab2ab87aa4100

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f12ce9dc0a5b50f74ba3493c1bcad88758f27a72471e86207dd9e129edea2012
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
f5f78a7404dae91f10a1906bd7eaad7590571acd3f5b14041af436f7b265c30a
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175937Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:37 GMT
x-amzn-RequestId
cfb19dce-96e3-5830-92a7-ea87ff5b5a4d
Content-Length
133
x-amz-id-2
mATlTS7wu5BxoZLjX5EvWcjY/jV0QLwia2vH164EC7DLcLKgZBIG+AeJGrY0EGAB3BGtV+TpHE8cAOZ1fWhQEsppstSYOcN1
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 158C 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=930&fver=0.0.0&bottom=772.078125&ph=14259&pw=1600&top=772.078125&imp=7043891257122629690&plid=25171153787&pvid=3306094453373607066&fmtid=53&e=15&offsetX=0&offsetY=0&pvt=1687975170974&stime=1687975177726&etime=1687975177733&viewportHeight=1200&viewportWidth=1600&adSlotLeft=772%2C1130&adSlotRight=772%2C1130&videoPlacementType=3&pos=3
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
insight.adsrvr.org/enduser/video/ Frame 158C 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=start&imp=08f82aee-836b-40b1-a0c5-462f70f8c071&ag=weznb10&crid=chsv8n1a&cf=5128590&fq=0&t=1&td_s=www.usmagazine.com&rcats=&mste=&mfld=3&mssi=&mfsi=&sv=yieldmo&uhow=84&agsa=&wp=2.152562&rgz=69026&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=2052105591845454873&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAI4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICGi80MjE2L3Vzd2Vla2x5L3JyMS9hcnRpY2xl&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&npt=&adpt=ym_lyieldmo&fpa=179&pcm=3&ict=Unknown&said=3306094453373607066%3A0&auct=1&tail=1&sfe=16d3f503&vp=0&ast=[ASSETURI]
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
1x1.gif
ag.innovid.com/ Frame 158C
Redirect Chain
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&devic...
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&devi...
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=play&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
3.132.38.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-97.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
server
nginx
content-type
text/plain
location
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=play&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control
no-cache
content-length
0
expires
-1
pixel.gif
px.moatads.com/ Frame 158C 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&g=0&ac=1&bq=7&dz=1&f=0&gh=1&dh=0&hc=1&i=INNOVID_OTT1&t=1687975176174&de=17e2ih1687975176174&vz=17e2ih1687975176174&i2=INNOVID&d=146939%3A1271%3A3198042%3A17e2ih&zMoatAdvertiser=1698&zMoatAccountAdv=2779%20%7C%201698&zMoatSDH=15&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&zMoatTRAN=08f82aee-836b-40b1-a0c5-462f70f8c071&zMoatAccount=2779&zMoatAdvPub=1698%20%7C%201271&ott=1&rai=ROKU_ADS_APP_ID&yd=[OMIDPARTNER]&zp=20&app=[APPBUNDLE]&uai=[UNIVERSALADID]&cs=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jun 2023 17:59:37 GMT
pixel.gif
dsa.moatads.com/ Frame 158C 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsa.moatads.com/pixel.gif?e=0&g=0&ac=1&bq=7&dz=1&f=0&gh=1&dh=0&hc=1&i=INNOVID_OTT1&t=1687975176174&de=17e2ih1687975176174&vz=17e2ih1687975176174&i2=INNOVID&d=146939%3A1271%3A3198042%3A17e2ih&zMoatAdvertiser=1698&zMoatAccountAdv=2779%20%7C%201698&zMoatSDH=15&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&zMoatTRAN=08f82aee-836b-40b1-a0c5-462f70f8c071&zMoatAccount=2779&zMoatAdvPub=1698%20%7C%201271&ott=1&rai=ROKU_ADS_APP_ID&yd=[OMIDPARTNER]&zp=20&app=[APPBUNDLE]&uai=[UNIVERSALADID]&rav=ROKU_ADS_APP_VERSION&rlv=ROKU_ADS_LIB_VERSION&rci=ROKU_ADS_CONTENT_ID&rua=ROKU_ADS_USER_AGENT&rdm=ROKU_ADS_DEVICE_MODEL&cs=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.101.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-101-242.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Unused62
8096267
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:38 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
AkamaiNetStorage
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Wed, 28 Jun 2023 17:59:38 GMT
pixel.gif
px.moatads.com/ Frame 158C 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&g=1&q=0&lo=0&dc=1&ak=-&ac=1&bq=7&as=0&ag=0&an=0&gg=0&aj=1&dz=1&ef=3&f=0&gh=1&gi=1&gf=1&dh=0&hc=1&i=INNOVID_OTT1&t=1687975176174&de=17e2ih1687975176174&vz=17e2ih1687975176174&i2=INNOVID&d=146939%3A1271%3A3198042%3A17e2ih&zMoatAdvertiser=1698&zMoatAccountAdv=2779%20%7C%201698&zMoatSDH=15&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&zMoatTRAN=08f82aee-836b-40b1-a0c5-462f70f8c071&zMoatAccount=2779&zMoatAdvPub=1698%20%7C%201271&ott=1&rai=ROKU_ADS_APP_ID&yd=[OMIDPARTNER]&zp=20&app=[APPBUNDLE]&uai=[UNIVERSALADID]&cs=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jun 2023 17:59:37 GMT
pixel.gif
obo.moatads.com/ Frame 158C 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obo.moatads.com/pixel.gif?e=0&ac=1&bq=7&obo=1&cm=1&i=INNOVID_INT1&t=1687975176174&de=17e2ih1687975176174&vz=17e2ih1687975176174&d=146939%3A1271%3A3198042%3A17e2ih&zMoatTTDSUP=yieldmo&zMoatTTDPUB=2052105591845454873&zMoatTTDSITE=www.usmagazine.com&zMoatTTDCAM=pbrdcua&zMoatAccount=2779&zMoatAdvertiser=1698&zMoatTRAN=08f82aee-836b-40b1-a0c5-462f70f8c071&zMoatAccountAdv=2779%20%7C%201698&zMoatAdvPub=1698%20%7C%201271&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&rai=ROKU_APP_ID&yd=[OMIDPARTNER]&zp=21&oa=[APPBUNDLE]&gu=[PAGEURL]&id=0&ii=11&cdom=[DOMAIN]&inst=[INVENTORYSTATE]&psz=[PLAYERSIZE]&pst=[PLAYERSTATE]&cs=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jun 2023 17:59:37 GMT
dar
qmbrjc9n6lrr5ruhopjnqljhxhf4e1687975178.darnuid.imrworldwide.com/ Frame 158C
Redirect Chain
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn339829&cr=crtve&ce=thetradedesk&pc=thetradedesk_plc0001&ci=nlsnci750&am=3&at=view&rt=banner&st=image&cy=0&r=1687975176174
  • https://qmbrjc9n6lrr5ruhopjnqljhxhf4e1687975178.darnuid.imrworldwide.com/dar?url=
0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qmbrjc9n6lrr5ruhopjnqljhxhf4e1687975178.darnuid.imrworldwide.com/dar?url=
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
44.213.0.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-0-41.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
content-length
0
cross-origin-resource-policy
cross-origin

Redirect headers

date
Wed, 28 Jun 2023 17:59:38 GMT
via
1.1 59d9797319b555b25abd21e200e6e428.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
0
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
location
https://QMBRJc9N6lRR5RUHOPjnQlJhXhF4E1687975178.darnuid.imrworldwide.com/dar?url=
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
P_Rcn5ROl7Y0ueuPuMeRlITIV8emhdzhtUNOPJvWfc_VekcDEJIFHQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
t.png
imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/ Frame 158C
Redirect Chain
  • https://imtwjwoasak.com/trk?CNTRY=USA&SID=2500015828&TFID=10022&CMP_ID=112769&PUB_ID=1271&CTE=1029985&PLC_ID=3198042&RND_NUM=1687975176174
  • https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
68 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Server
52.217.226.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:39 GMT
Last-Modified
Tue, 13 Sep 2022 08:55:12 GMT
Server
AmazonS3
x-amz-request-id
V2Z07T9YDCK4EGKF
ETag
"8e31b8b47c618ed73e5b31011d1de037"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
UcoI95bpjlEVUwpMBItZ21dWebYzCfNtlX1olCOEpYgH3sYKEfpQrJvh7pXHfMU8kwqznK5e+Wo=

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
via
1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
LambdaGeneratedResponse from cloudfront
location
https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
x-amz-cf-id
tGnR6EcLLWGY6Hh533JftNm7tcgI5w9qRNmagWfvwP_NR0SAG_7xiA==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:37 GMT
x-amzn-RequestId
cefadc27-b54f-2bb4-93ec-ab6e51b19b88
adchoices.min.js
creative-p.undertone.com/sparkflow/ Frame 63C9 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://creative-p.undertone.com/sparkflow/adchoices.min.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4aec8693e546b47d120b5584950d764ab93fac54db6dd7d752ae097c369eb53c

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
ym3XyubZWFYvvw1ol0rGsZbGpniYcj30
content-encoding
gzip
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 08:15:16 GMT
last-modified
Wed, 29 Dec 2021 09:36:40 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
35062
etag
W/"a477ced9a1653238c975261f88f7a826"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-amz-cf-id
GiUCeCXNeTloPOYkyoWEIPbonLyAjWp6rV140iQsHsPM0nNSECDOrw==
utmark.min.js
creative-p.undertone.com/sparkflow/formats/latest/ Frame 63C9 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://creative-p.undertone.com/sparkflow/formats/latest/utmark.min.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddd28e191ace405d3cae111673a51847eef728fea583cfc468c58aad894b52a5

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 08:35:32 GMT
content-encoding
gzip
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-version-id
jJFs29Os2MeyALK2mZddO.kefYxSTgj.
x-amz-cf-pop
EWR53-C3
age
33846
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
2205
last-modified
Tue, 13 Jun 2023 08:34:59 GMT
server
AmazonS3
etag
"2670723a1d0087893f88169bc28e5bd4"
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
i-DHNPOQCKczoM6jyftgu5QAn4Mh6w_RszZA7QAhmzUWF1QP7KNtEw==
/
kinesis.us-east-1.amazonaws.com/ Frame 4FDA 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
aab76f91601be10b9800dde0250d96d57e692646a0062a1a27ab93eba59366a7

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=2d6db6459452e39dbc3de89e80d0d230694b488c886438e5d966b2d8c7c5acce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
218b9f51481810def9d049e0a231c65d11500d1041ab112175fc28a07ed1bc16
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175937Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:37 GMT
x-amzn-RequestId
d5fea2de-ccf3-c414-88e8-d597280d7428
Content-Length
133
x-amz-id-2
ZrX/CON9C/i1A0+a9D2nrB0vyOPtRy5agQQWG2I3GqLmxdXaWSQESmN6DnD5kfoJDquT92biHYUH2PsvQCropqLCt14gd/J1
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 4FDA 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1056&fver=6.0.17-F48-B524&bottom=1486.078125&ph=14259&pw=1600&top=1486.078125&imp=5984656341358643568&plid=25171153787&pvid=3306094453464407565&fmtid=48&e=15&offsetX=0&offsetY=0&pvt=1687975170985&stime=1687975177833&etime=1687975177834&viewportHeight=1200&viewportWidth=1600&adSlotLeft=1486%2C590&adSlotRight=1486%2C590&videoPlacementType=4&pos=3
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:37 GMT
x-amzn-RequestId
f8d2e77c-211d-bd11-a5c4-9035c5e30d2d
PugMaster
image6.pubmatic.com/AdServer/ Frame ABEE 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78516045&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cc3a04265e756e8effbdd818d02360463b07ff4bfe108bb419b201a559884a47

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 28 Jun 2023 17:59:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame 620A 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WT513E302DCS40V6Z8GG
Pug
image2.pubmatic.com/AdServer/ Frame BD6D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEbVowN0pPT29BQUNFNmtrYVlKQQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADmZ07JOOoAACE6kkaYJA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADmZ07JOOoAACE6kkaYJA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6418409603037558770&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADmZ07JOOoAACE6kkaYJA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6418409603037558770%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6418409603037558770&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AADmZ07...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADmZ07JOOoAACE6kkaYJA&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADmZ07JOOoAACE6kkaYJA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:40 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADmZ07JOOoAACE6kkaYJA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5501
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4b72649c-7502-4200-9732-0e3f626912f4&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4b72649c-7502-4200-9732-0e3f626912f4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:37 GMT
Expires
Wed, 28 Jun 2023 17:59:36 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1031 59fd23a master ord ord-pixel-x56 config_version:"1969"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4b72649c-7502-4200-9732-0e3f626912f4&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 5504
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_7b2d4bfb26e7466ea3d74
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_7b2d4bfb26e7466ea3d74
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Wed, 28 Jun 2023 17:59:37 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_7b2d4bfb26e7466ea3d74
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 0BB0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=239972947338320392&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=239972947338320392&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
e58758a6-0e66-4cac-a9c8-8ddd9bce7ce0
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Jun 2023 17:59:37 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=239972947338320392&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
usersync
usersync.gumgum.com/ Frame 1CCC 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:37 GMT
Expires
0
Pragma
no-cache
sd
us-u.openx.net/w/1.0/ Frame 535E 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 535E 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.177.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-177-129.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:37 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 535E 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.174.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-174-60.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 28 Jun 2023 17:59:37 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 535E 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.6.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-6-190.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:38 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
8c8fe3e0-15dd-11ee-bd3f-0256e5f42367
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-06b9919e5beaf68ea
E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 535E 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:989d:4d6a:f0:57ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 535E
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=24dc5a52ec4821d8&is_secure=true&networkId=17100&version=1&nuid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMBhis0ppL9QMqDmBvAAAAAAA&expiration=1688061588&nuid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&...
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMBhis0ppL9QMqDmBvAAAAAAA&expiration=1688061588&nuid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMBhis0ppL9QMqDmBvAAAAAAA&expiration=1688061588&nuid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 535E
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_8aaddd70-15dd-11ee-a3c3-1297b61989fd&gdpr=0
42 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_8aaddd70-15dd-11ee-a3c3-1297b61989fd&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_8aaddd70-15dd-11ee-a3c3-1297b61989fd&gdpr=0
date
Wed, 28 Jun 2023 17:59:37 GMT
content-length
0
content-type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame 535E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=265f29b0-d998-4d0c-9f19-b770d7a10271&gdpr=0&gdpr_consent=
1 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=265f29b0-d998-4d0c-9f19-b770d7a10271&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=265f29b0-d998-4d0c-9f19-b770d7a10271&gdpr=0&gdpr_consent=
Date
Wed, 28 Jun 2023 17:59:37 GMT
Connection
keep-alive
X-CI-RTID
7f6d1aa0-d634-49ac-b6fc-85167510882f
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 535E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4dfdf087-7a88-42e9-8537-c91bdeaab859&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-Ogury_n-MediaNet_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-undertone_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_kg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Wed, 28 Jun 2023 17:59:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=61aa82ee-fa3c-9af6-776e-e30dafa96c82&tv=%7Bc:gRbmas,pingTime:-10,time:4197,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687975177349%7C%7Cacd735a6a99a03306926ae4c3d10d166%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7C0b29ca854fb3ec5f87ac3409d21aacff%7C%7C3f93d0975cb8086310a9278fcbe6536f%7C%7C35bcc4c24cf32f463dacc5430207858e%7C%7Cfc33973b443d57c7932fd6e19b0fdb02%7C%7Ca693b35b972fe147c6340e38cd37da2c%7C%7C1663701684,sca:%7Bspg:37e3873f-ff20-0f99-31ee-ace7bf98e81e%7D,env:%7Bar:self.0%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt29.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
jload
pixel.adsafeprotected.com/ Frame 2B12 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=927944&campId=494396&pubId=121020&chanId=244413&placementId=339664&adsafe_par&bundleId=&impId=ff074964d0b7408ab310ab92cd61d2ee&ias_adpath=%23div_8a062bc015dd11eea9f9174ce71884e5_0_0
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
/
Resource Hash
97572527a2980018db263ef655e682cbf275a171ad55a6321a8b4943ad879d51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
dvtp_src.js
cdn.doubleverify.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=43425&cmp=DV310070&sid=undertone&plc=DV-UT_Viewability&adsrv=103&advid=3819603&dvtagver=6.1.src&btreg=div_8a062bc015dd11eea9f9174ce71884e5_0_0&DVP_PP_REP=1&DVP_IQM_ID=37&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_APP_ID=&DVPX_PP_IMP_ID=ff074964d0b7408ab310ab92cd61d2ee&DVP_UT_1=1887944&DVP_UT_2=494396&DVP_UT_3=339664&DVP_UT_4=121020&DVP_UT_5=75&DVP_UT_6=708725&turl=https%3A%2F%2Fwww.usmagazine.com%2F
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.123.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-37-123-209.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
104fe1d096865fb450f1d921b99ea70d85d935d9c8a2e88e980de371e03ea9e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jun 2023 12:21:21 GMT
Server
UploadServer
ETag
"4c41482e45017a01683eea2db59c11aa"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3373
Expires
Wed, 28 Jun 2023 12:36:52 GMT
/
ads.sparkflow.net/e/ Frame 2B12 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.sparkflow.net/e/?i=101248,102647&uid=8a062bc015dd11eea9f9174ce71884e5_0&v=201&e=ire,,&x=ff074964d0b7408ab310ab92cd61d2ee&udms=%7B%22rid%22%3A%22ff074964d0b7408ab310ab92cd61d2ee%22%2C%22zid%22%3A%22121020%22%2C%22cid%22%3A%22494396%22%2C%22bid%22%3A%221887944%22%7D&sfcb=ljg0u7193
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.149.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-149-108.compute-1.amazonaws.com
Software
istio-envoy / Express
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
server
istio-envoy
x-powered-by
Express
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
43
e
evt.undertone.com/ Frame 2B12 		0
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evt.undertone.com/e?bannerid=1887944&campaignid=494396&zoneid=195636&clang=en&ccat=2306,91652,69126,22025,7435,69132,47886,91664,44566,32793,69147,17183,18208,91680,17186,140832,17190,91688,134697,10288,91696,16951,154677,92985,91704,88384,91712,47937,154695,21318,21320,91720,88395,152392,79178,154702,7501,5198,46159,154701,91728,129104,24657,24146,51796,151895,130391,7510,79192,91736,7513,110424,15963,117087,17764,88420,7526,20838,19047,7527,135269,88425,33128,7528,30824,7529,7531,7532,13422,7541,35445,128889,88440,7545,145784,7546,145785,5248,7553,7554,5252,140682,140683,44682,12940,5261,46733,24728,69272,44697,10395,134044,44705,13475,93090,44708,18853,44715,44723,44724,17845,44725,152770,44737,69059,44738,44741,22984,44749,62413,18893,17869,12750,13006,69329,12752,44754,125397,2261,17114,3802,46813,47838,46814,43998,46815,128993,52962,154592,44774,140267,44779,16621,152301,69102,69109,130295,47862,36087,36088,69369,121082,25086,139773&cb=41539552240&bk=rwz5z9&id=ff074964d0b7408ab310ab92cd61d2ee&stid=3&uasv=v22&st=https%3A%2F%2Fwww.usmagazine.com%2F&ut_pii_allowed=1&pid=121&ut_placement_id=121020&aduid=75&io=708725&io_li=339664&time_zone=America/New_York&e=SF_impression_ready&eid=ad&_=4416219035
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.usmagazine.com/
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
sSBEEOIDMx3Kdpp58uErrPNRMOQknUozQcoFar0HH_-iniIemkypBg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ads.sparkflow.net/e/ Frame 2B12 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.sparkflow.net/e/?i=101248,102647&uid=8a062bc015dd11eea9f9174ce71884e5_0&v=201&e=ivi,,&x=ff074964d0b7408ab310ab92cd61d2ee&udms=%7B%22rid%22%3A%22ff074964d0b7408ab310ab92cd61d2ee%22%2C%22zid%22%3A%22121020%22%2C%22cid%22%3A%22494396%22%2C%22bid%22%3A%221887944%22%7D&sfcb=ljg0u7224
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.149.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-149-108.compute-1.amazonaws.com
Software
istio-envoy / Express
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
server
istio-envoy
x-powered-by
Express
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-envoy-upstream-service-time
2
Connection
keep-alive
Content-Length
43
e
evt.undertone.com/ Frame 2B12 		0
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evt.undertone.com/e?bannerid=1887944&campaignid=494396&zoneid=195636&clang=en&ccat=2306,91652,69126,22025,7435,69132,47886,91664,44566,32793,69147,17183,18208,91680,17186,140832,17190,91688,134697,10288,91696,16951,154677,92985,91704,88384,91712,47937,154695,21318,21320,91720,88395,152392,79178,154702,7501,5198,46159,154701,91728,129104,24657,24146,51796,151895,130391,7510,79192,91736,7513,110424,15963,117087,17764,88420,7526,20838,19047,7527,135269,88425,33128,7528,30824,7529,7531,7532,13422,7541,35445,128889,88440,7545,145784,7546,145785,5248,7553,7554,5252,140682,140683,44682,12940,5261,46733,24728,69272,44697,10395,134044,44705,13475,93090,44708,18853,44715,44723,44724,17845,44725,152770,44737,69059,44738,44741,22984,44749,62413,18893,17869,12750,13006,69329,12752,44754,125397,2261,17114,3802,46813,47838,46814,43998,46815,128993,52962,154592,44774,140267,44779,16621,152301,69102,69109,130295,47862,36087,36088,69369,121082,25086,139773&cb=41539552240&bk=rwz5z9&id=ff074964d0b7408ab310ab92cd61d2ee&stid=3&uasv=v22&st=https%3A%2F%2Fwww.usmagazine.com%2F&ut_pii_allowed=1&pid=121&ut_placement_id=121020&aduid=75&io=708725&io_li=339664&time_zone=America/New_York&e=SF_viewable&eid=ad&_=5969792879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.usmagazine.com/
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
jlChfRt3JW-EPgHDCzeBVi-u8n5l7A6DWe3WRfmB5fDaqXBdo1CGZA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A974
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_4YJDP6HAFrk0wZc8dYdXquGUVfkhAcL_Iu-kH9t
42 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_4YJDP6HAFrk0wZc8dYdXquGUVfkhAcL_Iu-kH9t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-store, proxy-revalidate
content-length
0
date
Wed, 28 Jun 2023 17:59:43 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_4YJDP6HAFrk0wZc8dYdXquGUVfkhAcL_Iu-kH9t
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 0928
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8cbab7b4-15dd-11ee-a8ee-3b17880e0cb5
42 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8cbab7b4-15dd-11ee-a8ee-3b17880e0cb5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Wed, 28 Jun 2023 17:59:38 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8cbab7b4-15dd-11ee-a8ee-3b17880e0cb5
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-2
setuid
prebid.a-mo.net/ Frame B359
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dpubmatic%26uid%3DE63DA0C9-D1FA-499B-9...
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Wed, 28 Jun 2023 17:59:37 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 28 Jun 2023 17:59:37 GMT
location
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
setuid
prebid.a-mo.net/ Frame BA87
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jDeRK2Xd1Qezs15&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dpubmatic%26uid%3DE63DA0C9-D1FA-499B-9...
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Wed, 28 Jun 2023 17:59:38 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 28 Jun 2023 17:59:38 GMT
location
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 9EC0
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=940c2b41-f2d9-4620-97d9-28b02417b871&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
42 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.114.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-114-132.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:38 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 28 Jun 2023 17:59:38 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 0B2C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TsQVy5XhU41iMArRnN9PSgW16oY&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Wed, 28 Jun 2023 17:59:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 28 Jun 2023 17:59:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 20FD
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=794911503444
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=794911503444
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=794911503444
i.match
a.tribalfusion.com/ Frame CD70 		43 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7de7d34c69c34205-EWR
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
ImgSync
image8.pubmatic.com/AdServer/ Frame F6A1
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Wed, 28 Jun 2023 17:59:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 28 Jun 2023 17:59:38 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 2E5B
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 28 Jun 2023 17:59:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 28 Jun 2023 17:59:38 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 1DAA
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=4533086837
  • https://sync.1rx.io/usersync3/mediamathtest/1508/4b72649c-7502-4200-9732-0e3f626912f4?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
42 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Wed, 28 Jun 2023 17:59:38 GMT
ETag
RXca2d807dab8f4f7983359a423816c02a005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
cm
ipac.ctnsnet.com/int/ Frame 2A43 		43 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 28 Jun 2023 17:59:37 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame A3B8
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=_w2-TtISCO-eZA0eCnWcZA
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=_w2-TtISCO-eZA0eCnWcZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Wed, 28 Jun 2023 17:59:38 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=_w2-TtISCO-eZA0eCnWcZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame A163
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=08b1545e-1485-473b-8a76-8967631d1b03
1 B
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=08b1545e-1485-473b-8a76-8967631d1b03
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 28 Jun 2023 17:59:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 28 Jun 2023 17:59:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=08b1545e-1485-473b-8a76-8967631d1b03
strict-transport-security
max-age=15724800; includeSubDomains
pub
matching.truffle.bid/sync/ Frame 922C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 28 Jun 2023 17:59:38 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 3FF5 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Jun 2023 17:59:38 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-c14a9cf2d2ae@version_1.557v3
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame EF94
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7412615781708265177&uid=Q741261578170826...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7412615781708265177
42 B
96 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7412615781708265177
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=83781
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Wed, 28 Jun 2023 17:59:38 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7412615781708265177
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
ImgSync
image8.pubmatic.com/AdServer/ Frame 4824
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2C656F80C1374931A3DC1E683CAACB1C&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Wed, 28 Jun 2023 17:59:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 28 Jun 2023 17:59:38 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
362358.gif
idsync.rlcdn.com/ Frame ABEE
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMSmdZ1QAWxGvi9lz2LRp40&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMSmdZ1QAWxGvi9lz2LRp40&google_cver=1
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMSmdZ1QAWxGvi9lz2LRp40&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E/gdpr=0/ Frame ABEE 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E/gdpr=0/gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.30.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-30-65.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.39.21
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame ABEE 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
/
bpi.rtactivate.com/tag/ Frame ABEE 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.162.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-162-236.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
Pug
image2.pubmatic.com/AdServer/ Frame ABEE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&gdpr=0&gdpr_consent=
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:37 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame ABEE
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_104FCD7C0_8F0FC0C0&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
38.98.69.175 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-370979960; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:37 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-370979960; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame ABEE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4662830998819244376
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4662830998819244376
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4662830998819244376
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ImgSync
image8.pubmatic.com/AdServer/ Frame ABEE
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=239972947338320392
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame ABEE
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:88f634e2-74e7-4900-a02a-59eda86628c9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
kinesis.us-east-1.amazonaws.com/ Frame 6985 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
eb7f14a7b52946a5c3c6727afaf19560b30fda3dc5eef39dc61b874c646e0272

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=3457281e3f8f4660fb10d142c68e1ed6bb799c69bda6d6db7d5d3906fae4c910
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
ab7b54cdaf0a674f56a49f764abd75467af54ddc72609cd516528fa7f019c72f
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175938Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:38 GMT
x-amzn-RequestId
f06d9534-4db5-79de-ad7b-e27e16440ce8
Content-Length
133
x-amz-id-2
xiT7VIzMeoyQc1+xL6NLqypsgFB9Tv89ONhSFgg8QoFtb8+W8auASpCBhrVVF6DpqDD9kynnEJceY6RvCI0gLCHlDq1ThVYU
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6985 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=2013&fver=6.9.43-F100-101-B285&bottom=190&ph=14259&pw=1600&top=190&imp=3422352838061422437&plid=25171153787&pvid=3306094453347824865&fmtid=100&e=15&offsetX=0&offsetY=0&pvt=1687975170971&stime=1687975178134&etime=1687975178135&viewportHeight=1200&viewportWidth=1600&adSlotLeft=190%2C315&adSlotRight=190%2C315&videoPlacementType=2&pos=6&playerSize=440%2C248&playerSizeCategory=s
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
canvas-player.js
creative-p.undertone.com/spk-public/common/ Frame 63C9 		87 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://creative-p.undertone.com/spk-public/common/canvas-player.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b224aab1e1cdb1510d21b99428db819b5c83e1a743ccde1867d241470f7ab860

Request headers

Accept
*/*
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
.VePMGou1jZoxyKivmaZuIQQ0D_s3C0m
content-encoding
gzip
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 08:14:41 GMT
last-modified
Wed, 29 Dec 2021 09:45:38 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
35098
etag
W/"7a3c59b5752fbc9cb23f52510058731a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-amz-cf-id
J9LPwoxd_cmHbessjeNr-_jiWjivKh18fhn6SOS4vp1FY8W93hv7GA==
sort_2.png
creative-p.undertone.com/sparkflow/formats/latest/img/ Frame 63C9 		40 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/sparkflow/formats/latest/img/sort_2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b65b256a65688221bccb2462b423ee9d942c94aad931168a59fa9a108a5f707f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
UKmDslpyDDLDZK7UTcqYXvYCzaY._577
content-encoding
gzip
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 08:35:44 GMT
x-amz-cf-pop
EWR53-C3
age
33835
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
39611
last-modified
Tue, 13 Jun 2023 08:34:58 GMT
server
AmazonS3
etag
"375de27938084e7ada5e0c8f6b24a931"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
nDVKwTEzXXt7MllBVmWBuk88J5LfQtXpI2sY-wDWhm5135JIhzXtAw==
ac.png
creative-p.undertone.com/sparkflow/formats/latest/img/ Frame 63C9 		973 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/sparkflow/formats/latest/img/ac.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68c5332746c6fa894b4001de13380d38611f92329eaa44264c96841753acd051

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
RAxts0BkfjqQTcNnbdqP00R2fkeJ5Tgw
content-encoding
gzip
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 08:35:31 GMT
x-amz-cf-pop
EWR53-C3
age
33848
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
899
last-modified
Tue, 13 Jun 2023 08:34:58 GMT
server
AmazonS3
etag
"0d3543cf1e13efc5e854a821c6284c34"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
pcZg622Z1BA_5GGAs0exS6bcGaQ9sMi4U_i2w6q2QLmFRuoXN-ziyw==
sort.png
creative-p.undertone.com/sparkflow/formats/latest/img/ Frame 63C9 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/sparkflow/formats/latest/img/sort.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49456679f17b7bff93e0ab2e31d2804a118e3e844e1fce270577f9ac97b77ae1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
Rm2T3IjRq_Z5bm7pMsQZFyJlNRNCESnC
content-encoding
gzip
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 08:35:44 GMT
x-amz-cf-pop
EWR53-C3
age
33835
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
38527
last-modified
Tue, 13 Jun 2023 08:34:58 GMT
server
AmazonS3
etag
"9ae04cd54272cc6cefd4d221762a9f97"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
2PShadQ4LLzXZNH4lmLVijTP2PBzdEy_wvrFZGz31HZ9uggtosw5wA==
setuid
prebid.a-mo.net/ Frame FC4E
Redirect Chain
  • https://id.a-mx.com/usync?uid=e7e5b395-f284-45fc-a66e-d2fd1994f7da&gdpr_consent=
  • https://prebid.a-mo.net/cchain/0
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F465%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dappnexus%26cbx%3D%26ui...
  • https://prebid.a-mo.net/cchain/0/465?gdpr=&gdpr_consent=&us_privacy=&A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=appnexus&cbx=&uid=239972947338320392
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F465%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3De7e5b395-f284-45fc-a66e-d2fd1994f7d...
  • https://prebid.a-mo.net/cchain/1/465?gdpr=&gdpr_consent=&us_privacy=&A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=adform&cbx=&uid=4662830998819244376
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=e7e5b395-f284-45fc-a66e-d2fd1994f7da&gdpr=0&gdpr_consent=&us_privacy=
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-V_62sWQ-KjWVYdMfS-YWz9cWBj0nwVT1Hor_DA&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&us_privacy=
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&us_privacy=
Date
Wed, 28 Jun 2023 17:59:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
setuid
prebid.a-mo.net/ Frame FC4E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=e7e5b395-f284-45fc-a66e-d2fd1994f7da&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26u...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26u...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=15cf37cc-83b0-52b3-b26c-ed5ad6f09850&ssp=adaptmx&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&us_privacy=
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=e5909bf2-71a8-45a7-b91d-17324c9598fd&gdpr=0&gdpr_consent=&us_privacy=
Date
Wed, 28 Jun 2023 17:59:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame FC4E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=e7e5b395-f284-45fc-a66e-d2fd1994f7da
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-LLEoLINE2uHcvWSuZg75RZgiclcHyPjZKEewfV8-~A&gdpr=0
0
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-LLEoLINE2uHcvWSuZg75RZgiclcHyPjZKEewfV8-~A&gdpr=0
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-LLEoLINE2uHcvWSuZg75RZgiclcHyPjZKEewfV8-~A&gdpr=0
date
Wed, 28 Jun 2023 17:59:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame FC4E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=LJG0U0S1-Q-EBQ2&gdpr=0
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LJG0U0S1-Q-EBQ2&gdpr=0
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LJG0U0S1-Q-EBQ2&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
setuid
prebid.a-mo.net/ Frame FC4E
Redirect Chain
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dadform%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=adform&uid=4662830998819244376
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=adform&uid=4662830998819244376
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=adform&uid=4662830998819244376
date
Wed, 28 Jun 2023 17:59:38 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
prebid.a-mo.net/ Frame FC4E
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%...
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=smartadserver&uid=6418409603037558770
0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=smartadserver&uid=6418409603037558770
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=smartadserver&uid=6418409603037558770
date
Wed, 28 Jun 2023 17:59:37 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame FC4E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dpubmatic%26uid%3DE63DA0C9-D1FA-499B-9...
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=pubmatic&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame FC4E
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=index_rtb&uid=ZJx1AqyAB4e5NDZqrk0bIAAA%261381
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=index_rtb&uid=ZJx1AqyAB4e5NDZqrk0bIAAA%261381
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=index_rtb&uid=ZJx1AqyAB4e5NDZqrk0bIAAA%261381
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
setuid
prebid.a-mo.net/ Frame FC4E
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=sovrn&uid=G5H3cSZHuSINuM55Tu6cBHSs
0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=sovrn&uid=G5H3cSZHuSINuM55Tu6cBHSs
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Wed, 28 Jun 2023 17:59:38 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=sovrn&uid=G5H3cSZHuSINuM55Tu6cBHSs
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame FC4E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De7e5b395-f284-45fc-a66e-d2fd1994f7da%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=appnexus&uid=239972947338320392
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=appnexus&uid=239972947338320392
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:37 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Wed, 28 Jun 2023 17:59:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c7463b4e-fb30-49f2-b388-e4dfd834a7c6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://prebid.a-mo.net/setuid?A=e7e5b395-f284-45fc-a66e-d2fd1994f7da&bidder=appnexus&uid=239972947338320392
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame FC4E 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=e7e5b395-f284-45fc-a66e-d2fd1994f7da
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:38 GMT
AN-X-Request-Uuid
5ee53936-72e9-4519-b80d-41a04272dc61
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame FC4E 		86 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=e7e5b395-f284-45fc-a66e-d2fd1994f7da
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
content-length
86
content-type
image/png
setuid
prebid-server.rubiconproject.com/ Frame FC4E 		86 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=e7e5b395-f284-45fc-a66e-d2fd1994f7da
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.229.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-229-175.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=df5f9fb2-8672-6f57-9df5-61c2a83f469a&tv=%7Bc:gRbmfZ,time:3207,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:3208,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1629,wc:0.0.1600.1200,ac:0.14255.1.1,am:i,cc:0.14255.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1752~0%5D,as:%5B1752~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tIv1OpG+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d%7C1e*.928572%7C1e1%7C1e2%7C1e3%7C1f%7C1g1%7C1g2%7C1g3%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s,idMap:1e*,rmeas:1,rend:1,renddet:svg.qs,siq:1630,sis:2018%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
main.19.8.422.js
static.adsafeprotected.com/ Frame 2B12 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.422.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4641790cbf5c84b9d6aa65f79f2f4fd3ef897776478d7912e16e31878e7e4d59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 19:23:57 GMT
x-amz-version-id
H3hjPBlpconOojZjf5.4mwu2oDHU4Z1_
content-encoding
gzip
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
167747
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 26 Jun 2023 17:26:27 GMT
server
AmazonS3
etag
W/"b5f188372cbe7773137be3f8908d1b84"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
jn8a4-LaiOZrVp6Dn04ydigX2Sd-5bYvB_ESRr4MCRzOfjrkEgM8Lg==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:38 GMT
x-amzn-RequestId
e456e07d-3722-591e-b940-97376cd32c28
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/ Frame 63C9 		58 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://creative-p.undertone.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5004234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21169
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-e6bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWJwiAzNGRuDfOmijdsj%2BK0E5MAY8MkWIXt%2Fe58aibodsP34frR9UNYLSSJmCmqboXfoBIEGiLORfrmyN4dDEFKGxcE%2BdiFCKN17m1S9%2Fmn3CRtvt12%2FhSFLMfmOXUxrsHOV6CWO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7de7d322ec320f43-EWR
expires
Mon, 17 Jun 2024 17:59:38 GMT
howler.min.js
cdnjs.cloudflare.com/ajax/libs/howler/2.2.3/ Frame 63C9 		35 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/howler/2.2.3/howler.min.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0febfd99e2733b690ecac2dc36c82885f581a6b5c73b65895898ff8548415f5b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://creative-p.undertone.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4399895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8632
last-modified
Wed, 30 Jun 2021 20:36:15 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60dcd5bf-21b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyUXY48SS2Nms6XZHchozUDEBf7kUw%2FUowvknQLax4jlwJ7YcT5rus2tTztYDtwuMo5l%2Bazmx4evGFNsnD6g0kq1e6aZiq6ayd7G95D4mKIZF0%2F1CIvvIOJXUXi4PaQxhEhlJSNH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7de7d322ec340f43-EWR
expires
Mon, 17 Jun 2024 17:59:38 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=df5f9fb2-8672-6f57-9df5-61c2a83f469a&tv=%7Bc:gRbmip,pingTime:-10,time:3357,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687975177349%7C%7Cacd735a6a99a03306926ae4c3d10d166%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7C0b29ca854fb3ec5f87ac3409d21aacff%7C%7C3f93d0975cb8086310a9278fcbe6536f%7C%7C35bcc4c24cf32f463dacc5430207858e%7C%7Cfc33973b443d57c7932fd6e19b0fdb02%7C%7Ca693b35b972fe147c6340e38cd37da2c%7C%7C1663701684,sca:%7Bspg:37e3873f-ff20-0f99-31ee-ace7bf98e81e%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6985 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=vplay&bitrate=300&ct=0.02&dur=15.06&height=360&isInFullScreen=false&ui=0&volume=false&width=640&fver=6.9.43-F100-101-B285&crid=2230417036964471064&imp=3422352838061422437&plid=25171153787&pvid=3306094453347824865&fmtid=100&offsetX=0&offsetY=0&pvt=1687975170971&stime=1687975178463&etime=1687975178463&viewportHeight=1200&viewportWidth=1600&adSlotLeft=190%2C315&adSlotRight=190%2C315
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
dar
9d8u0rnshxrn411z5jbukvbvbefsa1687975178.darnuid.imrworldwide.com/ Frame 6985
Redirect Chain
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn339829&cr=crtve&ce=thetradedesk&pc=thetradedesk_plc0001&ci=nlsnci750&am=3&at=view&rt=banner&st=image&cy=0&r=1687975176174
  • https://9d8u0rnshxrn411z5jbukvbvbefsa1687975178.darnuid.imrworldwide.com/dar?url=
0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9d8u0rnshxrn411z5jbukvbvbefsa1687975178.darnuid.imrworldwide.com/dar?url=
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
44.213.0.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-0-41.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
content-length
0
cross-origin-resource-policy
cross-origin

Redirect headers

date
Wed, 28 Jun 2023 17:59:38 GMT
via
1.1 59d9797319b555b25abd21e200e6e428.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
0
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
location
https://9d8U0rNShXrn411z5JbUKVbvbEfsa1687975178.darnuid.imrworldwide.com/dar?url=
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
_3EFmnOaH2IjGTRuyMXSsSNxqCHtzwMEn0jAoETS7-Td6eeIIT01mg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame 6985 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=start&imp=9f95ba01-2fda-4f1b-822a-4186aef14de0&ag=weznb10&crid=7vh6qvtb&cf=5128590&fq=0&t=1&td_s=www.usmagazine.com&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=yieldmo&uhow=84&agsa=&wp=2.817740&rgz=69026&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=2052105591845454873&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAM4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICHi80MjE2L3Vzd2Vla2x5L2xlYWRlcjEvYXJ0aWNsZQ..&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&npt=&adpt=ym_lyieldmo&fpa=157&pcm=3&ict=Unknown&said=3306094453347824865%3A0&auct=1&tail=1&sfe=16d3f502&vp=0&ast=[ASSETURI]
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
1x1.gif
ag.innovid.com/ Frame 6985
Redirect Chain
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&devic...
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&devi...
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=play&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
3.132.38.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-97.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
server
nginx
content-type
text/plain
location
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=play&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control
no-cache
content-length
0
expires
-1
pixel.gif
px.moatads.com/ Frame 6985 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&g=0&ac=1&bq=7&dz=1&f=0&gh=1&dh=0&hc=1&i=INNOVID_OTT1&t=1687975176174&de=17e2if1687975176174&vz=17e2if1687975176174&i2=INNOVID&d=146939%3A1271%3A3192555%3A17e2if&zMoatAdvertiser=1698&zMoatAccountAdv=2779%20%7C%201698&zMoatSDH=15&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&zMoatTRAN=9f95ba01-2fda-4f1b-822a-4186aef14de0&zMoatAccount=2779&zMoatAdvPub=1698%20%7C%201271&ott=1&rai=ROKU_ADS_APP_ID&yd=[OMIDPARTNER]&zp=20&app=[APPBUNDLE]&uai=[UNIVERSALADID]&cs=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jun 2023 17:59:38 GMT
pixel.gif
dsa.moatads.com/ Frame 6985 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsa.moatads.com/pixel.gif?e=0&g=0&ac=1&bq=7&dz=1&f=0&gh=1&dh=0&hc=1&i=INNOVID_OTT1&t=1687975176174&de=17e2if1687975176174&vz=17e2if1687975176174&i2=INNOVID&d=146939%3A1271%3A3192555%3A17e2if&zMoatAdvertiser=1698&zMoatAccountAdv=2779%20%7C%201698&zMoatSDH=15&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&zMoatTRAN=9f95ba01-2fda-4f1b-822a-4186aef14de0&zMoatAccount=2779&zMoatAdvPub=1698%20%7C%201271&ott=1&rai=ROKU_ADS_APP_ID&yd=[OMIDPARTNER]&zp=20&app=[APPBUNDLE]&uai=[UNIVERSALADID]&rav=ROKU_ADS_APP_VERSION&rlv=ROKU_ADS_LIB_VERSION&rci=ROKU_ADS_CONTENT_ID&rua=ROKU_ADS_USER_AGENT&rdm=ROKU_ADS_DEVICE_MODEL&cs=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.101.242 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-101-242.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Unused62
8096267
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:38 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
AkamaiNetStorage
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Wed, 28 Jun 2023 17:59:38 GMT
pixel.gif
px.moatads.com/ Frame 6985 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&g=1&q=0&lo=0&dc=1&ak=-&ac=1&bq=7&as=0&ag=0&an=0&gg=0&aj=1&dz=1&ef=3&f=0&gh=1&gi=1&gf=1&dh=0&hc=1&i=INNOVID_OTT1&t=1687975176174&de=17e2if1687975176174&vz=17e2if1687975176174&i2=INNOVID&d=146939%3A1271%3A3192555%3A17e2if&zMoatAdvertiser=1698&zMoatAccountAdv=2779%20%7C%201698&zMoatSDH=15&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&zMoatTRAN=9f95ba01-2fda-4f1b-822a-4186aef14de0&zMoatAccount=2779&zMoatAdvPub=1698%20%7C%201271&ott=1&rai=ROKU_ADS_APP_ID&yd=[OMIDPARTNER]&zp=20&app=[APPBUNDLE]&uai=[UNIVERSALADID]&cs=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jun 2023 17:59:38 GMT
pixel.gif
obo.moatads.com/ Frame 6985 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obo.moatads.com/pixel.gif?e=0&ac=1&bq=7&obo=1&cm=1&i=INNOVID_INT1&t=1687975176174&de=17e2if1687975176174&vz=17e2if1687975176174&d=146939%3A1271%3A3192555%3A17e2if&zMoatTTDSUP=yieldmo&zMoatTTDPUB=2052105591845454873&zMoatTTDSITE=www.usmagazine.com&zMoatTTDCAM=pbrdcua&zMoatAccount=2779&zMoatAdvertiser=1698&zMoatTRAN=9f95ba01-2fda-4f1b-822a-4186aef14de0&zMoatAccountAdv=2779%20%7C%201698&zMoatAdvPub=1698%20%7C%201271&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&rai=ROKU_APP_ID&yd=[OMIDPARTNER]&zp=21&oa=[APPBUNDLE]&gu=[PAGEURL]&id=0&ii=11&cdom=[DOMAIN]&inst=[INVENTORYSTATE]&psz=[PLAYERSIZE]&pst=[PLAYERSTATE]&cs=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jun 2023 17:59:38 GMT
t.png
imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/ Frame 6985
Redirect Chain
  • https://imtwjwoasak.com/trk?CNTRY=USA&SID=2500015828&TFID=10022&CMP_ID=112769&PUB_ID=1271&CTE=1029985&PLC_ID=3192555&RND_NUM=1687975176174
  • https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
68 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Server
52.217.226.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:39 GMT
Last-Modified
Tue, 13 Sep 2022 08:55:12 GMT
Server
AmazonS3
x-amz-request-id
V2Z2Z2N6TDYYHBW4
ETag
"8e31b8b47c618ed73e5b31011d1de037"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
REpVvOoJcDqaTVweBNndga3UPAB020r4lpMrBZrDM9J2FYXHlEKnpNF8U3VVM3Nxxnpg8+UGx/U=

Redirect headers

date
Wed, 28 Jun 2023 17:59:38 GMT
via
1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
LambdaGeneratedResponse from cloudfront
location
https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
content-length
0
x-amz-cf-id
rTsBZ4CLP93c6uimLJGK8AwCIzKcO0QiRygnGNf4XmH7FwaLqEIbsA==
dv-measurements4050.js
cdn.doubleverify.com/ Frame 0A79 		543 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements4050.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.123.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-37-123-209.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
e1d64dcce03bbb7c2bd033767a73cd36fd3d14f2f9f1424e1a184f37038938b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jun 2023 08:54:41 GMT
Server
UploadServer
ETag
"5a377c6b590ab29192c9d6aaadc2c413"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
105238
Expires
Thu, 27 Jun 2024 08:54:49 GMT
reloadCampaigns.js
api.bounceexchange.com/bounce/ 		43 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=1413&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAOAdgE5SBWfU4wqgJk2AC8QoAGTAdwFMARjlTA+AfVQATKI3LFimAE58cIADZw0GAoU6cAHvkZ6lfGH0XLFUBHx44AdAHMQIJ2r4OkIALbYAhmpqqAhOYnCKalAAFsDAAA44AKQAzACCSYwAYplZPPkOcDg+-k7+rCGe3j65SHweAooiAJ4AtD6+ydm29rlOPM22wNGt8YHAiiD2raoI7SA4Kq2oOK1I0U2rJYpoCKvAPCHLcz2j0SCguZgAbisiYt4gANaofFBJpABCmYxq8T+pDKMRixBJdKjpTJMHKMaH5HiFYqlcqVLy+KHZOoNJrANodHzg7p2QlZfqDPjDUbjSbTWbzRarFZrDZM7a7faHOZHU7xc6XWHZAGMADCP0UAMhwJ6jhcbg8aJqwMyouBfH0ErSRDIlEIlFIKXkyp+KzELjEDOEGA1EzgfCNwJNTni5pUloQGpggUWHwAIthXC83h9vsDJFINT98DQ6AAWGMpGPEKiEGOcMikRgpIUqxi3SQarUUai0QiMGOMJMx+25iNfH44OACHwiUSSMQYYSiD1eu0in4CJDxSYwVAecNKyWMT1qb1K0g+6swa7AAskIvRwjV-wgDWcat-CPA0GJKGS6EYvIFIolMoVWwKi9YwQ4vGdC-Si9koYjMZqCZTVY6Q6BlllWdZNnafwdhCDkjm5OwzguHcBRhRgty6ND0j3PtgWueJrgLat8wnIFGGItCcMYcUSJ+aVnFcdwqnRJVKKQZdV21YtSE3SjhHIwEs0opwkGozC0goatFTE7CczUdiSMLSgN19G4oJwABtMYnHEXF4j4ABdKAoLQJAPFUxQNLzPgQDEW5hAEDxDJtPhzI04zUFM8QEH8HwDKgABxAZv0yTgAAVqSmTJSC6TgAGUrWMABZBYVBCgBJGLhRZGLEvc91GGikKABVORCkIQoAOTsELQr5EBXPU9zPIefxRBcRRmkMgBpKQcAayQYGdRQHJAJAnkMwI1CmBr-DbOzUAcvznIajpJECWy7kWwzp0WBqGybFs+DbDsRD8naXOuNT1IEfwxpHIIxEkPh4im5pfIQYBDIagchxAe6+CkbaewaxAnp2DBxHmraoGWy6LPU7wPr4D6xGAUocEMp9GhaZUsZfEK1skLphWFepnxx4weqJ3Gyex3EQvxYm8YpzgPxFKr7H9Z5XlR1wxDUKDtNgYGBHiLhMApMX1IAIiajxpYAGmlpBWr4drmkV6Xzl86X9MweJgDwOWXOqF7UH8ZBxBgAWnCgTABvidTDJjCEBTjZN7cGp2oGTchZEzFIaE9x3nddqhOEzJNg+9l2UhSTgXfwThSBuaJ-HF-CpAIJQ-2aPSoBKBA4ECHPvN8qAQhEH0KT4FB0AQIA
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
d158422c123eaa0f1cebb99fbaec1548945ef4a690e8bed8bbc366994a1e42e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 28 Jun 2023 17:59:38 GMT
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
32
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
reloadcampaigns
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmH1DCAD6JAJ7IQvHqwDMAQSnUSaOIym8AwlIpoYICEJ040DSX1kK+JYITPSeWvkpWMhWJHYtSA4gHdRWCAkABa8AAwAClBg1hC+AOQ44QDKEFjhALIQOEzhAJJJPGEawTSFYRnOWInhACq+aOlFjeEAciC+4RHBEGTqDorAyqrCCCQgGBDAouryUgDSuoX2jjwwAGbIQsAMEHAA1rOWPNGQneYDTjCGaMamR1LWtv2riBAw0Td3auZzfOvRHIvKQ4Qh0RBoEjja5pYzjB7-QGeS48OhQA7rNBgMBCPTISCiRAgLAkBH2FZSOhwZDACCYxi6MkAsBAi6rQhYPRDNLCIwmH7SP48J7I1ZwNLjEkiKAYZZePhwcAgOg0MSaRWMFWQmZFD4wQoaDRKrVqoqLfXq42qnVhN6IA0a5XW8KBXwG9pu9TsAAiADJQJBYAgUOhsPh3ETmI1Id6giA4Mo0v7wNB4EhUJhcHgxBJmIgoFhCNFfW89Mwwr7fMq4SBdMweABOAAcTd9fOUMGYAEYAGxN9gN9gAVi77B7PAALDwm0OJ769DpFXWuyP2E2JxOZBOZz2J2F++weDJfQIQDoOsvfTkAI62LBLztz1RoYlQtBE0jp7t9gfD0dNnshx7X1n1fKBkDQCgQGAYw0mYEgZWPBcVBAZgYBPGVhBzVDnBGK8IEIYBFWYKs6F9TCSWYYhoKAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
t.gif
creative-p.undertone.com/sparkflow/ Frame 63C9 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/sparkflow/t.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 17:23:27 GMT
x-amz-version-id
IcOD_eR.P5ro9UPpxqqFtzKQyB_1MbgR
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
1643772
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Wed, 29 Dec 2021 09:45:37 GMT
server
AmazonS3
etag
"325472601571f31e1bf00674c368d335"
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
2_nW0t4DzbJJGrAdvFuvZL5qxYXjvXgGT9RZzxhSj5sh0Gvl7kB-YA==
placeholder.jpg
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/placeholder.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9a40913b22b5452d4a1d2c236a65081eef062b9dda56b71a3808d5d9a01dec2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 06:02:48 GMT
x-amz-version-id
EVFTm0laOFt9Szimpn3ivc8eR4nHybWy
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
43011
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
content-length
155832
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
etag
"10c8453e78e9396fab0d4dae9833db85"
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
_0t73kZpgme4xVRAW5Ta1nK74pnWHgh_a_N7CfPYLE0BlwsEl0KouA==
bgP_upd.avif
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/bgP_upd.avif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
865bd623147d5fce5425f5a7f8d318057c9ab696959654aed78e3665e53f0c5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
XkmMfBKFcdKQoJ97S9ld3JG_jXH8DmCl
date
Wed, 28 Jun 2023 11:20:51 GMT
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
23928
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
105184
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
etag
"652b3d68310cc02fe295a9dbb58989d1"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
x-amz-cf-id
w4Gv-aHuNL8hMmZ8F441n-RM9Bq37GZ5q3aXzcK_VGV5P3xctPuwcg==
staticP.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/staticP.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91b2f9ea18cf42c1dd00bbf02dead146103c5cab5711605305172a4873a9c514

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:28 GMT
x-amz-version-id
Z7ryMsNcWFes1xRevFm4jMMSwljxwbO7
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38651
etag
"1be69267214517a8f64f4aa8c915f8f9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
11556
x-amz-cf-id
G24hov0wOdVLvXk6bo0HCFd6XTwgJpUqtTXNlWFtI-QPY9IpevUhCQ==
header1P_new.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/header1P_new.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89388174f3c0be298a18d3b303aff1e4c6912e35d59fb1509d19fa479cbd75ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:28 GMT
x-amz-version-id
p7YNf7V8Vj5lhMb1JLNpPf_4Lf6v0SUl
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38651
etag
"daf57acd769060f0f22f67b7eb4ece5c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5662
x-amz-cf-id
trjLPuatsiGGXRtK_Zuwh42RnKOLPxMADgJ_ZIetkyBSXKJ7Q5PAow==
header2P_new.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/header2P_new.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6aa663a0c68c9b6ec15910c6ff560010d81729334bc484f933b758e4f2adbb7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:10:44 GMT
x-amz-version-id
ZHno_qXho1SpfE78zz4SSUAUdlsILTzy
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38934
etag
"8a7ceaa14effe049587353c1c3e206f9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
6608
x-amz-cf-id
_nHlo8mQyBWlNb_9N40zD5PTUOs4TjTAe_7_mRE-NNT1psmxuKPF3A==
header3P_new.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/header3P_new.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57238354ba955b2867497c6a0dbdf286fe9011d21aae1afef7a654761e63c405

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:10:44 GMT
x-amz-version-id
QS_23BG7TzW5jCoZ4H_PtcYlPO43C6zW
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38934
etag
"d6f7da95bf7aa683c9ccc1eac09a1e4b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5494
x-amz-cf-id
XuSI4bT0pLE41_kxKZ1zS65kOiyFhUzLojMUQ8MycKdaZAqNT6EPug==
click_textP.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/click_textP.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30e11696aac8e135fb343489b5ec4bfbc2935b9935e9d82268544e5c63bf5b0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:10:44 GMT
x-amz-version-id
ah3556.3rqnK4NsAnYRt98VFa5D9rIR3
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38934
etag
"00b7de2c553c1f75e3d20bbe10b6efd2"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
3974
x-amz-cf-id
3U67GpIi9i1bI8GLvjB1U-e9LPu1tFtpCOre3SmP8byFS6L0XG9Bsw==
CTA_closeP.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/CTA_closeP.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe8f23b9025f3de6a85f12880254b9087c4340a92e458d0f6eb257fbd7d3f4ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:28 GMT
x-amz-version-id
7YLwlcLvadfj9F6Mz0QX_KKZRWXhYmFK
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38651
etag
"9a14394a0a118f9bb60c238ce85343cb"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5288
x-amz-cf-id
znbjYwa6pu3pSOMTBJLtXpOBKxFmQMkP8QkxZE76bD_53XwawoBa0A==
immerseP.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/immerseP.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67acdb5ada744981d4778d502325c930af0942d2768ff0d8d8aeb49db65f18a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 06:02:48 GMT
x-amz-version-id
szuYqHyChfsRWNpsaRXwbDX9hP.VYKMR
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
43011
etag
"16be62600c014225ca92ea3952213463"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2536
x-amz-cf-id
uyLzsYxD9RR3XX6SIyb3gfF_IuvfPRQP1lviwht1doP7pkA2xB26RA==
volume_offP.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		630 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/volume_offP.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
613fafaa54d7b0fe7a430c1f06e94f7113e68b1d8469ae093d84b5106f7158a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:28 GMT
x-amz-version-id
j.1SqIHgSPeX2YxU8w2agQv0Wit_eBZj
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38651
etag
"e85c974c1242d4830921d86ae6dcf4ff"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
630
x-amz-cf-id
EI3Un87ghkcGgSNnYbroaSGYHyZ8KO0AD2u49QVUvyzUiYFUFHF1MQ==
volume_onP.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/volume_onP.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19edccc807b256204f4d7208810d9532fa74a80aa853b8af1901304015466e76

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:28 GMT
x-amz-version-id
msW.lKo0Z6_eUktJ9Nvf9rUmih_neipV
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38651
etag
"76b88d2ef102db9e9148f052c3df27bf"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1090
x-amz-cf-id
Ix_zvzrYW2wRiliTXgRLRyikTYThvHbkprVzpJOt8zu5lr6ZrOCvRA==
last_newP.avif
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/last_newP.avif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b12c51067503554e46d674dc5f02dbb2963c4667ee7c21fcf24a6f5339dd9168

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:28 GMT
x-amz-version-id
ltEjKURlvIFlay6vwLC12s4p781PKG6R
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38651
etag
"a75cc7784f721d48166cf76aa7c0bfd5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
26747
x-amz-cf-id
jfbQMXlfB1nf3MCthE80pY0_SUW-GqJsSX-pkoE_OujDIip7dJO1hg==
slider_new.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/slider_new.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24b828c3b7fead011ae000e7d15061acef156d3383194e098c2286a1f4de4e6e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 06:02:48 GMT
x-amz-version-id
Bo3f7cpM.DX5IJzCloDkg8tGAgAzt0HR
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
43011
etag
"f807d0635fc1e11eabcc3070680f5d66"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1140
x-amz-cf-id
Atn-gkkOHVTo5RknoVO2BQJeZolFTK7Pw-M2nyD9lewIoTUMSW0qtQ==
rocket_upd.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/rocket_upd.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2847dfa98900ef64c88669c2086ee40dd77574a2e1aaec81d729f9d4a10dc27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 06:02:48 GMT
x-amz-version-id
ArE1l92NsoTS6gbvLKoEVAN8sjOP1Ubx
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
43011
etag
"7ceb4567fa6e89215531360cae38d027"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
7388
x-amz-cf-id
D7s8dbSxFWFgTdUJazllZiNoTGreaTXWi_6c5SdqtY5cMvwa6zSxNw==
intro_updP.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/intro_updP.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
826c70bfaad8ef409172685d48a1be622339bbb3d39a4dfbe1603e96449fc730

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:28 GMT
x-amz-version-id
lS.xe.CRfYepJeKSAivbMk9mR0KfsVzL
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38651
etag
"9315f04ebf369c1a197ee1cd465d74ac"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
35534
x-amz-cf-id
YZWM6qfgU0ZScZQnBa6Z49OZ3XI86szBV9wGj5DlJqjJ8FG_ky6r0Q==
restart_rocket_updP.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/restart_rocket_updP.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
851d7a9a350528d84075702244c7734dfc06fd97d2acbdd4c01a7e0352d65df2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:28 GMT
x-amz-version-id
RPIxYGC7OWJ73cYgVZJaTfCcAAx84yR3
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38651
etag
"bc404b4f80b9c410ad5806b44a12aa23"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
4864
x-amz-cf-id
bnhe1cLsI1TkoDrEPOHGXCOljzu6oZd_zjq1qOePeNtk0Kjd0RR2Bg==
bg.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		418 KB
419 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/bg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9269bf5c2f646f0f965d2cdece92a5a569269b942f37998989c82396ade5ee60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
X236FOAhR8DthghDOa1r2hq_KDexHnC8
date
Wed, 28 Jun 2023 11:20:51 GMT
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
23928
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
content-length
428122
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
etag
"54bf4f706c498436148faa83197a868a"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
x-amz-cf-id
Ep4i6H-x9-zP7QGEuUo_fI3qFVdHAIZUqo61vlgzlIUh8r9VlCFoYg==
bg_copy_new.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		388 KB
389 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/bg_copy_new.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
280d04e42c8eb6cc9e4568c70bc8beacd6b7ebf866887fc344bb057daf9b749f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:28 GMT
x-amz-version-id
aG6FNbXT38S1iWYFd8_5cD3g5qMBjLe3
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
38651
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
content-length
397338
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
etag
"1b76201cb51a4e0b7e688f88ab1336b4"
content-type
application/octet-stream
accept-ranges
bytes
x-amz-cf-id
zsRD2Tx2q6QLmkVGSknsI9F4pi15jkpmCOvFoRNKP79ea6eUNSgK5A==
immerseL.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/immerseL.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
457caf2b94051a7fb43b96ec64ea3eb2d91144e340aa5b11ede41bc28f83522e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
e0XiriX1eHWkneVrusq4ZIR1dDVbpkc0
date
Wed, 28 Jun 2023 11:16:19 GMT
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
24200
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
16140
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
etag
"5935b01b152bc4047b6d1b8ba0754281"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
x-amz-cf-id
2a9Q5ABuOGDOG3Ha8Ql6ue4GKdAcSvjHMTPOmhnsd3eiUhzFC0WsuA==
volume_on.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/volume_on.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e46fea233c2bbfe9a17822f512d780ed8d09fc6d2a437e9ecd72019a1f3e2399

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 05:52:03 GMT
x-amz-version-id
ZbS6R6s9ZfnECXFAFlVQVjfrDdQurKUJ
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
43656
etag
"fff4e9645e05889f60e930e5d3c4ccc5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
13816
x-amz-cf-id
q27BKAG03bLMTEzGFMrLko7kVtLwlNF5hsBHLT1ZWDpnjvOnZVs46A==
staticL.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/staticL.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
544049c9050ff589198c8add576f060fe5ad43269d839e160771c0168bec535d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:28 GMT
x-amz-version-id
WmyjfviLp7aPILC8AtuTYfjHoxJ9MXoU
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38651
etag
"e7d2ba2c328346c432d6140797df7761"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
25530
x-amz-cf-id
igAlJ1R2AIar-P8EwHR3oiXego_S2MXdpCCLj85w_n5vodyyfMlOuw==
header1L.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/header1L.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fc2ad704c81ba68e7d4f6b0b0d4a5fcaf6218b3f712f1036a2dbdb49a219291

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 06:02:48 GMT
x-amz-version-id
_yalpdmNNL5dAFmitUJanumR0aYl1s4G
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
43011
etag
"0569263f25cd8a50b426e4e63ff824b2"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
16376
x-amz-cf-id
-sM4eOjtCO4S-t4173x46OioVPr0EJ53t2OkuTMTlzku2VD5O0tp4Q==
header2L.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/header2L.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5218536cabf209034f524b9deb4f13e0173162c19a38584f1d63511a8341dda8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 06:02:48 GMT
x-amz-version-id
HKTb8HnixkeIJDiv.xlF.6_P7QNYM.ZR
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
43011
etag
"51dd5fb651cae7be6642d3e97b0e8903"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
18344
x-amz-cf-id
WV3MLMTEU_PD4z9L8mtt74c0nkWBFXkQoFNRE6A-JKC69Z7MotKTvA==
header3L.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/header3L.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52578d44cd462b14c8a83902395278c5647930a8c90745cc3b29fbe2eac1b287

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:10:44 GMT
x-amz-version-id
w.q5F6rYIpb9mxU.k1_Psiq.JSHahvGf
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38934
etag
"db5d0b5afa9b55a9077f372913d98074"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
16424
x-amz-cf-id
EYbLx6KFFU7peA1EmrUuiJwM66WqxIPTVDN-gnu9Z6BR_L4OtN3LBw==
click_textL.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/click_textL.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a2e1f1e87470e3dea4195dc62f917508e53204b6b7ccb7c220bed6971b8f46

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:28 GMT
x-amz-version-id
S_sl2a_8n4SC1ZwP3clA0XfJHBVpuiKq
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38651
etag
"67710c294bac8ed2c3106db7789333b7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
13154
x-amz-cf-id
FmKg1o5hF42HMmMk1kuqiq9nQ_TP-cORLOcyKvSTO7cVEXEfvWEW_Q==
volume_off.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/volume_off.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
660d11456ba3a79e0077a0c33ac8bc429958cfe53f1a1184ee424bc13efd1dbe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:15:28 GMT
x-amz-version-id
hK5KqGpcdljQTWqtTghy.W2BaScgXevM
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
38651
etag
"f8f712b20b42e6fe8ec896a0213425bb"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
13110
x-amz-cf-id
9799u5sN360uTj6TxlYVfvBPgDFp2F5uW4o87YwsTceL34AHlmqVIA==
CTA_Close.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/CTA_Close.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a647efa089c95466f6c76847ea9e6967244fb910a99cec18c65f30f48f171f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
svyZC.kAsAG7COdp8I70j8LPpr5uoiil
date
Wed, 28 Jun 2023 11:20:51 GMT
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
23928
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14950
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
etag
"3a7efaf3ba50542570e4401e6eda9346"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
x-amz-cf-id
vs2QhFC80JLlJmneGq32XTwDtaP2ki5xUVhlmtwKHAQCDBJilk_JGQ==
lastFrameL.avif
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/lastFrameL.avif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9bbd180159be2093620125e27d413f06e878ffb5cce0f2fe7a48954e12e07e5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 09:30:56 GMT
x-amz-version-id
RewYQtjHy0z_8XTXqjlvqTCQawgGMj48
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
30523
etag
"06839676ce2458fde304cc224b80d377"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
82866
x-amz-cf-id
-KhbH8PjgGVzo780FY8UrbYlP_0l0CokT1cYYpise2rx4VyjXWvwgQ==
CTA_play.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/CTA_play.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eadba0b8512a2f1fbced9923bfa21eb9753b2589afbfc042fa4b6851699f1a8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 09:34:06 GMT
x-amz-version-id
n4d4aNA9v1t_w_PYMF0ILwSe5Kxa5.Fr
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
30333
etag
"d4aadd593b79f589834cc6c377cfa8b1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
14684
x-amz-cf-id
YWY_qEeU6HzjnLQXXYv0oiC8qAZw_FrFpgOhfGZ_8T2-YDQlzz-b0A==
intro_bgL.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/intro_bgL.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b451618dcd287308ec9c1951997a4944e8cc90b881194e71c1c0d290ebc15d5e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
C_THD.PRd1LEivVR5wcvjldjZynFQ1nA
date
Wed, 28 Jun 2023 11:20:51 GMT
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
23928
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
12450
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
etag
"4517e081b2e139f933b5d1648ea7c817"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
x-amz-cf-id
IHQFay_cdnU4uW58uiAI-vcMWOaQt_lpGAJPSYMuayWZ3yEHrottqg==
intro_text_updL.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/intro_text_updL.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14c178fc653f5931c574aef28fa4ff9c6ab069638767bc272893c1ea7f33fbc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
yn7KFTYxbjqFDJzRyy0beZ.YH5aClGGT
date
Wed, 28 Jun 2023 11:16:19 GMT
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
24200
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
38830
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
etag
"5f8c3567891c2012fecec7db37f3d2ac"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
x-amz-cf-id
NjyKygyFE9uFbY9U8P_SM0lqiO0oYJkmmirrZQbA00n-rm8QON8Ndw==
restart_rocket_updL.webp
creative-p.undertone.com/2150/102647-1674491457/ Frame 63C9 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/2150/102647-1674491457/restart_rocket_updL.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3417025da64670b20d6c8856cc7e94ba44585c2bebc39e4a244834b3bdab4546

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/2150/102647-1674491457/m67-0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 09:30:56 GMT
x-amz-version-id
xvLL8JvbaJ6WpDw.TZZSEjsvJ2JFbznO
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 16:30:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
30523
etag
"61975713880fda2958555179c753afc4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
14520
x-amz-cf-id
VOy4vtO8eFAcSROwGT0s_mWGS9dTHj4ti_EJ8vptLYODJ6Gl9vITUg==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:39 GMT
x-amzn-RequestId
e67d8f02-79b6-4b01-bb6b-f8490249c1f8
/
kinesis.us-east-1.amazonaws.com/ Frame 6985 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
e439c393873181f818b7029f93d96afd4c6c164fcbfd31dcd12eb394af02808f

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e8de8a5f60f281649edf06d2d6f233253abd4f62b996055ae576b5a8d18136cc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
332a07d9aabcc041b063b8c1a03b9e20816b7f26d8c2f7c8dfd183f5d37de270
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175938Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:39 GMT
x-amzn-RequestId
dbad2275-5fd6-05e9-86bb-553e24298f10
Content-Length
133
x-amz-id-2
9Qe81ikxZRWlVQwXH2xqJ+mUdg8QU3LrAbBNgHxXxTK9SmZp/stjD//b2XJkOhQY+tLtCsQBACRjegXN/jREuzbVcMp1BjD2
Content-Type
application/x-amz-json-1.1
visit.js
tps.doubleverify.com/ Frame 0A79 		711 B
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=447&ttfrms=31&brid=3&brver=114.0.5735.198&bridua=3&bds=1&tstype=1&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DFD%3E282K%3A%3F6%5D4%40%3ETau46%3D63C%3AEJ%5C%3E%40%3EDTau%3F6HDTau8HJ%3F6E9%5CA2%3DEC%40HD%5CD%40%3F%5C%3E%40D6D%5C%3AD%5C49C%3AD%5C%3E2CE%3A%3FD%5CEH%3A%3F%5C%3A%3F%5C%3F6H%5CA9%40E%40TauU42%3FFC%3Dl9EEADTbpTauTauHHH%5DFD%3E282K%3A%3F6%5D4%40%3ETau46%3D63C%3AEJ%5C%3E%40%3EDTau%3F6HDTau8HJ%3F6E9%5CA2%3DEC%40HD%5CD%40%3F%5C%3E%40D6D%5C%3AD%5C49C%3AD%5C%3E2CE%3A%3FD%5CEH%3A%3F%5C%3A%3F%5C%3F6H%5CA9%40E%40Tau&srcurlD=0&aUrlD=0&ssl=https:&uid=1687975179053923&jsCallback=dvCallback_1687975179053317&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1285&wouw=1600&scah=1200&scaw=1600&jsver=4050&tgjsver=4050&lvvn=28&m1=13&refD=0&referrer=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&fwc=8&fcl=3561&flt=13&fec=3605&fcifrms=32&brh=2&sdf=2&dvp_epl=439&noc=4&nav_pltfrm=Win32&ctx=43425&cmp=DV310070&sid=undertone&plc=DV-UT_Viewability&btreg=div_8a062bc015dd11eea9f9174ce71884e5_0_0&adsrv=103&advid=3819603&turl=https%3A%2F%2Fwww.usmagazine.com%2F&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PP_REP=1&DVP_IQM_ID=37&DVP_DV_TT=1&DVP_DV_CT=1&DVPX_PP_IMP_ID=ff074964d0b7408ab310ab92cd61d2ee&DVP_UT_1=1887944&DVP_UT_2=494396&DVP_UT_3=339664&DVP_UT_4=121020&DVP_UT_5=75&DVP_UT_6=708725&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=21998537371.76948&dvp_tukv=423843517029.4688&dvp_tuid=1532754158004&jurtd=1780673590
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
82b52ba8cd7ed3517f8be5d10de319965b0c52092e29185ef78e9a00d1ea6299

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:39 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
06/27/2023 17:59:39
cb.png
creative-p.undertone.com/sparkflow/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative-p.undertone.com/sparkflow/cb.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-20.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd1057116f65b1f7f434eb95cbd998439b33f94ec4473ff664acf735264e9b8b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
KSrXzKL1_3nC2UT46Hfiwo7VobAqt5zB
date
Wed, 28 Jun 2023 08:15:22 GMT
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
35058
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
content-length
3874
last-modified
Wed, 29 Dec 2021 09:36:40 GMT
server
AmazonS3
etag
"a527afcdf616c3797413b0b022cdf643"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
f_F7pd0thaIYPmpvzQHiHDbzr0pK1Kmx4R8KbRHDYP5r1tBQpjretQ==
e
evt.undertone.com/ Frame 2B12 		0
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evt.undertone.com/e?bannerid=1887944&campaignid=494396&zoneid=195636&clang=en&ccat=2306,91652,69126,22025,7435,69132,47886,91664,44566,32793,69147,17183,18208,91680,17186,140832,17190,91688,134697,10288,91696,16951,154677,92985,91704,88384,91712,47937,154695,21318,21320,91720,88395,152392,79178,154702,7501,5198,46159,154701,91728,129104,24657,24146,51796,151895,130391,7510,79192,91736,7513,110424,15963,117087,17764,88420,7526,20838,19047,7527,135269,88425,33128,7528,30824,7529,7531,7532,13422,7541,35445,128889,88440,7545,145784,7546,145785,5248,7553,7554,5252,140682,140683,44682,12940,5261,46733,24728,69272,44697,10395,134044,44705,13475,93090,44708,18853,44715,44723,44724,17845,44725,152770,44737,69059,44738,44741,22984,44749,62413,18893,17869,12750,13006,69329,12752,44754,125397,2261,17114,3802,46813,47838,46814,43998,46815,128993,52962,154592,44774,140267,44779,16621,152301,69102,69109,130295,47862,36087,36088,69369,121082,25086,139773&cb=41539552240&bk=rwz5z9&id=ff074964d0b7408ab310ab92cd61d2ee&stid=3&uasv=v22&st=https%3A%2F%2Fwww.usmagazine.com%2F&ut_pii_allowed=1&pid=121&ut_placement_id=121020&aduid=75&io=708725&io_li=339664&time_zone=America/New_York&e=SF_start&eid=ad&_=1628067780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-110.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:38 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.usmagazine.com/
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
LEhdbzgLfczQZw7eq9ozYqa5k0zsG4PkE8naG7LnJ3BOrnInLPAknw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ads.sparkflow.net/e/ Frame 63C9 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.sparkflow.net/e/?i=101248,102647&uid=8a062bc015dd11eea9f9174ce71884e5_0&v=201&e=%5B%5B%22ads%22%2C%7B%22state%22%3A%22default%22%7D%2C%22%22%2C0%5D%5D&x=ff074964d0b7408ab310ab92cd61d2ee&t_id=&t_variant=&udms=%7B%22rid%22%3A%22ff074964d0b7408ab310ab92cd61d2ee%22%2C%22zid%22%3A%22121020%22%2C%22cid%22%3A%22494396%22%2C%22bid%22%3A%221887944%22%7D&sfcb=ljg0u7w9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.149.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-149-108.compute-1.amazonaws.com
Software
istio-envoy / Express
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://creative-p.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:39 GMT
server
istio-envoy
x-powered-by
Express
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-envoy-upstream-service-time
2
Connection
keep-alive
Content-Length
43
6_source_146939_803979.mp4
s-static.innovid.com/media/encoded/01_23/599402/ Frame 158C 		160 KB
161 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s-static.innovid.com/media/encoded/01_23/599402/6_source_146939_803979.mp4
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.47 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-47.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
037e3d4946aefb90b811ce453185a59d052a735ae54db78bb0a36d82b0be5b6a

Request headers

Referer
https://www.usmagazine.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=688128-

Response headers

x-amz-version-id
eXMZdfCfiRAF9YzkPucj09Usmow_.Gmu
Date
Wed, 28 Jun 2023 17:59:39 GMT
Last-Modified
Wed, 04 Jan 2023 15:47:02 GMT
Server
AmazonS3
x-amz-request-id
1KG9H4QN25KVRDGB
ETag
"499eac23a3190e4352f1d89c4101ca35"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 688128-852357/852358
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
164230
x-amz-id-2
fh1qxkV7qvmwfsscRYLxg4R0Acp/XFZeOVP2UAOWwtzpQFJKs0pja+JoZQ6f6J6WRPNwM/mNZkA=
/
ads.sparkflow.net/e/ Frame 2B12 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.sparkflow.net/e/?i=101248,102647&uid=8a062bc015dd11eea9f9174ce71884e5_0&v=201&e=irv,,&x=ff074964d0b7408ab310ab92cd61d2ee&udms=%7B%22rid%22%3A%22ff074964d0b7408ab310ab92cd61d2ee%22%2C%22zid%22%3A%22121020%22%2C%22cid%22%3A%22494396%22%2C%22bid%22%3A%221887944%22%7D&sfcb=ljg0u7y56
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.149.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-149-108.compute-1.amazonaws.com
Software
istio-envoy / Express
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:39 GMT
server
istio-envoy
x-powered-by
Express
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-envoy-upstream-service-time
2
Connection
keep-alive
Content-Length
43
creatives-base-styles.a53944a2.min.css
assets.bounceexchange.com/tag/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.a53944a2.min.css
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 06:07:00 GMT
content-encoding
gzip
age
42759
x-guploader-uploadid
ADPycdsoXcuo_P421vDaN1U7D77Iloq74HeS6NkVlqThWkGswwBaCPwpBHwj0-ayJuJT8jHvKOPsGjP6hD1cT-nUgUqNnREcZ1S8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6053
last-modified
Tue, 13 Dec 2022 17:12:22 GMT
server
UploadServer
etag
"54f61bdcbfb6f81427c8a6803f48b02f"
vary
Accept-Encoding
x-goog-generation
1670951542233151
x-goog-hash
crc32c=lLRhfg==, md5=VPYb3L+2+BQnyKaAP0iwLw==
access-control-allow-origin
*
access-control-expose-headers
etag,Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
6053
accept-ranges
bytes
content-type
text/css
audio_v3_edited.mp3
ops-cdn.undertone.com/clients/space-coast-tourism/ Frame 63C9 		247 KB
247 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://ops-cdn.undertone.com/clients/space-coast-tourism/audio_v3_edited.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-55.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1c97cef3d44d885cac0847670a70b2f98d9a7784b87c35f2965473f7659e84a

Request headers

Referer
https://creative-p.undertone.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 28 Jun 2023 01:11:24 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Mon, 19 Dec 2022 17:17:01 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
60495
etag
"380206d933fa2a3f8c14e94c403fbaae"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
audio/mpeg
x-amz-storage-class
INTELLIGENT_TIERING
Content-Range
bytes 0-252665/252666
accept-ranges
bytes
x-amz-cf-id
Xt6YuLkRaJWvM_Jk-DWmx_NTFIG3t74B-TJxNPg2HJR44vD28XWACA==
Content-Length
252666
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.usmagazine.com/
Origin
https://www.usmagazine.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 05:29:21 GMT
x-content-type-options
nosniff
age
45022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13976
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2024 05:29:21 GMT
pixels
pix.spot.im/api/v1/ 		0
230 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.6.8/launcher/971-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-91.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Jun 2023 17:59:39 GMT
via
1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
pc7yPxdi08n9dHznbuOE-p9GjsJ2Wsu0VZwbqcf7Z_UXS-KdfIaaqw==
PugMaster
image6.pubmatic.com/AdServer/ Frame 9227 		573 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21916255&p=160545&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f246d5ce051b7a2470b2532d7b516258ddaff25a72647209bd78b23b8cb02fd6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 28 Jun 2023 17:59:39 GMT
content-length
573
content-type
text/html; charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame 535E 		0
130 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
js_tracking
tags.srv.stackadapt.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&uid=cvc4Bf9XTn0xVrh6Ojykuw&v=1&host=https://www.usmagazine.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.202.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-202-51.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
date
Wed, 28 Jun 2023 17:59:39 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET
75145
i.liadm.com/s/ Frame 9227 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.133.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-133-75.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:40 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
qmap
sync.crwdcntrl.net/ Frame 9227 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.30.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-30-65.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.42.194
content-length
49
expires
0
/
io.narrative.io/ Frame 9227
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
  • https://io.narrative.io/?io.narrative.guid.v2=8d7f25e0-15dd-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=8d7f25e0-15dd-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Protocol
HTTP/1.1
Server
54.205.176.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-176-242.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:40 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=8d7f25e0-15dd-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
Date
Wed, 28 Jun 2023 17:59:40 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 9227
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWVhQVpsZ1dJQklSTWlTVnExdU5NSEN2Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4662830998819244376&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
35.169.232.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-232-116.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 17:59:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 28 Jun 2023 17:59:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
SPug
simage4.pubmatic.com/AdServer/ Frame ABEE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156512&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=37e3873f-ff20-0f99-31ee-ace7bf98e81e&tv=%7Bc:gRbmJE,pingTime:5,time:6414,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1013%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6414,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1013,wc:0.0.1600.1200,ac:315.190.970.250,am:i,cc:315.190.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5637~100%5D,as:%5B5637~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:949,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c*.928572%7C1c1%7C1c2%7C1d%7C1e.928572%7C1e1%7C1e2%7C1e3%7C1f%7C1g.928572%7C1g1%7C1g2%7C1h.928572%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1015,sis:1738%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
error.php
api.assertcom.de/ 		0
310 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/error.php
Requested by
Host: 8fby8peddod4qetsz.ay.delivery
URL: https://8fby8peddod4qetsz.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.211.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.211.175.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=61aa82ee-fa3c-9af6-776e-e30dafa96c82&tv=%7Bc:gRbmMy,pingTime:5,time:6559,type:p,clog:%5B%7Bpiv:71,vs:pp,r:,w:300,h:600,t:1231%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:0,pp:6559,pm:0%7D,slEvents:%5B%7Bsl:pp,t:1231,wc:0.0.1600.1200,ac:1130.772.300.600,am:i,cc:1130.772.300.600,piv:71,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5368~50%5D,as:%5B5368~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c.928572%7C1c1%7C1c2%7C1c3%7C1d%7C1e.928572%7C1e1%7C1e2%7C1e3%7C1f%7C1g*.928572%7C1g1%7C1g2%7C1h.928572%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1232,sis:2256%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/7d6ccc6c-1e66-4f90-ae03-c0adb1081221/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:41 GMT
content-length
0
vary
Origin
ev
ads.yieldmo.com/v000/t_tkr/ Frame 158C 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=vprog25&bitrate=300&ct=3.81&decodedFrames=95&droppedFrames=31&dur=15.06&height=360&isInFullScreen=false&ui=0&volume=false&width=640&fver=0.0.0&crid=2230414324961059571&imp=7043891257122629690&plid=25171153787&pvid=3306094453373607066&fmtid=53&offsetX=0&offsetY=0&pvt=1687975170974&stime=1687975181978&etime=1687975181978&viewportHeight=1200&viewportWidth=1600&adSlotLeft=772%2C1130&adSlotRight=772%2C1130
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:41 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
insight.adsrvr.org/enduser/video/ Frame 158C 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=firstQuartile&imp=08f82aee-836b-40b1-a0c5-462f70f8c071&ag=weznb10&crid=chsv8n1a&cf=5128590&fq=0&t=1&td_s=www.usmagazine.com&rcats=&mste=&mfld=3&mssi=&mfsi=&sv=yieldmo&uhow=84&agsa=&wp=2.152562&rgz=69026&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=2052105591845454873&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAI4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICGi80MjE2L3Vzd2Vla2x5L3JyMS9hcnRpY2xl&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&npt=&adpt=ym_lyieldmo&fpa=179&pcm=3&ict=Unknown&said=3306094453373607066%3A0&auct=1&tail=1&sfe=16d3f503&vp=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:41 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
1x1.gif
ag.innovid.com/ Frame 158C
Redirect Chain
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&devic...
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&devi...
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=vpoint&event_id=percent&event_value=25&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
3.132.38.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-97.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:41 GMT
server
nginx
content-type
text/plain
location
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=vpoint&event_id=percent&event_value=25&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control
no-cache
content-length
0
expires
-1
pixel.gif
px.moatads.com/ Frame 158C 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&g=2&q=1&lo=0&dc=1&ak=-&ac=1&bq=7&as=1&ka=1&ag=0&an=0&gg=0&aj=1&dz=1&ef=3&eg=3&f=0&gh=1&gi=1&gf=1&dh=0&hc=1&i=INNOVID_OTT1&t=1687975176174&de=17e2ih1687975176174&vz=17e2ih1687975176174&i2=INNOVID&d=146939%3A1271%3A3198042%3A17e2ih&zMoatAdvertiser=1698&zMoatAccountAdv=2779%20%7C%201698&zMoatSDH=15&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&zMoatTRAN=08f82aee-836b-40b1-a0c5-462f70f8c071&zMoatAccount=2779&zMoatAdvPub=1698%20%7C%201271&ott=1&rai=ROKU_ADS_APP_ID&yd=[OMIDPARTNER]&zp=20&app=[APPBUNDLE]&uai=[UNIVERSALADID]&cs=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:41 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jun 2023 17:59:41 GMT
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 28 Jun 2023 17:59:42 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:42 GMT
x-amzn-RequestId
fa03f186-5b3c-9e50-a715-86c820c314a9
/
kinesis.us-east-1.amazonaws.com/ Frame 6985 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
29b9c745601e836432712c2e447ad143862737ccd646ecc3eb45da04cad90549

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=60e48116dae823927a4733936a07e5e7ea4e4c4dc9879d9682c4f6677cef694d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
73daeed17334fe7a14d8c954b3da075c20dfd0634f376e7abc4d6dce72688bda
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175942Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:42 GMT
x-amzn-RequestId
db87efba-247d-e408-8691-98f45f826ef1
Content-Length
133
x-amz-id-2
Elr+T4ZaORkCRY5orpYlRLAfzNUaKKSmp2slWL7YApzymSChLDDliwnIsh+z1EHTdeqKOpIUEqSvCOjUi9NBYJ/8TErbgx7o
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6985 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=vprog25&bitrate=300&ct=3.80&dur=15.06&height=360&isInFullScreen=false&ui=0&volume=false&width=640&fver=6.9.43-F100-101-B285&crid=2230417036964471064&imp=3422352838061422437&plid=25171153787&pvid=3306094453347824865&fmtid=100&offsetX=0&offsetY=0&pvt=1687975170971&stime=1687975182285&etime=1687975182285&viewportHeight=1200&viewportWidth=1600&adSlotLeft=190%2C315&adSlotRight=190%2C315
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
insight.adsrvr.org/enduser/video/ Frame 6985 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=firstQuartile&imp=9f95ba01-2fda-4f1b-822a-4186aef14de0&ag=weznb10&crid=7vh6qvtb&cf=5128590&fq=0&t=1&td_s=www.usmagazine.com&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=yieldmo&uhow=84&agsa=&wp=2.817740&rgz=69026&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=2052105591845454873&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAM4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICHi80MjE2L3Vzd2Vla2x5L2xlYWRlcjEvYXJ0aWNsZQ..&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&npt=&adpt=ym_lyieldmo&fpa=157&pcm=3&ict=Unknown&said=3306094453347824865%3A0&auct=1&tail=1&sfe=16d3f502&vp=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:42 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
1x1.gif
ag.innovid.com/ Frame 6985
Redirect Chain
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&devic...
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&devi...
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=vpoint&event_id=percent&event_value=25&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Server
3.132.38.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-97.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
cache-control
no-cache
content-length
43
request-time
2
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
server
nginx
content-type
text/plain
location
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=vpoint&event_id=percent&event_value=25&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control
no-cache
content-length
0
expires
-1
pixel.gif
px.moatads.com/ Frame 6985 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&g=2&q=1&lo=0&dc=1&ak=-&ac=1&bq=7&as=1&ka=1&ag=0&an=0&gg=0&aj=1&dz=1&ef=3&eg=3&f=0&gh=1&gi=1&gf=1&dh=0&hc=1&i=INNOVID_OTT1&t=1687975176174&de=17e2if1687975176174&vz=17e2if1687975176174&i2=INNOVID&d=146939%3A1271%3A3192555%3A17e2if&zMoatAdvertiser=1698&zMoatAccountAdv=2779%20%7C%201698&zMoatSDH=15&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&zMoatTRAN=9f95ba01-2fda-4f1b-822a-4186aef14de0&zMoatAccount=2779&zMoatAdvPub=1698%20%7C%201271&ott=1&rai=ROKU_ADS_APP_ID&yd=[OMIDPARTNER]&zp=20&app=[APPBUNDLE]&uai=[UNIVERSALADID]&cs=0
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jun 2023 17:59:42 GMT
event.png
tps-monitoring-events-ue1.doubleverify.com/ Frame 0A79 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps-monitoring-events-ue1.doubleverify.com/event.png?impid=ea72c72c98e344078d73035617a1e73a&flavor=0&gdpr=&gdpr_consent=&ee_dp_lngtks=1&ishems=51&napr=AdLocationError__%3A%20t.className.indexOf%20is%20not%20a%20functionTypeError%3A%20t.className.indexOf%20is%20not%20a%20function%20%20%20%20at%20t.validate%20%20%20%20%20at%20t.scan%20%20%20%20%20at%20e.getAds%20%20%20%20%20at%20t.tryGetAds%20%20%20%20%20at%20t.start%20%20%20%20%20at%20https%3A%2F%2Fcdn.doubleverify.com%2Fdv-measurements4050.js%3A1%3A478866%20%20%20%20at%20Array.forEach%20%20%20%20%20at%20Qe%20%20%20%20%20at%20qe%20%20%20%20%20at%20Je%20&cerrt=2097152&jsver=4050&tgjsver=4050&ee_dp_lngtka=1&ee_dp_lngtkd=74&vdur=66&eoid=14&ee_dp_teex=0&msrjs=4050&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=0&tetms=28&msltms=15&vltms=66&sei=292&vetms=179&tuviims=478&tuviems=723&engms=1&engisel=1&msrcanlm=712&msrcannum=7&ee_dp_tmads=2378&ismms=50&isumms=49&nvr=6&isgmmims=50&isgmv4mims=50&elmtp=3&isbxdms=2355&b11=2580&adhgt=1200&adwdth=1600&vsos=100&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2580&sftb=2580&msrdp=1&naral=64&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=984&isuiabvms=984&isgmpims=49&isgmv4dpims=984&ispmxpms=984&engalms=47&engscrlms=66&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&vstsz=745&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3283&cbust=1687975182311698
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4050.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.120.32.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.32.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 28 Jun 2023 17:59:42 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
06/27/2023 17:59:42
eligible
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwFYCMBSATAYQCwBs2OKAnAGQID2EATgMYCmSoC5EAjkmpYwOYBbRlDhgYIZOXrABAB2Aw+sENwAMAdlWrSBcsD7C4SAFZsBVEM1XkA7owBGCeI3FIspABwfyANxhO4VzQCD3VSdXR1Aiw8LA8UPHJLPyYgyI88PABmPHiCPFVQ9Sws8nkDP0YbIN4OCGFUlRQpABsYQ0ChBDgZWW4QsIi0DxKsdVb2kWBZGB9GWicqKCQevlLkmCYkEDL9RjA4AE9ZZmBaQPoWxiA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 8599 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Ma7B-Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cygnus
as-sec.casalemedia.com/ 		534 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1687975182441&s=241054&r=%7B%22id%22%3A%221687975182%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A4%2C%22playbackmethod%22%3A%5B2%5D%2C%22w%22%3A880%2C%22h%22%3A495%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F%3Fdeployment%3Dagilityzone%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22AMI%20%7C%20US%20Weekly%22%2C%22domain%22%3A%22www.usmagazine.com%22%2C%22privacypolicy%22%3A1%2C%22ref%22%3A%22news.google.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22www.usmagazine.com%22%2C%22name%22%3A%22AMI%20%7C%20US%20Weekly%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36%22%2C%22ip%22%3A%225.181.234.134%22%2C%22js%22%3A1%2C%22language%22%3A%22EN%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A2988%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%222988%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&fn=jsonp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b74859de736a0599038a7b55d2f73ba5dfaeaa31cb1fe54b0b9995ab3c9f13

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKXM75vEbOZSda%2FjCbCRiH5lx30pDctfH5rq5dF8dykn3GYKYkFdtu9TKLD%2FvTG%2FWssFx%2BsngsXksrn2y8rj2RRWaIkhlXMw7t%2FXQv80fn%2Bo1HiDaqX0kbeMCcZp8EAsl3vibWtk0HE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7de7d33a9b2d4358-EWR
alt-svc
h3=":443"; ma=86400
expires
0
cygnus
as-sec.casalemedia.com/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1687975182443&s=241054&r=%7B%22id%22%3A%221687975182%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222%22%2C%22banner%22%3A%7B%22w%22%3A720%2C%22h%22%3A480%7D%7D%2C%7B%22id%22%3A%223%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F%3Fdeployment%3Dagilityzone%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22AMI%20%7C%20US%20Weekly%22%2C%22domain%22%3A%22www.usmagazine.com%22%2C%22privacypolicy%22%3A1%2C%22ref%22%3A%22news.google.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22www.usmagazine.com%22%2C%22name%22%3A%22AMI%20%7C%20US%20Weekly%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36%22%2C%22ip%22%3A%225.181.234.134%22%2C%22js%22%3A1%2C%22language%22%3A%22EN%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A2988%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%222988%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd3653867b348f5432ff42d6308dfdda9739796b5798b1d9662b371970ec2582

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zThwXsSe29as3ikqiMZQF4%2BnFyOaQgGDgRYTQXImLcl4ZZJxZAXHPol0xBJzZDAB%2B50L1efSZo4BxZCAKKfblxr1xR1xGsgOoPAuB7ld8O%2Ff8iNxp1UKlrpohsfAURhQHnYHQHC1dnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://www.usmagazine.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7de7d33a9b2e4358-EWR
alt-svc
h3=":443"; ma=86400
expires
0
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
https://www.usmagazine.com
date
Wed, 28 Jun 2023 17:59:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
https://www.usmagazine.com
date
Wed, 28 Jun 2023 17:59:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ad_page
ssp.behave.com/ 		20 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.behave.com/ad_page
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Wed, 28 Jun 2023 17:59:42 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.usmagazine.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8AjAzgdwGSkrMB9ZAlhDLgQCbwCMADAJwAs6YMAjgK4zIS4QEC2nCCD7AqANgAcAdlpSArJQkAmevQnpkAezZgAxjHggyyDTADmAqN3LJ46XcNAEzUclWpTqdMehBmYVvAAViZ8mmQG1OioMChEMG5KtBLqAG4EhLwUlJIy8pRSYipKEnKMEen6bpQKUhKqAMxqcmL01NJSSg2YfjDpMKjVpuwBVRQ+ugA2BAEQvAJcjuLSsgrKcg0T07MgwASpcISaUPBCZt0VBPrwZD3+PACewAbgvFMwQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwBMAnAOwAsAjAKxpgwCOArjHhDhAIpeEECmDxGANgActOs0YzK9eqzwB7LmADGMeCDJ40eGAHNhUfuTzw0OsaAJmo5SQAZa799SloQZjBW8ABWxigaZPruaADuMEiExG40MjJoAG4ESW7ScgqMtFIqlDLM9GhRWXq5irQyqgDM9GVS9O5ytJSNGAEwWTCxuSacPFA1FLT2ADYEQRCCwnyOkrLytIrKzPUzc1YgwAQZcIQaUPCiZj1VBHrwZL2BAgCewPrggjrTMEA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwBMAnAOwAsAjAKxpgwCOArjHhDhAIpeEECmDxGANgActOs0YzK9elLR4A9lzABjGPBBk8GmAHNhUfuTzw0usaAJmo5SQAZa799XUgzMFbwAFYmKJpkBu5oAO4wSITEbjQyMmgAbgSJbtJyCoy0UiqUMsz0aJGZ+jmKtDKqAMz0pVL07nK0lA0Y-jCZMDE5ptyB1RRpugA2BIEQgsJ8jpKy8rSKylKe9tOzIMAE6XCEmlDwombdlQT68GQ9AQIAnsAG4IJTMEA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_fill
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_fill?wklz=MYQwtgDiCWDmB2B9aATAvARgAwHYtYE4A2AMhQFMIAbAewE8xz4AXNaeAM3PJRICdyARwCu5AM7MeiECkTD40ZmLQ4ATFgAeAFgAcWMuRBVk6IqvMBmLQEkAGgFYtWg0cTxw5NADkAgiQh80MCe9lgAdPiRJCDCwMzQNEjwwmAARuR8mNGy8oomaFqkUHzM8Bls8BQa-iAlZXyIYork+apa2I78QqISiPGMEuAQmEQ6OAQ49hg6bVoWJGI0wnzBaDJiC+SwjCwmyiSgkDAIqJi4+MTRsEysAFYbYDQUaPoA7uSpTZKnqgQ6OiQAG7QL6nDCjcaTDA4MxaVQ6ToUYHBMFTHA6JxWBFELRYMZqeZQa7A8ivMGbERMFHoAgHKjQG79cTMIYjMYTKYzIhEex0hksEAQaCAjJNRJoFmweZIoKeXhElrMOgQTy1eLAKjkIA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_fill
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_fill?wklz=MYQwtgDiCWDmB2B9aATAvARgAwHYtYE4A2AMhQFMIAbAewE8xz4AXNaeAM3PJRICdyARwCu5AM7MeiECkTD40ZmLQA3VORplyIKsnQBWDBgBMWYwGYiASQAaFrFp2J44cmgByAQRIQ+0YG4EAHSW+A4gwsDM0DRI8MJgAEbkfJgkMnIKzHpohj4gfMzwKWzwFAAe+YXFfIhiiuQ5xgAs2PrN-EKiEojRjBLgEJhEABw4BDiGIy2tJGI0wnwBaDJic+SwjCx6yiSgkDAIqJi4+MTpsEysAFZrYDQUaA4A7uSJ9ZLHxgQjIyRqH2OGFG40mGBwRBaxhG7S0agCQMMOBGzWa5maMKIzSwYxwFnylzU5GeQPWIiYCPQ2D2VGgVz64mYg2GYwmU2MeIwNLpLBAEGgKhS9ViaCZsHMcP8bl4UEuvToEDcBWiwCo5CAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_selected
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_selected?wklz=IYVwxgLglg9gdgfTiAtgIwKYCcC8BGAMjSgBMBnHAUgFYAhSgdnoCZmUMSpgEIBPABwyVWlAMwBBYc05l+AG2C8pwgMJT+wLBDjZlEqVDgkMAD2XM1rY-Ji92cCHsmtDAMwwdzl6RmByEpE5SAGyszKIALACSABrUERFe6lhQYEIi+qzUAAwAdNkFBUmsoJCwiMjouhnieKpSwCQIIHBQEAEkQawRwcoMACI0-QRkMCBYaTiNZARgwCgaUADmrST42QwFAJzBBMBLGA44IGTYBCgwxjjZBADuGGhkbRikOMxbABwfBABuUE-QNZ4YIfBhbBjUPAMUIRZgfeIEYx-NKvPCQhgfBKReHBCLZUEMcIEDQHP4YW6okYYACOIEOKKBhDAcighwg0HYZAg834+BBYIheA+zEJolmLLZwH4UB+2Ce8Bw3KWYqRqQwOBIxP2GB4AnVmmgzIwQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:42 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
e0dd2acd3574679864cd76965aa5dce2.png
assets.bounceexchange.com/assets/uploads/clients/1682/ads/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/1682/ads/e0dd2acd3574679864cd76965aa5dce2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
94c3631f006e651412da2380a5079c9168aec4a632ff17f03a23f6aa3cd7ee0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 06:44:55 GMT
age
40487
x-guploader-uploadid
ADPycdsTH_csgpuBBD1KN6VVZNmUrKqP9XfIHqmYGSl1sHXUl5AlmMjIJcl8lLfBVJSYW1LzF7KNoF-rL1fGthjwBQVYtA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3706
last-modified
Sat, 03 Aug 2019 00:30:55 GMT
server
UploadServer
etag
"e0dd2acd3574679864cd76965aa5dce2"
x-goog-generation
1564792255352236
x-goog-hash
crc32c=L9PGkw==, md5=4N0qzTV0Z5hkzXaWWqXc4g==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
3706
accept-ranges
bytes
content-type
image/png
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.usmagazine.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Jun 2023 17:59:43 GMT
content-length
0
vary
Origin
omid-session-client-v1.js
static.yieldmo.com/omid-scripts/ Frame 4FDA 		43 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/omid-scripts/omid-session-client-v1.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2cc293e73bec173ebab43239536826bd04c1d1e38f29522e62db5b223ecff6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 05:06:56 GMT
x-amz-version-id
ZtCyRs2KvYqVq3Li0WOIcZJU1YoDMVLV
content-encoding
br
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
46368
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-meta-replication-status
COMPLETED
last-modified
Fri, 18 Nov 2022 18:27:29 GMT
server
AmazonS3
etag
W/"c262c9a281e933ae4743ac122f3ce0a5"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-meta-version-id
TNKHZD1TifhGnaeNfG9LQPWlj6a2EOVK
x-amz-cf-id
4REwX81yyYjjY22ZGahIsEayUSIU7ivysR_qlmziYkRImjPKgOz6Rg==
omid-session-client-v1.js
static.yieldmo.com/omid-scripts/ Frame 6985 		43 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/omid-scripts/omid-session-client-v1.js
Requested by
Host: news.google.com
URL: https://news.google.com/articles/CBMibWh0dHBzOi8vd3d3LnVzbWFnYXppbmUuY29tL2NlbGVicml0eS1tb21zL25ld3MvZ3d5bmV0aC1wYWx0cm93cy1zb24tbW9zZXMtaXMtY2hyaXMtbWFydGlucy10d2luLWluLW5ldy1waG90by_SAXFodHRwczovL3d3dy51c21hZ2F6aW5lLmNvbS9jZWxlYnJpdHktbW9tcy9uZXdzL2d3eW5ldGgtcGFsdHJvd3Mtc29uLW1vc2VzLWlzLWNocmlzLW1hcnRpbnMtdHdpbi1pbi1uZXctcGhvdG8vYW1wLw?hl=en-US&gl=US&ceid=US%3Aen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:c800:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2cc293e73bec173ebab43239536826bd04c1d1e38f29522e62db5b223ecff6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 05:06:56 GMT
x-amz-version-id
ZtCyRs2KvYqVq3Li0WOIcZJU1YoDMVLV
content-encoding
br
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
46368
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-meta-replication-status
COMPLETED
last-modified
Fri, 18 Nov 2022 18:27:29 GMT
server
AmazonS3
etag
W/"c262c9a281e933ae4743ac122f3ce0a5"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-meta-version-id
TNKHZD1TifhGnaeNfG9LQPWlj6a2EOVK
x-amz-cf-id
6bYwaCINV_boEcV2tSulf6OJgH4kmZ4OfYS20HPc65r_c0F6ptNBuA==
sca.17.6.2.js
static.adsafeprotected.com/ Frame 0840 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.usmagazine.com
URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
7558109
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
FK5NmhCKibnI9C3f_toC55Q17208pN8nzD2bTxwXwVUtiL9VX9Fx7g==
mon
pixel.adsafeprotected.com/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=927944&campId=494396&pubId=121020&chanId=244413&placementId=339664&adsafe_par&bundleId=&impId=ff074964d0b7408ab310ab92cd61d2ee&ias_adpath=%23div_8a062bc015dd11eea9f9174ce71884e5_0_0&adsafe_url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&adsafe_type=abedq&adsafe_url=https%3A%2F%2Fnews.google.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fwww.usmagazine.com%2F&adsafe_type=f&adsafe_jsinfo=,id:8c9cdcb0-272f-1db7-e323-aa524dc8a6ff,c:gRbnFH,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-647467dcbd-jsv5g,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1600.1200,am:sp,cc:0.0.1.0,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:5250,mot:0,app:0,maw:0,fm:tIv1Pgd+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C191151%7C191152%7C191153%7C191154%7C191155%7C191156%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c21%7C1c22%7C1c3%7C1d%7C1e*.927944%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1g1%7C1g21%7C1g22%7C1g3%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1u4%7C1u5%7C1u6%7C1u7%7C1u8%7C1u9%7C1ua%7C1ub%7C1uc%7C1ud%7C1ue%7C1uf%7C1ug%7C1uh%7C1ui%7C1v%7C1w,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:svg.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:5388,oid:8c4434e7-15dd-11ee-ab94-2a01a9ab8708,v:19.8.422,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.58.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-58-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
app05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=927944&asId=8c9cdcb0-272f-1db7-e323-aa524dc8a6ff&tv=%7Bc:gRbnFI,pingTime:-8,time:5389,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5389,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:5388,wc:0.0.1600.1200,ac:0.0.1600.1200,am:sp,cc:0.0.1.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B137~100%5D,as:%5B137~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tIv1Pgd+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C191151%7C191152%7C191153%7C191154%7C191155%7C191156%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c21%7C1c22%7C1c3%7C1d%7C1e*.927944%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1g1%7C1g21%7C1g22%7C1g3%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1u4%7C1u5%7C1u6%7C1u7%7C1u8%7C1u9%7C1ua%7C1ub%7C1uc%7C1ud%7C1ue%7C1uf%7C1ug%7C1uh%7C1ui%7C1v%7C1w,idMap:1e*,rmeas:1,rend:1,renddet:svg.qs,siq:5389%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt29.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=df5f9fb2-8672-6f57-9df5-61c2a83f469a&tv=%7Bc:gRbnGc,pingTime:-2.1,time:8677,type:a,clog:%5B%7Bpiv:0,vs:o,r:l,w:1,h:1,t:1629%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:8677,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1629,wc:0.0.1600.1200,ac:0.14255.1.1,am:i,cc:0.14255.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B7221~0%5D,as:%5B7221~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:5047,fm:tIv1OpG+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d%7C1e*.928572%7C1e1%7C1e2%7C1e3%7C1f%7C1g1%7C1g2%7C1g3%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s,idMap:1e.8c9cdcb0-272f-1db7-e323-aa524dc8a6ff.121_927944%7C1e*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:svg.qs,siq:1630,slid:%5Bgoogle_ads_iframe_/4216/usweekly/interstitial/article_0,google_ads_iframe_/4216/usweekly/interstitial/article_0__container__,interSpot%5D,sinceFw:381,readyFired:true,sis:2018%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=927944&asId=8c9cdcb0-272f-1db7-e323-aa524dc8a6ff&tv=%7Bc:gRbnGi,pingTime:0,time:5425,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1600,h:1200,t:5388%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5425,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:5388,wc:0.0.1600.1200,ac:0.0.1600.1200,am:sp,cc:0.0.1.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B173~100%5D,as:%5B173~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tIv1Pgd+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C191151%7C191152%7C191153%7C191154%7C191155%7C191156%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c21%7C1c22%7C1c3%7C1d%7C1e*.927944%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1g1%7C1g21%7C1g22%7C1g3%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1u4%7C1u5%7C1u6%7C1u7%7C1u8%7C1u9%7C1ua%7C1ub%7C1uc%7C1ud%7C1ue%7C1uf%7C1ug%7C1uh%7C1ui%7C1v%7C1w,idMap:1e*,rmeas:1,rend:1,renddet:svg.qs,siq:5389%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=927944&asId=8c9cdcb0-272f-1db7-e323-aa524dc8a6ff&tv=%7Bc:gRbnH2,pingTime:-2,time:5471,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:5597,beZ:5598,mfA:10847,cmA:10848,inA:10848,inZ:10850,prA:10850,prZ:10898,si:10985,poA:10986,poZ:11004,cmZ:11004,mfZ:11004,loA:11039,loZ:11042,ecZ:11066,ltA:11067,ltZ:11067,mdA:5601,mdZ:10824%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:1600,h:1200,t:5388%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5471,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:5388,wc:0.0.1600.1200,ac:0.0.1600.1200,am:sp,cc:0.0.1.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B219~100%5D,as:%5B219~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:59,fm:tIv1OpG+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C191151%7C191152%7C191153%7C191154%7C191155%7C191156%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c21%7C1c22%7C1c3%7C1d%7C1e*.927944%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1g1%7C1g21%7C1g22%7C1g3%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1u4%7C1u5%7C1u6%7C1u7%7C1u8%7C1u9%7C1ua%7C1ub%7C1uc%7C1ud%7C1ue%7C1uf%7C1ug%7C1uh%7C1ui%7C1v%7C1w,idMap:1e.df5f9fb2-8672-6f57-9df5-61c2a83f469a.21_928572%7C1e*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:svg.qs,siq:5389,slid:%5Bgoogle_ads_iframe_/4216/usweekly/interstitial/article_0,google_ads_iframe_/4216/usweekly/interstitial/article_0__container__,interSpot%5D,sis:5469,sinceFw:80,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=927944&asId=8c9cdcb0-272f-1db7-e323-aa524dc8a6ff&tv=%7Bc:gRbnHE,time:5509,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5509,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:5388,wc:0.0.1600.1200,ac:0.0.1600.1200,am:sp,cc:0.0.1.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B257~100%5D,as:%5B257~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:14,fm:tIv1OpG+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C191151%7C191152%7C191153%7C191154%7C191155%7C191156%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c21%7C1c22%7C1c3%7C1d%7C1e*.927944%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1g1%7C1g21%7C1g22%7C1g3%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1u4%7C1u5%7C1u6%7C1u7%7C1u8%7C1u9%7C1ua%7C1ub%7C1uc%7C1ud%7C1ue%7C1uf%7C1ug%7C1uh%7C1ui%7C1v%7C1w,idMap:1e.df5f9fb2-8672-6f57-9df5-61c2a83f469a.21_928572%7C1e*,rmeas:1,rend:1,renddet:svg.qs,siq:5389,sis:5469%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:43 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=usmagazine.com&p=%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&u=CwgZW6CssPkcDOeKgM&d=usmagazine.com&g=11054&g0=celebrity%2Ccelebrity%20dads%2CCelebrity%20Kids%2Ccelebrity%20moms%2Ccelebrity%20news%2CNews&g1=Paige%20Strout&n=1&f=00001&c=0.25&x=0&m=0&y=14259&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=https%3A%2F%2Fnews.google.com%2F&PA=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&b=499&t=BL3tKVBOK7NvDryCOYPYMWcCcszsz&V=140&tz=0&sn=2&sv=BuwvzLDoDnbjZE1AtCqrxlsBwUVhQ&sr=https%3A%2F%2Fnews.google.com%2F&sd=1&im=067b2fff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.148.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-148-84.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306270101&jk=4313694890951919&bg=!ICOlI3fNAAYQ3eRoMN07ADkAdvg8WiZOgrc68OUB8vcn0TlDSyzDyRGE_ACHhc_-cTs0pG0921ojHpeFi82q8HUYLHSy6YPL6dsCAAABClIAAAADaAEHCgBvrcaVKUfkHLKAVBy6VX9wf9JQEyWFq1iu7euH305v7dCAKEOn6MxE92n-ADOagcZ13Di90DBHXncbEJM-0alaUgvvas0Gy5OPDeQmK_sqL6rKn0pBNb2lFlbFWAN6XmH8hSRY3mlMymi5f_y_jIgSmQK0xj2v8-QKk3lBk_7s_U5l7zGjpPOUhXcjVW--OaUmF9s0fimICqktSxHdM-5PleOvFzvB_d46XlX8dST5wEwo87GUpMN1fL_F8obMYIVx62_v7aIOYjVjaG-H9n2V6W8i0rkCSArG7BNz5B-unNDoZqTI4BIfyLKbmKsvdm9KZTTwInfJFplhEog2lkAmm_XkNEB8JiHMgyoq8WhwhRLAPOjePtxugxi72wlvmxOOf2qCuBGAv35IDBnrGYf0zSJgW1TfFwOfnEw7nuGeEbX4miaQhcROgEu9Pc7UZLteSVi1cDanydd05p-RDadcQ3vu3j4ETgYXXX0o3l4jH9DEIfyK13w-m9Qn55VnCa1A5JS3DQZ785RduCHfy3HvrfRG3iK01OzaJvVB_RhSNDQh0S_DTx6SWDVX7lv5uJKM4lTOcctrVW4bLHZByK64nncOn7LNtIcU99zlQ-XkUeNlCfm_3no0NoCMNKKYIFBgKVzZ7U2z_2BYAfml5uOG9vdouIoiNZ8lv_3Qcz0Xli_SuWNpAaPKkS56qP4TM8mrL97H6GUV9Ru8AHfCM_-vNgjvk7BPfSF8XPZZ8aEDGPxmFwQ4Ed3950QZSeiQ0IhRF8ymFeY7wm-iSwubpCSC9_cRYLNz-yDCAmA17EDOTzdWJbbJSdp_l5J14pHZLNCA9KbB3gcLMMraliA0TCM_EydXh_J0S7J_q9tol0eIHyxgxGe1vuBDlfpvRCE8kegnmKGQQYa47SxNz2DJtMLUki8gwjbdp7ac9Hje3pG6_Fqi-pwb2MPVi4VO1Nb-6QXJW2Gy925T0bZCbI_VcDeyDJM1XFrwgYqn9TNiFKaiScFXFXFjK71F3Mp7SSJ-MQItTaRFSXoOnunMl0JTBrSM0tyk1qcZa7HAghY-U2XsT1Zaa3R1Ubk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=927944&asId=8c9cdcb0-272f-1db7-e323-aa524dc8a6ff&tv=%7Bc:gRbnWr,pingTime:1,time:6426,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1600,h:1200,t:5388%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6426,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:5388,wc:0.0.1600.1200,ac:0.0.1600.1200,am:sp,cc:0.0.1.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1175~100%5D,as:%5B1175~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:20,fm:tIv1OpG+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C191151%7C191152%7C191153%7C191154%7C191155%7C191156%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c21%7C1c22%7C1c3%7C1d%7C1e*.927944%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1g1%7C1g21%7C1g22%7C1g3%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1u4%7C1u5%7C1u6%7C1u7%7C1u8%7C1u9%7C1ua%7C1ub%7C1uc%7C1ud%7C1ue%7C1uf%7C1ug%7C1uh%7C1ui%7C1v%7C1w,idMap:1e.df5f9fb2-8672-6f57-9df5-61c2a83f469a.21_928572%7C1e*,rmeas:1,rend:1,renddet:svg.qs,siq:5389,sis:5469%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:44 GMT
server
nginx
x-server-name
dt33.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=927944&asId=8c9cdcb0-272f-1db7-e323-aa524dc8a6ff&tv=%7Bc:gRbnWs,pingTime:1,time:6427,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:1600,h:1200,t:5388%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6427,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:5388,wc:0.0.1600.1200,ac:0.0.1600.1200,am:sp,cc:0.0.1.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1175~100%5D,as:%5B1175~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:20,fm:tIv1OpG+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C191151%7C191152%7C191153%7C191154%7C191155%7C191156%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c21%7C1c22%7C1c3%7C1d%7C1e*.927944%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1g1%7C1g21%7C1g22%7C1g3%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1u4%7C1u5%7C1u6%7C1u7%7C1u8%7C1u9%7C1ua%7C1ub%7C1uc%7C1ud%7C1ue%7C1uf%7C1ug%7C1uh%7C1ui%7C1v%7C1w,idMap:1e.df5f9fb2-8672-6f57-9df5-61c2a83f469a.21_928572%7C1e*,rmeas:1,rend:1,renddet:svg.qs,siq:5389,sis:5469,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:44 GMT
server
nginx
x-server-name
dt32.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=927944&asId=8c9cdcb0-272f-1db7-e323-aa524dc8a6ff&tv=%7Bc:gRbnWt,pingTime:1,time:6428,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:1600,h:1200,t:5388%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6428,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:5388,wc:0.0.1600.1200,ac:0.0.1600.1200,am:sp,cc:0.0.1.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1176~100%5D,as:%5B1176~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:20,fm:tIv1OpG+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C191151%7C191152%7C191153%7C191154%7C191155%7C191156%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c21%7C1c22%7C1c3%7C1d%7C1e*.927944%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1g1%7C1g21%7C1g22%7C1g3%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1u4%7C1u5%7C1u6%7C1u7%7C1u8%7C1u9%7C1ua%7C1ub%7C1uc%7C1ud%7C1ue%7C1uf%7C1ug%7C1uh%7C1ui%7C1v%7C1w,idMap:1e.df5f9fb2-8672-6f57-9df5-61c2a83f469a.21_928572%7C1e*,rmeas:1,rend:1,renddet:svg.qs,siq:5389,sis:5469,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:44 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame 158C 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=vprog50&bitrate=300&ct=7.71&decodedFrames=189&droppedFrames=64&dur=15.06&height=360&isInFullScreen=false&ui=0&volume=false&width=640&fver=0.0.0&crid=2230414324961059571&imp=7043891257122629690&plid=25171153787&pvid=3306094453373607066&fmtid=53&offsetX=0&offsetY=0&pvt=1687975170974&stime=1687975185885&etime=1687975185885&viewportHeight=1200&viewportWidth=1600&adSlotLeft=772%2C1130&adSlotRight=772%2C1130
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:45 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
insight.adsrvr.org/enduser/video/ Frame 158C 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=midpoint&imp=08f82aee-836b-40b1-a0c5-462f70f8c071&ag=weznb10&crid=chsv8n1a&cf=5128590&fq=0&t=1&td_s=www.usmagazine.com&rcats=&mste=&mfld=3&mssi=&mfsi=&sv=yieldmo&uhow=84&agsa=&wp=2.152562&rgz=69026&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=2052105591845454873&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAI4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICGi80MjE2L3Vzd2Vla2x5L3JyMS9hcnRpY2xl&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&npt=&adpt=ym_lyieldmo&fpa=179&pcm=3&ict=Unknown&said=3306094453373607066%3A0&auct=1&tail=1&sfe=16d3f503&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:45 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
1x1.gif
ag.innovid.com/ Frame 158C
Redirect Chain
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&devic...
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&devi...
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=vpoint&event_id=percent&event_value=50&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Protocol
H2
Server
3.132.38.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-97.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:45 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:45 GMT
server
nginx
content-type
text/plain
location
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=vpoint&event_id=percent&event_value=50&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control
no-cache
content-length
0
expires
-1
pixel.gif
px.moatads.com/ Frame 158C 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&g=3&q=2&lo=0&dc=1&ak=-&ac=1&bq=7&as=1&ka=1&ag=0&an=0&gg=0&aj=1&hd=1&dz=1&ef=3&eg=3&eh=3&f=0&gh=1&gi=1&gf=1&dh=0&hc=1&i=INNOVID_OTT1&t=1687975176174&de=17e2ih1687975176174&vz=17e2ih1687975176174&i2=INNOVID&d=146939%3A1271%3A3198042%3A17e2ih&zMoatAdvertiser=1698&zMoatAccountAdv=2779%20%7C%201698&zMoatSDH=15&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&zMoatTRAN=08f82aee-836b-40b1-a0c5-462f70f8c071&zMoatAccount=2779&zMoatAdvPub=1698%20%7C%201271&ott=1&rai=ROKU_ADS_APP_ID&yd=[OMIDPARTNER]&zp=20&app=[APPBUNDLE]&uai=[UNIVERSALADID]&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jun 2023 17:59:45 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6985 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=vprog50&bitrate=300&ct=7.67&dur=15.06&height=360&isInFullScreen=false&ui=0&volume=false&width=640&fver=6.9.43-F100-101-B285&crid=2230417036964471064&imp=3422352838061422437&plid=25171153787&pvid=3306094453347824865&fmtid=100&offsetX=0&offsetY=0&pvt=1687975170971&stime=1687975186152&etime=1687975186152&viewportHeight=1200&viewportWidth=1600&adSlotLeft=190%2C315&adSlotRight=190%2C315
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:46 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
insight.adsrvr.org/enduser/video/ Frame 6985 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=midpoint&imp=9f95ba01-2fda-4f1b-822a-4186aef14de0&ag=weznb10&crid=7vh6qvtb&cf=5128590&fq=0&t=1&td_s=www.usmagazine.com&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=yieldmo&uhow=84&agsa=&wp=2.817740&rgz=69026&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=2052105591845454873&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAM4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICHi80MjE2L3Vzd2Vla2x5L2xlYWRlcjEvYXJ0aWNsZQ..&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&npt=&adpt=ym_lyieldmo&fpa=157&pcm=3&ict=Unknown&said=3306094453347824865%3A0&auct=1&tail=1&sfe=16d3f502&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:46 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
1x1.gif
ag.innovid.com/ Frame 6985
Redirect Chain
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&devic...
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&devi...
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=vpoint&event_id=percent&event_value=50&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Protocol
H2
Server
3.132.38.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-97.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:46 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:46 GMT
server
nginx
content-type
text/plain
location
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=vpoint&event_id=percent&event_value=50&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control
no-cache
content-length
0
expires
-1
pixel.gif
px.moatads.com/ Frame 6985 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&g=3&q=2&lo=0&dc=1&ak=-&ac=1&bq=7&as=1&ka=1&ag=0&an=0&gg=0&aj=1&hd=1&dz=1&ef=3&eg=3&eh=3&f=0&gh=1&gi=1&gf=1&dh=0&hc=1&i=INNOVID_OTT1&t=1687975176174&de=17e2if1687975176174&vz=17e2if1687975176174&i2=INNOVID&d=146939%3A1271%3A3192555%3A17e2if&zMoatAdvertiser=1698&zMoatAccountAdv=2779%20%7C%201698&zMoatSDH=15&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&zMoatTRAN=9f95ba01-2fda-4f1b-822a-4186aef14de0&zMoatAccount=2779&zMoatAdvPub=1698%20%7C%201271&ott=1&rai=ROKU_ADS_APP_ID&yd=[OMIDPARTNER]&zp=20&app=[APPBUNDLE]&uai=[UNIVERSALADID]&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jun 2023 17:59:46 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 6985 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
9a726353c4464385e8cbbbd35b4484e78e5c8075acb54f17630d89c0bf87e271

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=02818600c561db9827efdba9139b08e77e1f5871217c98f40a05b91755f89fd1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
2b05f1ea18d55e79f984a5785761a390e827e1cc6726598ec72fa13cc9af8d68
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175948Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:48 GMT
x-amzn-RequestId
fe163414-4b40-46d8-a300-434030bfcc21
Content-Length
133
x-amz-id-2
ZCmjExOWSmxVcxR77vdjdtUzmRPrSTE/3I/5EZuk1JCVKoV1LgGjMA0x28UWUJ1cGHjwz4cQLyiqIJ32lXgP8aqh7neBGB1m
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 6985 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash
ef2a03d12d2daf393c80c447a30dc0bdd21f22831ad39e71dfadcd3be29c28b3

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230628/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b0953165ccf0b5f077bd7daf474b2831c43ffe7b0af687d3994fb012ca25c02c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
9262dce8aea15c3d3b06bd6382e9cd82990745a60b27adaa309a15abab10937c
Cache-Control
no-cache
Referer
https://www.usmagazine.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20230628T175948Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 28 Jun 2023 17:59:48 GMT
x-amzn-RequestId
fc734383-7fa0-0ec0-a165-34d7045f8439
Content-Length
133
x-amz-id-2
9iT9p1A8idSMT6sO9HVsdh/FVNQ6SqkGma+m5JfsrNXvu0mtjhHhKtClc0gd34erCL4T27v3SKP+XJw94jyrCCgsGUu98VUI
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:48 GMT
x-amzn-RequestId
d48a61dc-5aee-5a3c-899c-16882111d0c5
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.usmagazine.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 28 Jun 2023 17:59:48 GMT
x-amzn-RequestId
caf0ee38-cd24-0b67-97e6-996cb6db819e
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=927944&asId=8c9cdcb0-272f-1db7-e323-aa524dc8a6ff&tv=%7Bc:gRboYY,pingTime:5,time:10427,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1600,h:1200,t:5388%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:10427,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:5388,wc:0.0.1600.1200,ac:0.0.1600.1200,am:sp,cc:0.0.1.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5175~100%5D,as:%5B5175~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:22,fm:tIv1OpG+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C191151%7C191152%7C191153%7C191154%7C191155%7C191156%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C19181%7C19182%7C19183%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c1%7C1c21%7C1c22%7C1c3%7C1d%7C1e*.927944%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1g1%7C1g21%7C1g22%7C1g3%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u1%7C1u2%7C1u3%7C1u4%7C1u5%7C1u6%7C1u7%7C1u8%7C1u9%7C1ua%7C1ub%7C1uc%7C1ud%7C1ue%7C1uf%7C1ug%7C1uh%7C1ui%7C1v%7C1w,idMap:1e.df5f9fb2-8672-6f57-9df5-61c2a83f469a.21_928572%7C1e*,rmeas:1,rend:1,renddet:svg.qs,siq:5389,sis:5469%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:48 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame 158C 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=vprog75&bitrate=300&ct=11.44&decodedFrames=279&droppedFrames=91&dur=15.06&height=360&isInFullScreen=false&ui=0&volume=false&width=640&fver=0.0.0&crid=2230414324961059571&imp=7043891257122629690&plid=25171153787&pvid=3306094453373607066&fmtid=53&offsetX=0&offsetY=0&pvt=1687975170974&stime=1687975189607&etime=1687975189607&viewportHeight=1200&viewportWidth=1600&adSlotLeft=772%2C1130&adSlotRight=772%2C1130
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:49 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
insight.adsrvr.org/enduser/video/ Frame 158C 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=thirdQuartile&imp=08f82aee-836b-40b1-a0c5-462f70f8c071&ag=weznb10&crid=chsv8n1a&cf=5128590&fq=0&t=1&td_s=www.usmagazine.com&rcats=&mste=&mfld=3&mssi=&mfsi=&sv=yieldmo&uhow=84&agsa=&wp=2.152562&rgz=69026&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=2052105591845454873&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAI4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICGi80MjE2L3Vzd2Vla2x5L3JyMS9hcnRpY2xl&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&npt=&adpt=ym_lyieldmo&fpa=179&pcm=3&ict=Unknown&said=3306094453373607066%3A0&auct=1&tail=1&sfe=16d3f503&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:49 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
1x1.gif
ag.innovid.com/ Frame 158C
Redirect Chain
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&devic...
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&devi...
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=vpoint&event_id=percent&event_value=75&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Protocol
H2
Server
3.132.38.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-97.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:49 GMT
cache-control
no-cache
content-length
43
request-time
0
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:49 GMT
server
nginx
content-type
text/plain
location
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3186633&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2ih&device_id=&action=vpoint&event_id=percent&event_value=75&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_creativeid%3Dchsv8n1a%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D08f82aee-836b-40b1-a0c5-462f70f8c071%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control
no-cache
content-length
0
expires
-1
pixel.gif
px.moatads.com/ Frame 158C 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&g=4&q=3&lo=0&dc=1&ak=-&ac=1&bq=7&as=1&ka=1&ag=0&an=0&gg=0&aj=1&hd=1&dz=1&ef=3&eg=3&eh=3&ei=3&f=0&gh=1&gi=1&gf=1&dh=0&hc=1&i=INNOVID_OTT1&t=1687975176174&de=17e2ih1687975176174&vz=17e2ih1687975176174&i2=INNOVID&d=146939%3A1271%3A3198042%3A17e2ih&zMoatAdvertiser=1698&zMoatAccountAdv=2779%20%7C%201698&zMoatSDH=15&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&zMoatTRAN=08f82aee-836b-40b1-a0c5-462f70f8c071&zMoatAccount=2779&zMoatAdvPub=1698%20%7C%201271&ott=1&rai=ROKU_ADS_APP_ID&yd=[OMIDPARTNER]&zp=20&app=[APPBUNDLE]&uai=[UNIVERSALADID]&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jun 2023 17:59:49 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6985 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=vprog75&bitrate=300&ct=11.38&dur=15.06&height=360&isInFullScreen=false&ui=0&volume=false&width=640&fver=6.9.43-F100-101-B285&crid=2230417036964471064&imp=3422352838061422437&plid=25171153787&pvid=3306094453347824865&fmtid=100&offsetX=0&offsetY=0&pvt=1687975170971&stime=1687975189870&etime=1687975189870&viewportHeight=1200&viewportWidth=1600&adSlotLeft=190%2C315&adSlotRight=190%2C315
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.22.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-22-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.usmagazine.com
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:49 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
insight.adsrvr.org/enduser/video/ Frame 6985 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=thirdQuartile&imp=9f95ba01-2fda-4f1b-822a-4186aef14de0&ag=weznb10&crid=7vh6qvtb&cf=5128590&fq=0&t=1&td_s=www.usmagazine.com&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=yieldmo&uhow=84&agsa=&wp=2.817740&rgz=69026&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=2052105591845454873&rlangs=01&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=InArticle&c=Cg1Vbml0ZWQgU3RhdGVzEghOZWJyYXNrYRoDNzIyIgdEYW5idXJ5MAM4AUgAUAuAAQCIAQKQAQGwAQC6AQQIDxgCwAHllwPAAeCrA8kBAAAAAADgQkDQAeWXA-ABAOgBAP0BAAAAAJICHi80MjE2L3Vzd2Vla2x5L2xlYWRlcjEvYXJ0aWNsZQ..&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdAovChhjaGFyZ2UtbWF4UGVlcjM5Q2F0ZWdvcnkiEwj-__________8BEgZwZWVyMzkKNwocY2hhcmdlLWFsbFFBVmlkZW9WaWV3YWJpbGl0eSIXCJf__________wESCnEtYWxsaWFuY2UKJwoQY2hhcmdlLWFsbEFkanVzdCITCNr-_________wESBmFkanVzdA..&durs=APpw9i&crrelr=&npt=&adpt=ym_lyieldmo&fpa=157&pcm=3&ict=Unknown&said=3306094453347824865%3A0&auct=1&tail=1&sfe=16d3f502&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:59:49 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
1x1.gif
ag.innovid.com/ Frame 6985
Redirect Chain
  • https://s.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&devic...
  • https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&devi...
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=vpoint&event_id=percent&event_value=75&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Protocol
H2
Server
3.132.38.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-97.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:49 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:49 GMT
server
nginx
content-type
text/plain
location
https://ag.innovid.com/1x1.gif?project_hash=1gqfqe&client_id=2779&video_id=1029985&channel_id=3181140&publisher_id=1271&placement_tag_id=0&project_state=2&r=1687975176174&placement_hash=17e2if&device_id=&action=vpoint&event_id=percent&event_value=75&ivc_exdata=ivc_deviceid_raw%3D%26ivc_inapp_optout%3D0%26ivc_transaction%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_creativeid%3D7vh6qvtb%26ivc_placementid%3Dweznb10%26ivc_dealid%3D%26ivc_publisherid%3D2052105591845454873%26ivc_site%3Dwww.usmagazine.com%26ivc_supplyvendor%3Dyieldmo%26ivc_campaignid%3Dpbrdcua%26ivc_dsp%3Dttd%26ivc_ttdimpid%3D9f95ba01-2fda-4f1b-822a-4186aef14de0%26ivc_ttdid%3D%26ivc_signalid%3D%26ivc_ttd_dco_mappingrule_macro%3D%26ivc_ttd_mappingrule_single_output%3D%26dipn%3Ddeviceid%26deviceid%3D%26ivc_deviceid_raw%3D%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control
no-cache
content-length
0
expires
-1
pixel.gif
px.moatads.com/ Frame 6985 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&g=4&q=3&lo=0&dc=1&ak=-&ac=1&bq=7&as=1&ka=1&ag=0&an=0&gg=0&aj=1&hd=1&dz=1&ef=3&eg=3&eh=3&ei=3&f=0&gh=1&gi=1&gf=1&dh=0&hc=1&i=INNOVID_OTT1&t=1687975176174&de=17e2if1687975176174&vz=17e2if1687975176174&i2=INNOVID&d=146939%3A1271%3A3192555%3A17e2if&zMoatAdvertiser=1698&zMoatAccountAdv=2779%20%7C%201698&zMoatSDH=15&zMoatAccountAdvPub=2779%20%7C%201698%20%7C%201271&zMoatTRAN=9f95ba01-2fda-4f1b-822a-4186aef14de0&zMoatAccount=2779&zMoatAdvPub=1698%20%7C%201271&ott=1&rai=ROKU_ADS_APP_ID&yd=[OMIDPARTNER]&zp=20&app=[APPBUNDLE]&uai=[UNIVERSALADID]&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.174.20 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-174-20.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 28 Jun 2023 17:59:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 28 Jun 2023 17:59:49 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=37e3873f-ff20-0f99-31ee-ace7bf98e81e&tv=%7Bc:gRbpkW,pingTime:15,time:16414,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1013%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:16414,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1013,wc:0.0.1600.1200,ac:315.190.970.250,am:i,cc:315.190.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15637~100%5D,as:%5B15637~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:3358,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c*.928572%7C1c1%7C1c2%7C1d%7C1e.928572%7C1e1%7C1e2%7C1e3%7C1f%7C1g.928572%7C1g1%7C1g2%7C1h.928572%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1015,sis:1738%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:50 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=61aa82ee-fa3c-9af6-776e-e30dafa96c82&tv=%7Bc:gRbpnQ,pingTime:15,time:16559,type:p,clog:%5B%7Bpiv:71,vs:pp,r:,w:300,h:600,t:1231%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:0,pp:16559,pm:0%7D,slEvents:%5B%7Bsl:pp,t:1231,wc:0.0.1600.1200,ac:1130.772.300.600,am:i,cc:1130.772.300.600,piv:71,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15368~50%5D,as:%5B15368~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:3178,fm:tIv1O3C+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19111%7C19112%7C19113%7C19114%7C19115%7C19116%7C19117%7C19118%7C19119%7C1911a%7C1911b%7C1912%7C19131%7C1914%7C1915%7C1916%7C1917%7C1918%7C1919%7C191a%7C191b%7C191c%7C191d%7C191e%7C191f%7C191g1%7C191g2%7C191h%7C1a%7C1b%7C1c.928572%7C1c1%7C1c2%7C1c3%7C1d%7C1e.928572%7C1e1%7C1e2%7C1e3%7C1f%7C1g*.928572%7C1g1%7C1g2%7C1h.928572%7C1h1%7C1h2%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1232,sis:2256%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.usmagazine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 17:59:50 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
aps.zqtk.net
URL
https://aps.zqtk.net/0c43748a-23?url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F
Domain
creative-p.undertone.com
URL
https://creative-p.undertone.com/sparkflow/formats/4.20.201/mraid.min.js
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.usmagazine.com%2F&domain=www.usmagazine.com&cw=1&pbt=1&lsw=1&us_privacy=1---
Domain
c3.a-mo.net
URL
https://c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D

Verdicts & Comments Add Verdict or Comment

400 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 boolean| credentialless object| onbeforetoggle object| onscrollend function| getCookie function| setCookie function| parseUrlParams function| adsParseUrlParams object| _cognito function| _sso_uid_resolve object| _sso_uid object| segs object| permutiveData object| googletag object| ntvConfig object| permutive object| OneTrustStub function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| OptanonWrapper string| site_display_format object| matches object| dataLayer function| dropCookies undefined| $ function| jQuery string| irisToken function| amzn_check object| jwVastTag object| prerollTag object| jwpDef object| jwpBids number| gtm_lock object| flagIconPaths object| inline boolean| cognito_isLoginLinkSet object| _wpUtilSettings object| obj object| uswl10n object| recirculationSettings string| iframeURL string| ajaxurl function| _ object| wp function| Waypoint object| picturefillCFG function| picturefill string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| agal10n object| recircl10n object| __core-js_shared__ object| sharing_js_options function| cognito_popupOpener object| lazyLoadObj object| __otccpaooLocation object| google_tag_manager object| google_tag_data object| Optanon object| OneTrust function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga string| pixelLDU function| fbq function| _fbq object| spotim_div string| spotId string| postId string| postUrl object| postTags object| launcherScript undefined| recirculationScript string| __AudioEyeSiteHash object| _comscore number| ord object| oImg string| lhref object| _sf_async_config function| saq function| _saq boolean| loaded string| site_id string| hashed_em object| gaplugins object| gaGlobal object| gaData object| targeting function| gptAdsWindowWidth object| item undefined| windowOpen object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| TQ object| __SPOTIM__ object| __OPEN_WEB__ boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| LI object| __li__evt_bus object| liQ object| liQ_instances object| trx string| EngStoryObject function| __engStoryWidget string| EngageyaObject function| __engWidget function| md5 boolean| __audioEyeInitialized function| readyCallback function| onYouTubeIframeAPIReady object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| blueConicPreListeners function| BCClass object| blueConicClient undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| jeengConfig object| core object| jeeng object| webpackChunkzeffo object| regeneratorRuntime object| _fwnSessionPromise object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions object| _fwn object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad object| auvars object| COMSCORE object| ns_p string| CE_USER_COMMON_SCRIPT_URL undefined| CE_USER_THIRDPARTY_SCRIPT_URL boolean| __bt_already_invoked object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig function| setImmediate function| clearImmediate function| IrisContextAPI object| IrisContextGlobal object| irisContext object| googleImaVansAdapter object| ggeac object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apstag object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| webpackChunkMediaTradecraft_Empty_Template object| pbjs object| cmdpb object| cmdjs object| sizeMapping object| iasPETSlots object| gpt object| mapping object| infSlots object| amazonSlots object| amazonSlotsRef object| amazonOff object| __audioEyeContext boolean| __audioEyeRunnerComplete number| __AudioEyeInitialLoadTime object| __AudioEyePerformance string| __ENG_STORY_LOADER_VERSION object| _ENG_WIDGETS boolean| _ENG_is_google_tag_ran boolean| _ENG_is_yandex_tag_ran boolean| _ENG_is_sr_started_loading boolean| _ENG_is_av_started_loading object| urlSearchParams object| storyIdToOpenOnWidgetLoad string| ipidKeyValue undefined| storiyaStagingEnv number| publisher_id_param number| website_id_param number| widget_id_param number| orig_widget_id_param function| ENG function| _eng_do_async_click function| _eng_fire_async_pixels function| ENG_MULTI_WIDGETS object| process function| _typeof2 function| __liSync object| bc_json331 object| sso_dashboard object| sso_async object| _cbm function| docReady object| au object| autag object| hadron boolean| __halo_loaded__ object| res object| saCookies string| current_window_url_param object| TRUE_ANTHEM string| aecb string| pscb function| ae_choose function| ae_loadScript function| loaderFunction object| SPOTIM string| __OW_ENV__ string| __SPOTIM_ENV__ string| __SPOTIMENV__ string| __SPOTIM_PAGE_VIEW_ID__ object| _ENGAGEYA_WIDGETS boolean| _ENG_is_prebid_js_loaded boolean| _ENG_is_feed_js_loaded object| _ENG_PARTNERS_SAVED_SESSION_IDS_TO_WIDGET_ID object| _ENG_OPTOUT_MODAL_ELM string| _ENG_PAGE_SESSION_ID function| ENGAGEYA function| ENGAGEYA_VIDEO function| ENGAGEYA_MULTI_WIDGETS function| engageya_cb_19869734033574636 object| assertive undefined| google_measure_js_timing object| apscustom function| $ae function| ae_jQuery number| __AudioEyeLoaderStartTime object| AudioEye object| cognito_skeleton object| AudioEyeWebpackJsonp function| ha function| f object| bouncex function| loadIrisLibrary function| loadIrisPlugin object| jwpb object| _pbjsGlobals object| mnet object| assertiveQueue boolean| _assertiveInitialized object| _taboola object| OBREvents object| __connect function| kso_0_0x3a1520 function| kso_0_0x2819 function| RhScanner function| kso_0_0x3f2b object| krg_so string| sc_rid object| SocialCanvas object| socialCanvas object| pbjsChunk object| ns_ object| ID5 object| __id5_instances string| sc_sid boolean| __krg_cerberus_disable_cookies string| __krg_cerberus_partners object| Criteo object| webpackChunksmart_tag function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| bc_json332 object| PublisherCommonId object| scpbjsChunk object| scpbjs object| Mustache function| BlueConicMetaDataService object| _bcp function| BlueConicEngagement function| RuleService function| FormRuleService object| justDetectAdblock object| bcConnectionUtil function| BlueConicDataLayerUtility object| atsenvelopemodule object| ats boolean| relatedRailGlobal boolean| sideRailGlobal function| initializeIrisPlugin object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent boolean| lock_25 boolean| lock_50 boolean| lock_75 boolean| lock_100 object| closure_lm_664666 object| GoogleGcLKhOms function| owActionQueue object| bc_json333 object| closure_lm_271310 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 function| WebVTT function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| SFpagegrabber object| SPARKFLOW number| __sparkflowNum object| cast object| __IntegralASExec boolean| PUBLISHER_FIX_LOADED object| respond1687975177278 function| close_bouncex_ad string| testYM object| jQuery11130585670017806619 boolean| __sf_pg_show object| __webpack_exports__ object| $dv string| $frmId object| dvWindow object| _dv_win function| dvCallback_1687975179053317 object| google_image_requests

351 Cookies

Domain/Path Name / Value
www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo Name: UTDP
Value: 33%2C1%2C3%2C32%2C31%2C30
.placed.com/api/v2/sync Name: Subject-Id
Value: undertone-d3fd4e11-acf8-462f-bf34-d19828afd165
bc.usmagazine.com/DG/DEFAULT Name: BCSessionID
Value: 9b294aa7-adf6-454e-abec-c4c3ac8ed456
americanmedia.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 9b294aa7-adf6-454e-abec-c4c3ac8ed456
i6.liadm.com/s Name: _li_ss
Value: CgA
i.liadm.com/s Name: _li_ss
Value: Ck8KBQgKELQVCgYI3QEQthUKBQgGELQVCgYIgQEQtBUKBQgMEL4VCgYIogEQtBUKCQj_____BxC-FQoFCAsQtBUKBgiLARC0FQoGCNIBELQV
.google.com/ Name: NID
Value: 511=RnRJb95ilg83VTs8Cj49ERfIpddYuSdxU5pb8ZBNRJEMBleaocztuwryLLyZsYCC7sJ1cWcXJbvX0qUy9uX3ZSm5I_exSkJvF3Wt2GEusNBziQ5RJ6CbkoGXUvPZeJ83P89og8UXqWtLEvO4-33jzSwpDGVFya0rZY_-wOzfNOs
news.google.com/ Name: GN_PREF
Value: W251bGwsIkNBSVNDd2pfNmZHa0JoQ2cySjVEIl0_
.news.google.com/ Name: _ga_SYGF1G18MM
Value: GS1.1.1687975167.1.0.1687975167.0.0.0
.news.google.com/ Name: _ga
Value: GA1.1.1301839818.1687975168
news.google.com/ Name: OTZ
Value: 7094519_56_56__56_
www.usmagazine.com/ Name: usprivacy
Value: 1---
.sso.ami-admin.com/ Name: cognito_1mhoelgmeuuf3koc56l6m6gvc4_probe
Value: true
.usmagazine.com/ Name: _gid
Value: GA1.2.450072351.1687975169
.usmagazine.com/ Name: _gat_UA-371249-1
Value: 1
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a.ThMKHCuF%2FJiNjxJhTPfbakT3gEbx7tQi6GLJSli%2BVUs
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATsQVy5XhU41iMArRnN9PSgW16oY.i5mo9QoecSwoP0wOW%2BfnxOCMamrAGqlyxwUBXZLx5g4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATsQVy5XhU41iMArRnN9PSgW16oY.i5mo9QoecSwoP0wOW%2BfnxOCMamrAGqlyxwUBXZLx5g4
.www.usmagazine.com/ Name: clientId
Value: 1687975168629.6372
.usmagazine.com/ Name: permutive-id
Value: 0bf420cb-336f-4c03-8c22-5bc0087ab5f1
.usmagazine.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Jun+28+2023+17%3A59%3A28+GMT%2B0000+(GMT)&version=6.13.0&hosts=&consentId=ad235487-1650-432c-b850-71c94d372757&interactionCount=0&landingPath=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F&groups=C0001%3A1%2CC0003%3A1%2CBG17%3A1%2CC0005%3A1%2CC0004%3A1%2CC0002%3A1
.usmagazine.com/ Name: _li_dcdm_c
Value: .usmagazine.com
.usmagazine.com/ Name: _lc2_fpi
Value: 93cdf4e76f9f--01h41jj2y1aacypebj6t0vksm2
.usmagazine.com/ Name: _ga_F3LK00X4WN
Value: GS1.1.1687975169.1.0.1687975169.0.0.0
.usmagazine.com/ Name: bc_tstgrp
Value: 10
.liadm.com/ Name: lidid
Value: 0297515d-8802-451a-a73a-7b68eb95dabd
.410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co/ Name: pxid
Value: 277846f6-594d-4298-8aff-3e5b6c93860d
www.usmagazine.com/ Name: ntv_as_us_privacy
Value: 1---
.usmagazine.com/ Name: _cb
Value: CwgZW6CssPkcDOeKgM
.usmagazine.com/ Name: _chartbeat2
Value: .1687975169272.1687975169272.1.BuwvzLDoDnbjZE1AtCqrxlsBwUVhQ.1
.usmagazine.com/ Name: _cb_svref
Value: https%3A%2F%2Fnews.google.com%2F
www.usmagazine.com/ Name: sa-user-id
Value: s%253A0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a.ThMKHCuF%252FJiNjxJhTPfbakT3gEbx7tQi6GLJSli%252BVUs
www.usmagazine.com/ Name: sa-user-id-v2
Value: s%253ATsQVy5XhU41iMArRnN9PSgW16oY.i5mo9QoecSwoP0wOW%252BfnxOCMamrAGqlyxwUBXZLx5g4
.usmagazine.com/ Name: _fbp
Value: fb.1.1687975169296.487474501
.postrelease.com/ Name: visitor
Value: 0889790c-caa5-4b98-a28e-ac136bb5afe5
.usmagazine.com/ Name: _au_1d
Value: AU1D-0100-001687975169-EQ0AXQT1-0EUL
.usmagazine.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE2ODc5NzUxNjksInR0ZCI6MTY4Nzk3NTE2OSwicHViIjoxNjg3OTc1MTY5LCJydWIiOjE2ODc5NzUxNjksInRhcGFkIjoxNjg3OTc1MTY5LCJhZHgiOjE2ODc5NzUxNjksImdvbyI6MTY4Nzk3NTE2OSwidW5ydWx5IjoxNjg3OTc1MTY5LCJwcG50IjoxNjg3OTc1MTY5fQ%3D%3D
.adnxs.com/ Name: uuid2
Value: 239972947338320392
.adsrvr.org/ Name: TDID
Value: 8caea125-1332-49dd-b4e8-4c16d2f9f136
.scorecardresearch.com/ Name: UID
Value: 1625df45f5e3909e42dde1c1687975169
.tapad.com/ Name: TapAd_TS
Value: 1687975169467
.tapad.com/ Name: TapAd_DID
Value: 501914cb-ae0d-46ea-848b-e9fb36399716
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
.doubleclick.net/ Name: IDE
Value: AHWqTUnC5gEquPBLtve950RyqEBM9FnSfKhicVZ3Rybyc7OKF68PUMx-FN-ivbAyMvI
.ad.gt/ Name: au_id
Value: AU1D-0100-001687975169-EQ0AXQT1-0EUL
.ad.gt/ Name: g_hosted
Value:
.contextweb.com/ Name: V
Value: Aghol5ZjA95W
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 24e347e6d2e7e241
www.usmagazine.com/ Name: ntvSession
Value: {"id":9087744,"placementID":1125429,"lastInteraction":1687975169730,"sessionStart":1687975169730,"sessionEndDate":1687996800000,"experiment":""}
www.usmagazine.com/ Name: _ntv_uid
Value: 0889790c-caa5-4b98-a28e-ac136bb5afe5
.postrelease.com/ Name: ver
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a.ThMKHCuF%2FJiNjxJhTPfbakT3gEbx7tQi6GLJSli%2BVUs
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATsQVy5XhU41iMArRnN9PSgW16oY.i5mo9QoecSwoP0wOW%2BfnxOCMamrAGqlyxwUBXZLx5g4
.usmagazine.com/ Name: _hjSessionUser_2827223
Value: eyJpZCI6IjgxY2FkZTY1LTUyNmUtNTlkMi05ODgxLTNmYjdiNjIzNjQ1MyIsImNyZWF0ZWQiOjE2ODc5NzUxNjk4NjMsImV4aXN0aW5nIjpmYWxzZX0=
.usmagazine.com/ Name: _hjFirstSeen
Value: 1
.usmagazine.com/ Name: _hjIncludedInSessionSample_2827223
Value: 0
.usmagazine.com/ Name: _hjSession_2827223
Value: eyJpZCI6IjYzYmMxZTQwLTEyODYtNGZlMi05MjM4LWM0NjFkNTYyNTgwZiIsImNyZWF0ZWQiOjE2ODc5NzUxNjk4NzQsImluU2FtcGxlIjpmYWxzZX0=
.usmagazine.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.rubiconproject.com/ Name: khaos
Value: LJG0U0S1-Q-EBQ2
.usmagazine.com/ Name: _ga
Value: GA1.2.730203721.1687975169
.casalemedia.com/ Name: CMID
Value: ZJx1AqyAB4e5NDZqrk0bIAAA
.casalemedia.com/ Name: CMPS
Value: 1381
.casalemedia.com/ Name: CMPRO
Value: 1381
.zemanta.com/ Name: zuid
Value: GgTZoJOdf55amNPZ-F1y
.bidswitch.net/ Name: c
Value: 1687975170
.bidswitch.net/ Name: tuuid_lu
Value: 1687975170
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwC5mGB-hYoGJyn_CXI45Qs2JEMIPzxqCPe5qn_NnBtSnItXI2r2RCGBCJQC4TM1
.bidswitch.net/ Name: tuuid
Value: e5909bf2-71a8-45a7-b91d-17324c9598fd
.turn.com/ Name: uid
Value: 3425623714870498952
.mathtag.com/ Name: uuid
Value: 4b72649c-7502-4200-9732-0e3f626912f4
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005%22%7D
.rezync.com/ Name: zync-uuid
Value: 608b91da-7f77-43b5-bf6a-4fb5dd438242:1687975170.0883946
.addthis.com/ Name: na_id
Value: 2023062817593000014620532270
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 649c7502c2760e50
.addthis.com/ Name: ouid
Value: 649c750200010994c6933f87aab2c92a8f2dd291da6cc4e49f1d
.storygize.net/ Name: U
Value: b4c9cb8b-0477-4b6d-bd91-a0a4d6f27a56
.spot.im/ Name: device_uuid
Value: 1626bb97-12a4-49dc-9a98-d8cb7989422f
.bluekai.com/ Name: bku
Value: ikG999JN7sHcn7yI
.dlx.addthis.com/ Name: na_sc_x
Value: 1
www.usmagazine.com/ Name: BCSessionID
Value: 9b294aa7-adf6-454e-abec-c4c3ac8ed456
www.usmagazine.com/ Name: _aeaid
Value: 747d6907-c0fa-456e-aa34-6a4cc5dec69d
americanmedia.blueconic.net/ Name: AWSALBCORS
Value: 4JqJpVbNiqfJq3HIcrW/SsbAM8FiGe59UZ2+qgnd4PRy0b6gBp/kKFMjSDy1hqNyw7NDHo2yAHsji+DxBLyBhb0FjgUgFfg2aC60WbRHbvZ00gpqqgDudxDGN2Iq
www.usmagazine.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
pool.admedo.com/ Name: tuuid
Value: 3822b5f9-f8c8-4207-9fcb-af17502becbc
pool.admedo.com/ Name: c
Value: 1687975170
.mookie1.com/ Name: id
Value: 10594084812182436387
.mookie1.com/ Name: mdata
Value: 1|10594084812182436387|1687975170758
.mookie1.com/ Name: ov
Value: 47694bb40098b03ecc036648240d8691
.usmagazine.com/ Name: pbjs_sharedId
Value: e5ee6760-c42f-46f3-be38-028b090d393e
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwQ3AMAgEsE_XoYIEOOg2QYhBMnnt-8A5KqUPYQDSXUY1fkinrFt3LF2feCBhAn45Yqf6D2TTGU06AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE0MzA2MjA2MDMxFeIz1M10CvTRNQowKI-MyAcAkdykJiQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE0MzA2MjA2MDMxFeIz1M10CvTRNQowKI-MyAcAkdykJiQAAAA
pool.admedo.com/ Name: tuuid_lu
Value: 1687975171
live.rezync.com/ Name: sd-session-id
Value: .eJwNykEOgyAQAMC_7FmaRZZd4DMGCiSklTailxr_Xo-TzAnLt2xr7KXvEPbtKBM83-3WgHDCaL-1vCCAF0cipBnNjAaZLFwTjDJG-_Sl5bswuuR1jkqqiCKTrEqVo6KabM5k3Exz0OzEi9WCD3TOeGK4_pNPJX8.ZJx1Aw.2cNH2mANE9zxmuPK-GwZkCZsRB0
www.usmagazine.com/ Name: utm_source
Value: none
.prebid.a-mo.net/ Name: __amc
Value: 1_1687975171_1687975171
www.usmagazine.com/ Name: utm_medium
Value: none
www.usmagazine.com/ Name: utm_campaign
Value: none
.kargo.com/ Name: ktcid
Value: 234ff0fb-8b3b-04f1-16b9-ed959c27472b
.a-mo.net/ Name: amuid2
Value: e7e5b395-f284-45fc-a66e-d2fd1994f7da
.prebid.a-mo.net/ Name: sd_amuid2
Value: e7e5b395-f284-45fc-a66e-d2fd1994f7da
.teads.tv/ Name: tt_viewer
Value: 9a7faef3-a38e-4930-ae08-6dc55b02822e
.usmagazine.com/ Name: _gat_%5Bobject%20Object%5D
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: Awu5EqwYQ0yPmTthA_QckiY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pippio.com/ Name: did
Value: SMOoYJcMAh43bbry
.pippio.com/ Name: didts
Value: 1687975172
.pippio.com/ Name: nnls
Value:
.agkn.com/ Name: ab
Value: 0001%3AKr0jSV03TDSGJV0deE5949WVm7kpNMfW
.yahoo.com/ Name: A3
Value: d=AQABBAR1nGQCEOnWT3NKrrfVkSIankvcaMkFEgEBAQHGnWSmZAAAAAAA_eMAAA&S=AQAAAv8qJeKWkefcxLTX4MftG1M
.linkedin.com/ Name: bcookie
Value: "v=2&8046f3a6-2908-412b-85ed-089124f49ff8"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2991:u=1:x=1:i=1687975172:t=1688061572:v=2:sig=AQECitpMvmVPZuDdGeMYxgjRhyG_sIFl"
bc.usmagazine.com/ Name: AWSALB
Value: up/SEyw/VJ78PHkRYXyNyDF3S6pEWb3djmcqK6JfnOJucQ2cXf6eadm5CAS/2sKm6lsKIFrr9HelRp06Kl3QD2ozxodRuHkEP6pln33kNLHW3fDiL+U5LPsTcSVA
bc.usmagazine.com/ Name: AWSALBCORS
Value: up/SEyw/VJ78PHkRYXyNyDF3S6pEWb3djmcqK6JfnOJucQ2cXf6eadm5CAS/2sKm6lsKIFrr9HelRp06Kl3QD2ozxodRuHkEP6pln33kNLHW3fDiL+U5LPsTcSVA
.usmagazine.com/ Name: __li_idex_cache_e30
Value: {%22unifiedId%22:%22qFqcTUQ3dlRKCiPdg6M7Y-F0uTUu8iMM8vOJ8A%22}
.usmagazine.com/ Name: spotim_visitId
Value: {%22visitId%22:%221626bb97-12a4-49dc-9a98-d8cb7989422f%22%2C%22creationDate%22:%22Wed%20Jun%2028%202023%2017:59:32%20GMT+0000%20(GMT)%22%2C%22duration%22:0}
.usmagazine.com/ Name: __gads
Value: ID=c5cd0ea68bccaf58:T=1687975172:RT=1687975172:S=ALNI_Mbc0ivCzptS-JMWumpa1zyZsI-wZw
.usmagazine.com/ Name: __gpi
Value: UID=00000c7a72cea4db:T=1687975172:RT=1687975172:S=ALNI_Mbk1gw_hCKhjWsqTLD97o4H1vvdsQ
.id5-sync.com/ Name: id5
Value: 862fefaa-144c-76f3-b88e-d7270d159e18#1687975172508#2
.id5-sync.com/ Name: callback
Value:
.media.net/ Name: visitor-id
Value: 3309767730813480000V10
.omnitagjs.com/ Name: ayl_visitor
Value: 4e59a8badc0f0e92fea2abcf6533ab8a
.postrelease.com/ Name: status
Value: 1
.smaato.net/ Name: SCM
Value: 7244e3d5
.smaato.net/ Name: SCMaps
Value: 7244e3d5
.gumgum.com/ Name: vst
Value: u_d17a1305-2dd4-444f-9878-45d8283b404d
.openx.net/ Name: i
Value: 7ff7b57c-0960-092e-3540-1fcd8c012cd9|1687975173
.smartadserver.com/ Name: pid
Value: 6418409603037558770
.lijit.com/ Name: ljt_reader
Value: G5H3cSZHuSINuM55Tu6cBHSs
.openx.net/ Name: pd
Value: v2|1687975173|vMgavPkWgy
.presage.io/ Name: presage-ssp
Value: %7B%22uuid%22%3A%22e1be7724-be0d-4548-bf4d-6522f4b0b0c0%22%7D
.criteo.com/ Name: uid
Value: 607e9990-e2f4-465c-b434-147e953d38a5
.simpli.fi/ Name: suid
Value: 2C656F80C1374931A3DC1E683CAACB1C
www.usmagazine.com/ Name: _lr_geo_location_state
Value: NY
www.usmagazine.com/ Name: _lr_geo_location
Value: US
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwVrIyNLOwNLQwMTc31lGyMEflG5mB%2BRYGhhbGIL6lEaq8pQkyvxYApXkQng%3D%3D
.3lift.com/ Name: tluid
Value: 1548623984395205096461
.yieldmo.com/ Name: yieldmo_id
Value: ge4d6940eec1a82772f4%7C1687975173532%7C0%7C
.yellowblue.io/ Name: wrvUserID
Value: QxsVSDQakp_s
.undertone.com/ Name: UTID
Value: 4bf3045a5c2d48cb9ee775302701c1cc
.undertone.com/ Name: UTID_ENC
Value: 4hvb6axf4rznsspn3pq4j7jkc
.outbrain.com/ Name: obuid
Value: 19a0d554-20f4-458c-b4e0-e386d33592bd
.ipredictive.com/ Name: cu
Value: 265f29b0-d998-4d0c-9f19-b770d7a10271|1687975173634
.technoratimedia.com/ Name: tads_uidp_44
Value: LJG0B7NX-5-ELYL
.technoratimedia.com/ Name: tads_uidp_88
Value: 1225821735218532004279
.technoratimedia.com/ Name: tads_uidp_77
Value: k8w0JM1Q7dWPUnqCnGwTZzbWlfu46JMU4RYLWvzg4Mk
.technoratimedia.com/ Name: tads_uidp_45
Value: AC7EA4CC-1113-442C-8453-199E6BECD7A0
.technoratimedia.com/ Name: tads_uidp_46
Value: 1415572102038657358
.technoratimedia.com/ Name: tads_uidp_79
Value: cb2c5d6d-e576-46e1-8d06-aa0f2dda6c7e
.technoratimedia.com/ Name: tads_uidp_37
Value: e4155313-59cc-3efe-8d95-42f993776000
.technoratimedia.com/ Name: tads_uidp_48
Value: c7bc1d2d-7651-41e2-b98a-20456f992338
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAL3fNiffOvngMwGWJ0AAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: d4f1e0f6-663a-4cc0-aa61-35aa80ec9525
.technoratimedia.com/ Name: tads_uidp_80
Value: y-n0sbT_9E2uHs_IYR73ixZU7vvmqlTppw~A
.technoratimedia.com/ Name: tads_uidp_70
Value: 1674045988147-927883134047-001601-012-002006
.technoratimedia.com/ Name: tads_uidp_82
Value: ZJxb0xBotZW5MS5kBPg3LgAA&075
.technoratimedia.com/ Name: tads_uidp_50
Value: 7d232ec2-f892-470f-b34f-650201a6db82
.technoratimedia.com/ Name: tads_uidp_61
Value: 212196019309958
.technoratimedia.com/ Name: tads_uidp_62
Value: 3309703240813201000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: vRfAW3LDb_c_jAWb63heTjnK-9MOMJ5O
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-9afc17e4-f4fd-4fdb-b0e2-219fcd590b2e-005
.technoratimedia.com/ Name: tads_uid
Value: 2C61E9DF353D4A649FEA6028B8CD8B11
.technoratimedia.com/ Name: tads_uid_cd
Value: 20221201185456+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1684958658642
.dotomi.com/ Name: DotomiTest
Value: 4d4fddcb1c3e21d8
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZJx1BQAAAOrsJgAz
.deepintent.com/ Name: CDIUSER
Value: di_7b2d4bfb26e7466ea3d74
.quantserve.com/ Name: d
Value: EHkBDQGrKbjvsQA
.quantserve.com/ Name: mc
Value: 649c7505-a638d-1b4a8-67d59
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 940c2b41-f2d9-4620-97d9-28b02417b871
.w55c.net/ Name: wfivefivec
Value: jDeRK2Xd1Qezs15
.mfadsrvr.com/ Name: tuuid
Value: 4dfdf087-7a88-42e9-8537-c91bdeaab859
.mfadsrvr.com/ Name: c
Value: 1687975173
.mfadsrvr.com/ Name: tuuid_lu
Value: 1687975173
.360yield.com/ Name: tuuid
Value: eda7d366-b8cc-463a-956a-6b796dc0cb7e
.360yield.com/ Name: tuuid_lu
Value: 1687975173
.sitescout.com/ Name: ssi
Value: 84861c6c-486b-4e4d-83a0-45e39ba27a27#1687975173765
.openx.net/ Name: univ_id
Value: 537072971|8caea125-1332-49dd-b4e8-4c16d2f9f136|1687975173764339
.blismedia.com/ Name: b
Value: 649C750526E92CC1F39FFFAFBLIS
.w55c.net/ Name: matchcasale
Value: 5
.adform.net/ Name: C
Value: 1
match.sharethrough.com/ Name: AWSALBCORS
Value: VvXdeE/RPjiV3tHjMwFKWbZyKkunYul9c0XkIGFUQ15+6eQMLz7nWbzFLyo9TAS1JYJnfT8wkwyM2BkrmE1Af0VdvUvsbo3H24Tu1zdeXOpRzK8iKoQ5JmCoSk8Z
.sharethrough.com/ Name: stx_user_id
Value: 1244ecb3-1fde-4a02-8e06-5183c7ad1028
.advertising.com/ Name: A3
Value: d=AQABBAV1nGQCEANmDRFzZNa2aT6NoGRSX_0FEgEBAQHGnWSmZNxH0iMA_eMAAA&S=AQAAAukkdAcfF7e73RyHBG3d5mA
.33across.com/ Name: 33x_ps
Value: u%3D212196038153722%3As1%3D1687975173900%3Ats%3D1687975173900
.media.net/ Name: data-ris
Value: {{APID}}~~25
.lijit.com/ Name: _ljtrtb_92
Value: 239972947338320392
.krxd.net/ Name: _kuid_
Value: PpIrlgHl
www.usmagazine.com/ Name: aelastsite
Value: L7eGkGnTFhXvk2%2Fa135o3PV3hlP5VRIA8oP9gITVCbHsrjid13wRqjl%2BaGRxnZ83
www.usmagazine.com/ Name: aelreadersettings
Value: %7B%22c_big%22%3A0%2C%22rg%22%3A0%2C%22memph%22%3A0%2C%22contrast_setting%22%3A0%2C%22colorshift_setting%22%3A0%2C%22text_size_setting%22%3A0%2C%22space_setting%22%3A0%2C%22font_setting%22%3A0%2C%22k%22%3A0%2C%22k_disable_default%22%3A0%2C%22hlt%22%3A0%2C%22disable_animations%22%3A0%2C%22display_alt_desc%22%3A0%7D
.creativecdn.com/ Name: u
Value: DrY0oVYN8sevkqz4p13d
.creativecdn.com/ Name: ts
Value: 1687975173
.csync.loopme.me/ Name: viewer_token
Value: 22135efb-d39f-4c12-8b25-96a8360f6a50
.ads.yieldmo.com/ Name: ptran
Value: 239972947338320392
.ads.yieldmo.com/ Name: ptrc
Value: CAESEFSJCU21F4tLYmhUmHEwdQc
.lijit.com/ Name: _ljtrtb_87
Value: 4dfdf087-7a88-42e9-8537-c91bdeaab859
.undertone.com/ Name: UID_EXT_56
Value: y-LLEoLINE2uHcvWSuZg75RZgiclcHyPjZKEewfV8-~A
.undertone.com/ Name: UID_EXT_46
Value: 8caea125-1332-49dd-b4e8-4c16d2f9f136
.undertone.com/ Name: UID_EXT_39
Value: e736ed02-a048-0aba-0513-c8e21f8a3f76
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.demdex.net/ Name: demdex
Value: 78738974830512867113324223811627894363
.adform.net/ Name: uid
Value: 4662830998819244376
.ads.yieldmo.com/ Name: rptr
Value: bsw%3D1173044%7Cadfm%3D1173044%7Cgoogle_supply%3D1173044%7Ciqzone%3D1173044%7Ctapad%3D1689183360000%7Cyahoo_supply%3D1173044%7Cmf%3D1173044%7Cbeeswax%3D1173044%7Cneustar%3D1173044%7Caa%3D1173044%7Cb%3D1173044%7Cc%3D1689183360000%7Ccriteo%3D1173044%7Cloopme%3D1173044%7Ceps%3D1173044%7Cstk%3D1173044%7Cdv360%3D1689183360000%7Ceq%3D1173044%7Can%3D1689183360000%7Cm%3D1173044%7Crc%3D1173044%7Cunl%3D1173044%7Cmnt%3D1173044%7Cliveramp%3D1173044%7Ct%3D1173044%7Cadtrt%3D1173044%7Cbluekai%3D1173044%7Camazon_supply%3D1173044%7Cz%3D1173044%7Cpub%3D1689183360000%7Copenx%3D1173044
wsv3cdn.audioeye.com/ Name: aelastsite
Value: L7eGkGnTFhXvk2%2Fa135o3PV3hlP5VRIA8oP9gITVCbHsrjid13wRqjl%2BaGRxnZ83
wsv3cdn.audioeye.com/ Name: aelreadersettings
Value: %7B%22c_big%22%3A0%2C%22rg%22%3A0%2C%22memph%22%3A0%2C%22contrast_setting%22%3A0%2C%22colorshift_setting%22%3A0%2C%22text_size_setting%22%3A0%2C%22space_setting%22%3A0%2C%22font_setting%22%3A0%2C%22k%22%3A0%2C%22k_disable_default%22%3A0%2C%22hlt%22%3A0%2C%22disable_animations%22%3A0%2C%22display_alt_desc%22%3A0%7D
.undertone.com/ Name: UID_EXT_47
Value: LJG0U0S1-Q-EBQ2
.undertone.com/ Name: UID_EXT_57
Value: ZJx1AqyAB4e5NDZqrk0bIAAABWUAAAAB
.socdm.com/ Name: SOC
Value: ZJx1BsCo5tAAAO21GzwAAAAA
.go.sonobi.com/ Name: __uis
Value: 35dfa2c2-f9f1-430b-9666-f957c6f4bec5
.go.sonobi.com/ Name: HAPLB8S
Value: s86154|ZJx1C
.dpm.demdex.net/ Name: dpm
Value: 78738974830512867113324223811627894363
.undertone.com/ Name: UID_EXT_53
Value: E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
.bidr.io/ Name: bito
Value: AADmZ07JOOoAACE6kkaYJA
.bidr.io/ Name: bitoIsSecure
Value: ok
.pippio.com/ Name: pxrc
Value: CIbq8aQGEgYI36wrEAA=
.lijit.com/ Name: _ljtrtb_26
Value: e5909bf2-71a8-45a7-b91d-17324c9598fd
.lijit.com/ Name: _ljtrtb_83
Value: LJG0U0S1-Q-EBQ2
.ads.yieldmo.com/ Name: ptrt
Value: 8caea125-1332-49dd-b4e8-4c16d2f9f136
.media.net/ Name: data-yl
Value: setstatuscode~~3
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_8aaddd70-15dd-11ee-a3c3-1297b61989fd
.usmagazine.com/ Name: cto_bundle
Value: TSK5o192a285bkttcm9SVFRNbklyV0clMkZFbWh6bk9jVGtmaThndFlvcGFQTXBTak14WW1iZXdUczBvSXclMkJ3OHo3MzRBOTJoeURRRlhWbVBSNWI0RG9GdFNxdDkxMEhQUFVDUlElMkZxJTJCd00zQXVRcU5uMVY3aWNQYWFJenRjQiUyQm9pTkU1ZGxwbjRGSHlsZW1oMEQxVkVURjB5JTJGenclM0QlM0Q
.ads.yieldmo.com/ Name: ptrrc
Value: LJG0U0S1-Q-EBQ2
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13Muw2AMAwAUTEAVeYIsuM_2ySKMhAlJSMwHhUdIMpX3J3TjOoWJmiiHtfHLERbMgVvgb1mG2aZqUluQ2vm0aR3Ji9c1ieCBdwpWPf0nsCxHD_fE99N03oAAAA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-978477416032030645
.ads.yieldmo.com/ Name: ptrstk
Value: TsQVy5XhU41iMArRnN9PSgW16oY
.undertone.com/ Name: UID_EXT_54
Value: 84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553
.ads.yieldmo.com/ Name: ptrpub
Value: E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
.ads.yieldmo.com/ Name: ptrcriteo
Value: 607e9990-e2f4-465c-b434-147e953d38a5
www.usmagazine.com/ Name: _lr_sampling_rate
Value: 100
.ads.yieldmo.com/ Name: ptrb
Value: 77c88898-7a4b-4d09-b363-5fe491a39eef
.ads.yieldmo.com/ Name: ptrmf
Value: 4dfdf087-7a88-42e9-8537-c91bdeaab859
.ads.yieldmo.com/ Name: ptrm
Value: 4b72649c-7502-4200-9732-0e3f626912f4
.ads.yieldmo.com/ Name: ptreq
Value: 6418409603037558770
.ads.yieldmo.com/ Name: ptrmnt
Value: 3309767730813480000V10
.ads.yieldmo.com/ Name: ptropenx
Value: c8501938-32e3-0cf8-32f3-cb4b14cd0aba
.ads.yieldmo.com/ Name: ptriqzone
Value: 375f7fd0-4f51-4599-a9e6-22f5fc28fccd
.ads.yieldmo.com/ Name: ptradfm
Value: 4662830998819244376
.ads.yieldmo.com/ Name: ptrbeeswax
Value: AADmZ07JOOoAACE6kkaYJA
.ads.yieldmo.com/ Name: ptrloopme
Value: 22135efb-d39f-4c12-8b25-96a8360f6a50
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEHsYcRaCGRGABKdBgob6gW8&KRTB&22987-CAESEHsYcRaCGRGABKdBgob6gW8&KRTB&23025-CAESEHsYcRaCGRGABKdBgob6gW8&KRTB&23386-CAESEHsYcRaCGRGABKdBgob6gW8
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:2C656F80C1374931A3DC1E683CAACB1C&KRTB&23489-uid:2C656F80C1374931A3DC1E683CAACB1C
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-8caea125-1332-49dd-b4e8-4c16d2f9f136&KRTB&22918-8caea125-1332-49dd-b4e8-4c16d2f9f136&KRTB&22926-8caea125-1332-49dd-b4e8-4c16d2f9f136&KRTB&23031-8caea125-1332-49dd-b4e8-4c16d2f9f136
.thrtle.com/ Name: mc
Value: eyJpZCI6IjM3NmFiZTNmLWQzYzUtNGRlYy1iMzBiLTYyZTI5OTQ3OTE1NCIsImwiOjE2ODc5NzUxNzYxOTksInQiOjF9
.bounceexchange.com/ Name: bounceClientVisit2988c
Value: %7B%22vid%22%3A1687975176242854%2C%22did%22%3A%221517844348564087723%22%7D
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4313-2!4313-3!4313
.lijit.com/ Name: _ljtrtb_58
Value: E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
.ads.yieldmo.com/ Name: ptrz
Value: GgTZoJOdf55amNPZ-F1y
.ads.yieldmo.com/ Name: ptrunl
Value: RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
www.usmagazine.com/ Name: pbjs_li_nonid
Value: %7B%22unifiedId%22%3A%22qFqcTUQ3dlRKCiPdg6M7Y-F0uTUu8iMM8vOJ8A%22%7D
www.usmagazine.com/ Name: _lr_retry_request
Value: true
www.usmagazine.com/ Name: _lr_env_src_ats
Value: false
.lijit.com/ Name: ljtrtb
Value: eJwdzEEOwiAQheG7sO4kwAAzz11pqYlx0xgPQEu5hPHuErff%2B%2FM%2BJqq5mZJ4ne0CWt02UwAyoVhHMS8bz5JTkmIm49NorwiLo3sSV5VCrEIHXCMn7MOJCO1ttPCj9QyIRxBmZW954GSUx%2FJ83O3bvhztVPL%2BZxkcWm%2FdqpBUHef%2BAmlkoRPuaFeth0aY7w%2BjMioh
.lijit.com/ Name: _ljtrtb_85
Value: AADmZ07JOOoAACE6kkaYJA
ssp.behave.com/ Name: tuuid
Value: 748a2544-5b39-4f7d-9b09-7d1bd4a37602
ssp.behave.com/ Name: c
Value: 1687975177
ssp.behave.com/ Name: tuuid_lu
Value: 1687975177
.pubmatic.com/ Name: SyncRTB3
Value: 1690502400%3A224%7C1689120000%3A99_54_48_204_214_178_55_3_71_231_13_8_249_239_46_250_81_22_21_7_243_238_166_104_5_233_176_56_234_220_165_240_96%7C1688515200%3A2_15_223_38%7C1693094400%3A69%7C1688774400%3A63%7C1689206400%3A35
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220230628%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_7b2d4bfb26e7466ea3d74
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-239972947338320392&KRTB&23339-239972947338320392
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:4b72649c-7502-4200-9732-0e3f626912f4&KRTB&16736-uid:4b72649c-7502-4200-9732-0e3f626912f4&KRTB&23019-uid:4b72649c-7502-4200-9732-0e3f626912f4&KRTB&23114-uid:4b72649c-7502-4200-9732-0e3f626912f4
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjWo8u-7oL8OxAFEhkKCmxpdmVpbnRlbnQSCwiQvdu_7oL8OxAFEhYKB3J1Ymljb24SCwiovbvP7oL8OxAFEhUKBmNhc2FsZRILCJrSk-rugvw7EAUSFwoIcHVibWF0aWMSCwiugZ_17oL8OxAFEhMKBGtydXgSCwjE4MuI74L8OxAFGAEgASgCMgsIxozRuIWD_DsQBTgBWgc4aDl1MTFoYAI.
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-265f29b0-d998-4d0c-9f19-b770d7a10271&KRTB&23011-265f29b0-d998-4d0c-9f19-b770d7a10271&KRTB&23355-265f29b0-d998-4d0c-9f19-b770d7a10271
.pubmatic.com/ Name: KRTBCOOKIE_964
Value: 20918-cuid_8aaddd70-15dd-11ee-a3c3-1297b61989fd&KRTB&23354-cuid_8aaddd70-15dd-11ee-a3c3-1297b61989fd&KRTB&23415-cuid_8aaddd70-15dd-11ee-a3c3-1297b61989fd&KRTB&23422-cuid_8aaddd70-15dd-11ee-a3c3-1297b61989fd
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1687975178!yieldmo,1687975175!sovrn,1687975173
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4Nzk3NTE3ODExNSwiMjciOjE2ODc5NzUxNzM5NzcsIjM5IjoxNjg3OTc1MTczODg3LCI3IjoxNjg3OTc1MTczODg3LCI4MCI6MTY4Nzk3NTE3Mzg4N30
.rlcdn.com/ Name: rlas3
Value: 6BLnzqnTAtNk7sZS5NFUlSdWB8atS26baUb6iXKz1r4=
.rlcdn.com/ Name: pxrc
Value: CIbq8aQGEgUI6AcQABIFCOhHEAASBgi66gEQBBIGCLjrARAB
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553&KRTB&23418-84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553
ssp.behave.com/ Name: um2
Value: !2,e5909bf2-71a8-45a7-b91d-17324c9598fd,457253978
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-e5909bf2-71a8-45a7-b91d-17324c9598fd
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4662830998819244376&KRTB&23263-4662830998819244376&KRTB&23481-4662830998819244376
.a-mx.com/ Name: amuid2
Value: e7e5b395-f284-45fc-a66e-d2fd1994f7da
.adnxs.com/ Name: anj
Value: dTM7k!M4.FEVNsVF']wIg2C%wg5a`N!]tbP6j2F-.o%/6/guKFUZ.=)[gM]%Z8aD%SgN]uQ1u2!HTIT'[h!apB+O$QZ.M/%<ysX(]/ku./X+GY1Qw3Qma`J<
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiZTdlNWIzOTUtZjI4NC00NWZjLWE2NmUtZDJmZDE5OTRmN2RhIiwiZXhwaXJlcyI6IjIwMjMtMDktMjZUMTc6NTk6MzhaIn19LCJiaXJ0aGRheSI6IjIwMjMtMDYtMjhUMTc6NTk6MzhaIn0=
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6ImU3ZTViMzk1LWYyODQtNDVmYy1hNjZlLWQyZmQxOTk0ZjdkYSIsImV4cGlyZXMiOiIyMDIzLTA3LTEyVDE3OjU5OjM4LjI3MzMyNDYzOFoifSwicnViaWNvbiI6eyJ1aWQiOiJMSkcwVTBTMS1RLUVCUTIiLCJleHBpcmVzIjoiMjAyMy0wNy0xMlQxNzo1OTozOC4yNzI2MjQxOThaIn19fQ==
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2ch5:19c8~2ch5:1969~2ch5:18z9~2ch5:195t~2ch5:18z8~2ch5:196y~2ch5"
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.w55c.net/ Name: matchpubmatic
Value: 5
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.360yield.com/ Name: um
Value: !79,K7bJ0QIXaXmmMa13DuRapBW5tyW6YzJsBsGGpopBd4ywxvmWjb8IB6BVJQT1xehA9O-DgCklwr0cqQJV,1695751178
.360yield.com/ Name: umeh
Value: !79,0,1750183178,-1
.bfmio.com/ Name: __187_cid
Value: E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
.bfmio.com/ Name: __io_cid
Value: 1e29d3a399ab8db9f3e6f154107f4c38bfdb7bb4
.imtwjwoasak.com/ Name: trkid
Value: c00bc2d8e3ac7624
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:jDeRK2Xd1Qezs15&KRTB&23421-uid:jDeRK2Xd1Qezs15
.mxptint.net/ Name: mxpim
Value: R33645_104FCD7C0_8F0FC0C0.1.0000000000000000649C750A
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-TsQVy5XhU41iMArRnN9PSgW16oY&KRTB&23334-TsQVy5XhU41iMArRnN9PSgW16oY&KRTB&23417-TsQVy5XhU41iMArRnN9PSgW16oY&KRTB&23426-TsQVy5XhU41iMArRnN9PSgW16oY
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-940c2b41-f2d9-4620-97d9-28b02417b871&KRTB&23340-940c2b41-f2d9-4620-97d9-28b02417b871&KRTB&23498-940c2b41-f2d9-4620-97d9-28b02417b871
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiZTdlNWIzOTUtZjI4NC00NWZjLWE2NmUtZDJmZDE5OTRmN2RhIiwiZXhwaXJlcyI6IjIwMjMtMDctMTJUMTc6NTk6MzguNDEzMjgwNTQ3WiJ9fSwiYmRheSI6IjIwMjMtMDYtMjhUMTc6NTk6MzguNDEzMjY2NTMyWiJ9
.acuityplatform.com/ Name: auid
Value: 794911503444
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBREBlEwWSmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAURAZRMFko90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33645_104FCD7C0_8F0FC0C0&KRTB&23092-R33645_104FCD7C0_8F0FC0C0
.imrworldwide.com/ Name: IMRID
Value: 8c7f4210-15dd-11ee-bbee-c3975f0ff33a
ads.playground.xyz/ Name: connect.sid
Value: s%3AGs1lo9WOMNsxy6Rqf5qmdlpmAKlyGW_C.qNAK5jUgsmTVNADwU1OZ7XxogdQZnicB5Nf1pp%2Boj%2BM
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-794911503444&KRTB&23428-794911503444
.innovid.com/ Name: uuid
Value: 0a98e91e-ef0e-49ca-b7bb-b367efa6f01a-20230628 13:59:37
.ctnsnet.com/ Name: cid_325fcc29d82d4107a692598671af0f3b
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&KRTB&23413-E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E&KRTB&23479-E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
beacon.lynx.cognitivlabs.com/ Name: ss
Value: ygUzwSH%2BEmLuk%2BCKDwtNxXtshcpxWDC1URh%2F8NlZ%2BcBd26Cg2IVsiRAxrrjwhet%2BdyfaMRszMIuS1KMKX415VIsoKfwBjTbnCq3KjZbKeWI%3D
.adsby.bidtheatre.com/ Name: __kuid
Value: 88f634e2-74e7-4900-a02a-59eda86628c9.457189178
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005&KRTB&17107-RX-ca2d807d-ab8f-4f79-8335-9a423816c02a-005
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7412615781708265177P
.owneriq.net/ Name: pmc
Value: 1
.id5-sync.com/ Name: 3pi
Value: 3#1687975173507#474484488#4b72649c-7502-4200-9732-0e3f626912f4|264#1687975178294#1423283236#8caea125-1332-49dd-b4e8-4c16d2f9f136|441#1687975173869#-1917831282#u_d17a1305-2dd4-444f-9878-45d8283b404d|1241#1687975177889#718408070|1242#1687975177326#718408070|155#1687975175329#1235895558#AADmZ07JOOoAACE6kkaYJA|124#1687975178621#-666367059|429#1687975176641#-1734311433#E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 15cf37cc-83b0-52b3-b26c-ed5ad6f09850
.betweendigital.com/ Name: ss
Value: 1
.inmobi.com/ Name: idsp_c
Value: 08b1545e-1485-473b-8a76-8967631d1b03
.rubiconproject.com/ Name: audit
Value: 1|IRZ9wsgSM+hH8f2RBMfJjc7GXbnsVidEkIuXUZVuMpOMaGpsUGBQ3lCd+N/Fnrh6rs55TQxVCc/yUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnQcbv3sppTzGMUaedhqKgp/wbYMgB9nQiJ7lU62NuCEzYPDxny9O7hNPVHjylZIeXMaC6g74J6cojDJFhpe6b/4=
.adgrx.com/ Name: ADGRX_UID
Value: 8cbab7b4-15dd-11ee-a8ee-3b17880e0cb5
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.betweendigital.com/ Name: ut
Value: ZJx1CgAOOKCO9bEv2su0hwruiow9nvzwfkd7bA==
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-8cbab7b4-15dd-11ee-a8ee-3b17880e0cb5&KRTB&23275-8cbab7b4-15dd-11ee-a8ee-3b17880e0cb5
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.smartadserver.com/ Name: csync
Value: 127:AADmZ07JOOoAACE6kkaYJA
.c.appier.net/ Name: _auid
Value: _w2-TtISCO-eZA0eCnWcZA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 15
.pubmatic.com/ Name: pi
Value: 160545:4
.pubmatic.com/ Name: DPSync3
Value: 1689120000%3A259_262_245_258_201_263_261_260_236_255_256_235%7C1688947200%3A257%7C1688515200%3A253_252_248
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-_w2-TtISCO-eZA0eCnWcZA
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1687996780021
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1lf0|7QO.0.1|4is.0.CAESEH7L6j1ycPjAfPvKg05xK_c|2N.0.AAAInviS_9rlTAMR0oBrAAAAAAA|3oy.0.84861c6c-486b-4e4d-83a0-45e39ba27a27-649c7505-5553|7bq.0.1|7dN.0.AADmZ07JOOoAACE6kkaYJA|8i8.0.1
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADmZ07JOOoAACE6kkaYJA
io.narrative.io/ Name: io.narrative.guid.v2
Value: 8d7f25e0-15dd-11ee-9828-02e4221a2b5f
.pubmatic.com/ Name: SPugT
Value: 1687975180
.audrte.com/ Name: arcki2
Value: eeaAZlgWIBIRMiSVq1uNMHCvg!20220908!1687975180118!ip#5.181.234.134
.audrte.com/ Name: arcki2_pubmatic
Value: E63DA0C9-D1FA-499B-9E01-5BCF3A7B667E!20220908!1687975180121
.audrte.com/ Name: arcki2_ddp2
Value: eeaAZlgWIBIRMiSVq1uNMHCvg!20220908!1687975180166
.audrte.com/ Name: arcki2_adform
Value: 4662830998819244376!20220908!1687975180334
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3425623714870498952&KRTB&23150-3425623714870498952
.quantserve.com/ Name: sp
Value: CgwIvOwGEgYIh-rxpAYKCwiJDRIGCI_q8aQG
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-_4YJDP6HAFrk0wZc8dYdXquGUVfkhAcL_Iu-kH9t&KRTB&19420-_4YJDP6HAFrk0wZc8dYdXquGUVfkhAcL_Iu-kH9t&KRTB&22979-_4YJDP6HAFrk0wZc8dYdXquGUVfkhAcL_Iu-kH9t&KRTB&23462-_4YJDP6HAFrk0wZc8dYdXquGUVfkhAcL_Iu-kH9t
.pubmatic.com/ Name: PugT
Value: 1687975182
.ads.yieldmo.com/ Name: ptrbsw
Value: e5909bf2-71a8-45a7-b91d-17324c9598fd
.tribalfusion.com/ Name: ANON_ID
Value: aEnufrRZdySbAIUMnYBxw8M2rfb497ZdfmZaJQEjrTpTe2EvHOUZbgWDneQeuYaWXZc43hZb0LT86w2jiWf9GfB9ZaQwvO2l21DO4OtLvZd8gELO

76 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
javascript error URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Message:
Access to XMLHttpRequest at 'https://aps.zqtk.net/0c43748a-23?url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F' from origin 'https://www.usmagazine.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aps.zqtk.net/0c43748a-23?url=https%3A%2F%2Fwww.usmagazine.com%2Fcelebrity-moms%2Fnews%2Fgwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo%2F
Message:
Failed to load resource: net::ERR_FAILED
rendering warning URL: https://content.jwplatform.com/libraries/zhNYySv2.js(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
javascript warning URL: https://www.usmagazine.com/celebrity-moms/news/gwyneth-paltrows-son-moses-is-chris-martins-twin-in-new-photo/
Message:
The resource https://www.usmagazine.com/wp-content/themes/us-weekly/assets/fonts/fira-sans/FiraSansExtraCondensed-Bold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
security warning URL: https://d17tqr44y57o31.cloudfront.net/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://d17tqr44y57o31.cloudfront.net/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://d17tqr44y57o31.cloudfront.net/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://d17tqr44y57o31.cloudfront.net/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://d17tqr44y57o31.cloudfront.net/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://d17tqr44y57o31.cloudfront.net/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=00759824
Message:
Failed to load resource: the server responded with a status of 503 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://i.liadm.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.ntv.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://wsv3cdn.audioeye.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://877745acab893034cef8127367b52c02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tpc.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://assets.bounceexchange.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.yieldmo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://creative-p.undertone.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://i.liadm.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.ntv.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://wsv3cdn.audioeye.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://877745acab893034cef8127367b52c02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://tpc.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://assets.bounceexchange.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.yieldmo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://creative-p.undertone.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').
other warning (Line 1)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.usmagazine.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'report-sample' 'nonce-eRTYA6lwG4DzHTkR4OYEpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://maps.googleapis.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co
877745acab893034cef8127367b52c02.safeframe.googlesyndication.com
8fby8peddod4qetsz.ay.delivery
9d8u0rnshxrn411z5jbukvbvbefsa1687975178.darnuid.imrworldwide.com
a.ad.gt
a.audrte.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.scorecardresearch.com
ads.sparkflow.net
ads.stickyadstv.com
ads.undertone.com
ads.yieldmo.com
adservice.google.com
ag.innovid.com
ajax.googleapis.com
amazon-tam-match.dotomi.com
americanmedia.blueconic.net
americanmediainc-com.videoplayerhub.com
analytics.audioeye.com
ap.lijit.com
api-2-0.spot.im
api.assertcom.de
api.bounceexchange.com
api.btloader.com
api.permutive.com
api.rlcdn.com
apis.google.com
aps.zqtk.net
as-sec.casalemedia.com
asset.fwpub1.com
assets-jpcust.jwpsrv.com
assets.a-mo.net
assets.bounceexchange.com
ats-wrapper.privacymanager.io
b-code.liadm.com
b.trueanthem.com
b1sync.zemanta.com
bc.usmagazine.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
btloader.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c3.a-mo.net
cdn-magiclinks.trackonomics.net
cdn.adsafeprotected.com
cdn.blueconic.net
cdn.cookielaw.org
cdn.doubleverify.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.permutive.com
cdn.undertone.com
cdnjs.cloudflare.com
ce.lijit.com
check.analytics.rlcdn.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cma.kargo.com
cms.quantserve.com
connect-metrics-collector.s-onetag.com
connect.facebook.net
content.jwplatform.com
context.iris.tv
contextual-analytics.wunderkind.co
contextual.media.net
core.iprom.net
crb.kargo.com
creative-p.undertone.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.media.net
cs.yellowblue.io
csync.loopme.me
cw.addthis.com
d.turn.com
d17tqr44y57o31.cloudfront.net
d3jdulus8lb392.cloudfront.net
dfp-gateway.s-onetag.com
dfp.bouncex.net
direct-events-collector.spot.im
direct.adsrvr.org
dis.criteo.com
dmp.adform.net
dot.dm-io.com
dpm.demdex.net
dsa.moatads.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
entitlements.jwplayer.com
eus.rubiconproject.com
events.bouncex.net
evt.undertone.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geolocation.onetrust.com
get.s-onetag.com
gocm.c.appier.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
i.clean.gg
i.liadm.com
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com
imtwjwoasak.com
insight.adsrvr.org
io.narrative.io
ipac.ctnsnet.com
jadserve.postrelease.com
kinesis.us-east-1.amazonaws.com
krk.kargo.com
krk2.kargo.com
launcher.spot.im
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
lexicon.33across.com
live.rezync.com
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matchadsrvr.yieldmo.com
matching.truffle.bid
micro.rubiconproject.com
ms-cookie-sync.presage.io
mug.criteo.com
mweb.ck.inmobi.com
news.google.com
obo.moatads.com
odr.mookie1.com
onetag-geo.s-onetag.com
onetag-sys.com
ops-cdn.undertone.com
ovp.iris.tv
ow.pubmatic.com
p.ad.gt
p.adsymptotic.com
p.placed.com
p.rfihub.com
p2.fwpixel.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pix.spot.im
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
play.google.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.a-mo.net
publisher-assets.spot.im
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
qmbrjc9n6lrr5ruhopjnqljhxhf4e1687975178.darnuid.imrworldwide.com
recs.engageya.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtr.innovid.com
s-static.innovid.com
s.ad.smaato.net
s.amazon-adsystem.com
s.innovid.com
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
script.crazyegg.com
script.hotjar.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure-gl.imrworldwide.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
signal-segments.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
sli.usmagazine.com
socialcanvas-api.kargo.com
socialcanvas-cdn.kargo.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl.p.jwpcdn.com
sso.ami-admin.com
ssp.behave.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static-cdn.spot.im
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.hotjar.com
static.trueanthem.com
static.yieldmo.com
stats.g.doubleclick.net
storage.cloud.kargo.com
sync-adform.ads.yieldmo.com
sync-amz.ads.yieldmo.com
sync-beeswax.ads.yieldmo.com
sync-eq.ads.yieldmo.com
sync-iqzone.ads.yieldmo.com
sync-openx.ads.yieldmo.com
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
tag.bounceexchange.com
tags.bluekai.com
tags.srv.stackadapt.com
tapestry.tapad.com
telemetries.jeeng.com
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
tps-monitoring-events-ue1.doubleverify.com
tps.doubleverify.com
tr.blismedia.com
trx-hub.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
users.api.jeeng.com
usersync.gumgum.com
usr.undertone.com
va6-bid.adsrvr.org
view.adjust.com
visitor.omnitagjs.com
widget.engageya.com
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.storygize.net
www.usmagazine.com
x.bidswitch.net
x.dlx.addthis.com
xsync.iqzone.com
yieldmo-match.dotomi.com
aps.zqtk.net
c3.a-mo.net
creative-p.undertone.com
gum.criteo.com
play.google.com
104.112.8.161
104.17.24.14
104.18.24.185
104.19.149.54
104.19.158.19
104.21.60.205
104.36.115.111
104.36.115.113
104.76.101.242
107.178.254.65
107.20.114.132
108.138.106.110
108.138.106.37
108.138.106.49
108.138.106.5
108.138.107.138
108.138.128.41
108.138.128.83
108.138.128.91
108.139.29.102
108.139.29.21
108.139.47.92
13.225.214.128
13.225.214.57
13.225.223.78
13.226.34.28
13.226.34.6
13.33.60.71
13.33.60.74
13.35.93.111
13.35.93.117
13.35.93.98
130.211.23.194
134.122.57.34
141.95.33.111
142.234.204.77
142.250.65.198
142.250.72.98
142.250.80.98
142.251.40.170
143.204.146.2
147.28.129.37
15.197.193.217
151.101.193.108
151.101.2.132
151.101.2.49
152.199.5.228
162.19.138.118
162.248.18.32
162.248.18.34
162.248.18.37
162.55.120.196
168.61.164.192
169.197.150.7
172.105.221.240
172.67.154.71
173.231.178.77
174.137.133.32
18.164.116.116
18.164.116.117
18.164.116.55
18.164.116.78
18.164.124.103
18.164.96.18
18.164.96.22
18.164.96.87
18.164.98.157
184.29.143.136
185.151.204.50
185.167.164.37
185.184.8.90
188.42.34.64
192.0.66.2
192.132.33.46
192.35.249.143
192.40.39.223
193.122.128.135
195.244.31.11
195.5.165.20
198.148.27.140
199.127.204.171
199.250.161.129
199.250.162.129
199.38.167.130
20.85.134.6
202.241.208.55
207.198.113.86
209.54.181.15
213.19.162.80
213.239.211.175
216.200.232.249
23.105.12.142
23.105.12.173
23.196.184.208
23.196.185.74
23.197.21.62
23.200.197.46
23.220.11.204
23.222.224.22
23.37.123.209
23.4.226.82
23.42.197.166
23.49.100.28
23.64.106.145
23.77.173.47
23.77.174.20
23.92.190.68
23.92.190.74
2600:141b:e800:138d::3b8f
2600:1f18:1aca:4281:5305:1bb6:7f7a:3bec
2600:1f18:4e9:5a01:989d:4d6a:f0:57ab
2600:1f18:730:b130:6259:cdb:fde4:77dc
2600:1f18:ed:550e:4106:3062:270c:cbbd
2600:9000:202c:9400:e:a5e8:ab40:21
2600:9000:2140:2400:13:6a46:aa00:93a1
2600:9000:21dd:5a00:8:48e:53c0:93a1
2600:9000:21ea:5e00:1d:8c8c:47c0:93a1
2600:9000:2209:1c00:1b:5138:8a40:93a1
2600:9000:2209:3c00:1c:15e:8d80:93a1
2600:9000:2209:ca00:1:a3fa:7cc0:93a1
2600:9000:2209:fa00:1b:f238:9640:93a1
2600:9000:23ca:8000:1e:fdf8:aac0:93a1
2600:9000:23cb:4000:8:8845:1500:93a1
2600:9000:24f1:8c00:15:d134:4e40:93a1
2600:9000:24f1:c800:1b:83f3:bc0:93a1
2600:9000:24f1:f200:18:1fcd:353:c61
2600:9000:2511:c400:1f:2473:9080:93a1
2602:803:c002:200::42
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:39ae
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::681a:832
2606:4700:20::681a:aa4
2606:4700:20::ac43:4887
2606:4700:4400::ac40:97de
2606:4700::6812:19ad
2606:4700::6812:1c26
2606:4700::6812:aa72
2606:4700::6812:fcc
2606:4700::6813:9408
2606:4700:e2::ac40:8104
2606:ae80:1451:20::1720
2607:f8b0:4004:c08::9d
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::200a
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::2004
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::2008
2607:f8b0:4006:821::2006
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::200e
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::626
2a04:4e42:400::714
2a04:4e42:600::626
3.132.38.97
3.132.99.154
3.17.219.121
3.213.224.199
3.215.162.236
3.219.128.143
3.219.198.131
3.227.148.228
3.232.217.213
3.91.171.231
34.102.163.6
34.102.253.54
34.107.254.252
34.111.113.62
34.111.8.32
34.117.228.201
34.120.155.137
34.120.253.250
34.120.32.33
34.149.46.168
34.171.234.26
34.193.67.70
34.194.96.29
34.196.240.12
34.196.5.17
34.200.65.202
34.202.96.43
34.237.133.75
34.95.69.49
34.96.105.8
34.98.72.95
35.169.202.51
35.169.232.116
35.186.193.173
35.190.60.146
35.190.90.30
35.207.10.239
35.207.24.140
35.210.53.219
35.211.171.209
35.211.178.172
35.214.143.153
35.241.9.51
35.244.159.8
35.244.193.51
35.71.139.29
37.157.5.132
38.98.69.175
44.193.243.239
44.198.229.175
44.205.30.65
44.205.39.228
44.207.72.204
44.209.177.129
44.213.0.41
44.230.98.130
44.240.237.7
50.116.194.21
51.222.39.184
52.1.91.70
52.20.224.27
52.20.42.167
52.203.194.180
52.204.149.108
52.212.6.190
52.217.226.41
52.39.14.50
52.46.143.56
52.54.173.81
52.7.22.188
52.73.23.114
52.85.61.12
52.85.61.76
54.145.58.176
54.148.15.162
54.204.174.60
54.205.176.242
54.221.229.84
54.225.108.234
54.230.163.120
54.230.163.20
54.230.163.84
54.235.104.91
54.82.148.84
54.84.209.63
63.251.28.234
64.202.112.159
67.202.105.24
67.220.224.144
68.67.160.186
68.67.179.164
69.166.1.10
69.173.151.100
69.90.254.78
70.42.32.223
74.119.119.139
74.119.119.150
75.2.13.80
8.28.7.105
8.43.72.98
80.77.87.161
002ad71fac0a0db52ae5b8dbc2476f92045a59bda13a71eab12ab2ab87aa4100
006b2fcf89215924c0aae2671657d53aa907ce7edd43273fb06119ea055cddca
013ff0309bc604cb053ae7a442822035657cba92dc9d2fdbaf8e5a4bf467aff0
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0220cd1a0d131e6209a56a046d4bd60de192ab2593f8b4cc8a900aee5bd07231
0231701c76b6f90099e9fd15bfe5d261a37c38767f32a26d42f3688159106450
0360c1b7783d7c950d76f7eb1a7e587821c55902467aaa1f86a67c670f07b63c
037e3d4946aefb90b811ce453185a59d052a735ae54db78bb0a36d82b0be5b6a
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05c7913bcbb5f81dacced8e4c00cc94e85d84c47aa679b9d1a870a1a981cc11d
063bd2aa55cf83a0fd0c74fbc550accc8d60961fb84a45b511db087e380445c2
069f9f9ea9e99d42ca4d76c7c6df5b92ee7cdcf8fc1bc5ac5780acb825c03cb9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
085f5f7344140704c1559879f93f2b800f3e0cc3059cd028f31158973093aafb
09056472c937f1a25d7ea4660cf85a034b824b14934f3ed1f32a200d151be446
0a73b709925eeca3d5480462918de89cc01be9e83318a90c5dabc26a1fe75376
0aa46f54167df659c3e29e3ef1d2235cde8e2a7a8aa6b4331209e990b5446c25
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b03abaa8e91951bd4276a92f07ed693275365d30ba1dea84c6c6fe404593d83
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcaf98172476797ce63041c15e5900d30de3269b0fa3be41676809e016b0f02
0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e
0d27b65c301807fa04a3992694f7cbd7e054c54b72be97910abef13e93bef223
0d53949c121ba2d2dacbaf1e2f4d3ca77558e4fbbb520daa18ae08d9f682a82c
0d593c3f432ac667d5d7cf5f165f143d87ba93d884d79d485cecab30d5923df6
0d6ab310b74443d903ccaf59c33a510a8c16ebf7096a6464b0f7f5a90e501aa4
0e1461d89ddf4ba0510e22dae96a8fc41bab2bae62f0ec5371db03f402f22028
0e74efc84c8fceb64e0a66290ce35d804b5dc34d7f00096ffa0df17692039faa
0ec5c8e17ed703b3f81473e4c6959b0fc7b62964902dd62a0051445d4af71d3a
0f8e35589dbd80c8a43b0ec4e64de655a0f756593959a59f88268c3a7dfe5d12
0fc2ad704c81ba68e7d4f6b0b0d4a5fcaf6218b3f712f1036a2dbdb49a219291
0febfd99e2733b690ecac2dc36c82885f581a6b5c73b65895898ff8548415f5b
104fe1d096865fb450f1d921b99ea70d85d935d9c8a2e88e980de371e03ea9e1
1110905083787586a3290d936973932dffd45594ef1fdcaa44e0748d6aab07a5
111ea971c9137340b54e629d8ec11f8c522353ac3c1b5d2b2b140703fa9ea6ad
1126fad23b3fc56a6aff08b02e296e195cef8eea01c5bcc622a9159fe9ba24c3
11778d69a257fb063b0e8103d4fb76b7cf2bf68cc1db4b3dfff48d0bf52c5c19
14a54249ab180703194bc56085f4a313fddeb7d820f9d3a31bf2f4fa9fa6479b
14c178fc653f5931c574aef28fa4ff9c6ab069638767bc272893c1ea7f33fbc8
1566f325254842a733af10553522ee915603149e3900e87a4a33f7cfd23c5492
1738256e6238da9bd89af13598c4534fbffd2f5f0fbe9f4af072785bdedba4b0
173b7146a0134b10f0d1e4ec8963d500aa248bdb307dc1fee03ac7c2c8273f47
17726c7fbafda78a67cb813599e32b51b29d5088c3045b4c24e5907cb0a762a1
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18b3457531b9f329e7f481b3534e0ee0584a26e9dc2d1e0d77a306fb47fc33fd
18c85373274f1433d91b126e3f727f53cf889ab6805dff580b63bd0fe875de4e
19bbeb1a5751c1459d22cb7efef4981bbcb2d0a9ed2e7029f9cec4dbfe22bd6b
19c12d23332a32b39129ada61fd198b08231c06333ada44bbd0c1ebc62c59ede
19c68177806d520a04ae71ded68085e5eef7f05b209ec4896efafb0f164432d7
19edccc807b256204f4d7208810d9532fa74a80aa853b8af1901304015466e76
1a647efa089c95466f6c76847ea9e6967244fb910a99cec18c65f30f48f171f0
1a754bc24d22c9c3473f032bb45c4fecbb1d9562ee00399e2c9f11a883a3a4ea
1ae5ea925fe441729e78e9a5feb6931da0b5e8ddb4db4c6bb3d7776790d44751
1b1c362751e78dec2bd169ba57978cd6c847dcd7d0c2a4746ab3c66abd00cb02
1b30fbc447d072b5a6cd8839ceac3285a0c54a6bdc3c2cee08b57a5f2ea727e0
1b6c95f4717cae3deed3b0aa3677a77096159081f1a74b33928e803215776455
1c23e0533c3e0622263b19f506a855975a9207865d4b487cccadd6d73e9ef07a
1c7b1d929c45ffb8cc949910e8ff37ca8a2d5107ff1229485ad0717f3b9d579f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d8877709fdc317e8be1aae75f84e1cc5f0f735d7f7ac491bbe808714955444b
1ec30520c0ef1986b4461544a36f86aeb44f815d72e38b9db205e063405e7ac0
1ee7160c3c4c17090073ec7436f22058d54461e105c236af32fb079ccdafa506
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67
22e090a2f77aea11ff438e0a8f620a6e93a6c386291ea9c88b31c35adbc18d1b
243f2bcf2c71d5484856f8734fd03b1d7ffd24f19367a9e23c3b2d614de97be5
24648da43918edfb6a18721b71b0964f06dd0a4f153e8a2f937e69acdaa6ccfa
24b828c3b7fead011ae000e7d15061acef156d3383194e098c2286a1f4de4e6e
255820e1d5022ecb0f8a1c02433bccc07ff01736035c658aa07a08a62222bb4f
25d9268844d50f26bf390855401329d33d1d450a238d67bd37e29685aef3361b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26c558e4ade6f748267832defc2199e478079c29415448f960e40009f80da800
277a5f10cd787e21ddacc4e059e4386ddfa5475c0004165bd296ae43c1bd5b81
280d04e42c8eb6cc9e4568c70bc8beacd6b7ebf866887fc344bb057daf9b749f
2866bf72ce855dbae5e97caa1f0bbb15c84c45dc293d7e9fc8f1c21b99bce98d
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805
29b9c745601e836432712c2e447ad143862737ccd646ecc3eb45da04cad90549
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aa94f22b40ca14999fba3161150f2b059a8fd8ab3043cfc17162232de20a81e
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2b25ee381fa576e7799e5f5246c684cc7fa32364548dd177e6fef33836843a03
2b51df08a930be0b69a56e0035cce31e3c6944747a193c48848d4aad3e620cae
2c3f188460d3e015aaba1ccb040ea3122fbd632da4edab8aed3f57ee098bf87d
2de01c544241b497778c1e6737850266f4b523f8f581407b53f22085468efc46
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0
2ece2d503c3d61167a38f5e60d947217bdc46c690ef0bf8d4982ea9dac9cfa83
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
30e11696aac8e135fb343489b5ec4bfbc2935b9935e9d82268544e5c63bf5b0d
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31ca6c37f239ac961bce1a5b90d1cb3eb85ea9de70a9f2df2d6eedd32cad376b
337573f33a0c9580fe3dde13e786d91978ab1ef9758db8b3316544a27889920a
3417025da64670b20d6c8856cc7e94ba44585c2bebc39e4a244834b3bdab4546
3645a93a5df50ba3e08c4f4b15da3f3ca57522c81bf0567722c6f9cb1196fc98
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36f8a0ae1bec24ed10894c9800a655f9a36398f2c730f03d71e931b328ab7f7a
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37fef8fb487483e1373356fd998351d4bbf33d0884f0559e545442dfe26a5127
389b852b4654329fedd267a6e75124ba9290509ed61fa8c045bd3e722c932db4
3a535cb1bedcf8e7e8d2b018cdc9ed814370392ad3e35df02758a4daf04deae6
3aff91166f4a09caf8a8bdc3135c6350e3d7251ed9dede9e0fa9d23fb9aeaf6a
3b7b89708da0943a17347e8fb3d15a82d489494a81587651e77aaddf68a63ef5
3c8801b75dd6534ac6cca2c73e8a7b286703de56b9f71abc6514f6ea8665351d
3c9ed042539da1837213e7d5c3d9c54da1105b6d9d0b4c5e7f6c8c1a9efd66b7
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7f418414c6536d3f2c55e9531137b7e781494f4f7c4dca477fc90e5d548c02
3e1040f4720feb001da351f1c8aaf1b1b856f35473ebf52090628f93937df6ba
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed737bae1caddcec055628cd5912a913d467fb6c7df474a1c10e39a5956e0b3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4014155aa81a7bb4765e2c7bf877691d928a8556cec568eb95715a024d36ce64
427413e732e0c54025326a0120918878b95082fdb86796d55dfeef64458b70d1
42df4212ac4100a8e98269ca00bef1f148f84a54227d0daadff2297cf3072035
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43c284f12003f53aa676e6ebc29031ae0f735af7148f0e0bcb1f444f2e27c8cd
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444687b837b3662d44695d8fed75ef370c66068fe125d2ac2e5ea46379296abe
44708c9618d425271700dc91923ad9df0267fe71d701969bccfe3c10b41e0746
44f8db9dea006b836013439ae18ad01343ca533e1457074d0b6c38dc69e5ceed
457caf2b94051a7fb43b96ec64ea3eb2d91144e340aa5b11ede41bc28f83522e
4641790cbf5c84b9d6aa65f79f2f4fd3ef897776478d7912e16e31878e7e4d59
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469c3c3ebe581ecb1a3c893d20b642bbc014912693d13cc2bfd54de246e12c1d
46b4be43da924dfcc8f41d7773f795af89e243cb367838ac647f02d505035cbd
47a3ca7fb0b14b6f8cfa3cf2f2a9112c35023e800206d6269c8298994082f78e
47c1172160b0c476e5df3da5f8dd714c163e921060b0aeb0784b47c43330c12b
47cad6e1011328c9c6faf39daff7d8e1073f1c463b13d631d5a7571624b62576
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f5b52e1517a4d123f9d7840a728c3fdc9e5c2cb054eca1422e18bee7d6da8f
49456679f17b7bff93e0ab2e31d2804a118e3e844e1fce270577f9ac97b77ae1
4a6c40b8281ef6fc867e005ab5f0b1d206bfb41a600d7786bd725eb9fadbca79
4aec8693e546b47d120b5584950d764ab93fac54db6dd7d752ae097c369eb53c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4ddf3d67d8c897d55ade9914dc732ad79e863ef84ef6da40d8d1e9b8aee24251
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edb7c5d9b61671413fe28fbc3e549f16be3d7b085396a84f66ee7d639761c2e
4ef677d1010d4d038eee45ecea5ccbc017ebb90e7a8c596cabf15c6f70e55c42
4f1e6db712926b0f3c56117698fa3ad4b226a3cff660b50505b7ee55ae37812b
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50ebc57b37a3cfd74bc4fc249a11f5b6753efae8f957e83f672cbdb638fbc8bc
5172dcf83f6d622751ea688d1ba4b507d54e3eeed9e933ac38f87ada5ecc87fd
51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d
5218536cabf209034f524b9deb4f13e0173162c19a38584f1d63511a8341dda8
52578d44cd462b14c8a83902395278c5647930a8c90745cc3b29fbe2eac1b287
53cba7c582aa45b3c0b2d0bf95ca5f294740e4e87afd6ca0d27340a2ec360b3a
53fd0c406b25a9ff0e61841c01adbe888aaf9a5f11e6c524afa172f98961ed44
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
544049c9050ff589198c8add576f060fe5ad43269d839e160771c0168bec535d
54630bd955d423aef2806db353af4945c5ae4373a67bbf7f3ff6bdc2255132c4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57238354ba955b2867497c6a0dbdf286fe9011d21aae1afef7a654761e63c405
575d0178a366f4bbc25406435d041f8918576dcc5cbbbfa08e8d1085babd4b36
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5bacca7c383955020718295a26c35077dcea7b6566834242f56519f7d6370bb3
5c6b2c9749640668bf959a0ef1884c48885d93c0f76b358aeb11b0c1ed05e296
5ce16c1a2bef3c64af428d82625f65bf0de92d88aa89ee556ab2ce5bfecc04ad
5cee18e62a0abf5e1990b911543b943e1e81bb1d7a1e1f955129e31e9e574078
5d851da1639cfecaf4c3b5ee1daa501f6248d7c27c5478f0b8206bfe11f3e1dd
5dba343fb6b60d15c583612204f9553fb97f076394803bc291bc3c7f5ae9da5a
5dbae88e110bbd340b50ade8ea6a398d0fcb7c4c2ee2baf18f2b1593218ad49d
5ee28cbbd302aa025c467a05450c312f05fd555df40bdec41c970508fb1f6c8c
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60b0ad6ca2fd4539789f7c66fdbb4260833684ec2ade807895504383e7d5fd6d
613fafaa54d7b0fe7a430c1f06e94f7113e68b1d8469ae093d84b5106f7158a5
61a07a268d52ba6e66be18663ef7fa1a2a1f99469b180224a083fbf0e4013f37
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621db7d5171e697c90a37877b2a9b5f17e7a9e8a95837b5239112287232b2d9a
6222899bdb4d3878253335ed2810a4874dfbb4b5fc80f1220ae279aa2a78a598
6302c74c9e389ae0fcef2f8d840ee2a14f2a3e5f14c42908ee1c2c6ea58afbe2
6347b46416bb85c4f2a1d82f1eb64ff8630baad77f4ffbe2d6bcbf92e071006f
64f3090c4c6f4ac8f613e32e5511970729f00f02feac3ced393208abb41d029a
65bd7289333f44e86ed55d46e89ccb65836a301ccafb691c22e2d2f29ff987e5
660d11456ba3a79e0077a0c33ac8bc429958cfe53f1a1184ee424bc13efd1dbe
67acdb5ada744981d4778d502325c930af0942d2768ff0d8d8aeb49db65f18a9
685c873fc702405efc23927dcb56a06fb9256eca77605fd5056f9ebac23392fa
68676052d86e90da1d5bed34e11b56326e546335795bdcb02c02de5b4cfd031c
688af7d9fdbbf90abc9f70f291e674e8e7b9114e2b8464f13400837274b650e5
689d603c415ca4ce9834b9c536b917781d1690b7e96ceadcb638158138f43f98
68c5332746c6fa894b4001de13380d38611f92329eaa44264c96841753acd051
691ec1388be1128efc21fdd836584536c5d4d1fffa668cc259918c45bdb2918e
69914dddff8854c548eb2501afdf40a6077695f886c554af67d7d7332a1f293a
69a7b04c699c611d98331dd2f0293642e76dad048bfda63b509783bf34abea08
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aa663a0c68c9b6ec15910c6ff560010d81729334bc484f933b758e4f2adbb7b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bf02cf0f3f022066a5f59449174dfacc1cb9690ea07a64a1afd8223aa7c3900
6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a
6d14750264738c92b97d424f3133cc14797efac6f5561c38faa60df674d58e55
6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
6ed37e392b16dc80c3fe4470e3e48eb831b86dc84531de828b734190073d8062
6efa153451100e1a6052c7ab4d52f1094cda9423bd4ff15f9467c4588b51ef08
6fa1915a33ca7dc6702e03b751ff528af2b22bb479bfedba4e49f5b60e6242ac
709c6d379bde5564074d8282fab5607363f0919a5a59f39c6bf022dd45e9842e
72388a9d161248dc2c5203368aa7d1ad96b91272abf31ec315a5444f54c8d709
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72b7dee345e2fe530d7f6a884ea33ea4100c1c115d6ce47609ba3bf0673ea1c1
730ffd08e76b713e3f7a7c909456513b7b3ac7db307e7914cc21276bc50f6ccc
73a1ec65e2fb6eb0350bfc44e73a966b511a4bfaca52fd64433b715fabff370e
74fcdcdcea933c002b3bd17356048c6f49defd8968a3429c1e698075054d85ad
76b74859de736a0599038a7b55d2f73ba5dfaeaa31cb1fe54b0b9995ab3c9f13
778be0a20b795b24796a8bc78cad7d23ccbcf35d20d68c761527d57486605aaa
780c7c6515ad27da44fe075ce34d62664980d31778d63dc3fc11d2fbd37a9d9c
79a829f1d45fd93bf0174167e84bd25aca0dd835921bd0e0e007fde039e268e3
79e0c771ccda3e23329adb2ee69244aebd0e5df9a026f5fe5668ffa12c54b29a
7b3e955eba1e3569c3ca24d4330a93a8d5d1f0d4d53aef90b55a82701353ba69
7b65e8b75dd036ce71ec20943f147ec54021438d52cf3e6e7ea7df26b3298f41
7c23d7726d5c3f5b4da35ca3f8a200211510f7c213915069221a31134d1c0a95
7d69ed536b619975823f9e72c794edd4b7f907c2311d87334c1b67f95a24fd2f
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
7fa61d8a9642873e198df942f181d6e575e9144b819582d2541d0079ca984941
8047420d57bc3576f145702270c4bc4d65983fd10a760d11b9b5b824a19502b4
81bbfd4874c23a9d489b68553f49c238a6b9bbbcbcba63a942fa207cd22222c9
826c70bfaad8ef409172685d48a1be622339bbb3d39a4dfbe1603e96449fc730
82b52ba8cd7ed3517f8be5d10de319965b0c52092e29185ef78e9a00d1ea6299
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b8bdb351dd1af975cc436c42a00ba73fbdf3db438de3102af2b105ddd3e231
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
851d7a9a350528d84075702244c7734dfc06fd97d2acbdd4c01a7e0352d65df2
85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4
864ab3bbf464d56cc65e2f337539392b98aad013aa8df5b0b7492c8f55ce9913
865bd623147d5fce5425f5a7f8d318057c9ab696959654aed78e3665e53f0c5c
865d381cb777e21e86b1ce4b79ff514cc127e16e6c17d6cd9300e4fa274b1f7b
87e0632e1c0a0f23950354ebcf0b783cb9accd4ba93a2bb43e4f06c36fc8446a
87e5554d3467cbe23422ada58ad102c91c1810a55a1eae74861fb27bfde7f9e5
8836f7088f21cc8795aab140702293fe50af82c1a3ac87ce4b44db22915f374e
88fa10448da1b2ec9c240dfba469ffd6952235cbf6cd69cab1a07f6b9200687c
89388174f3c0be298a18d3b303aff1e4c6912e35d59fb1509d19fa479cbd75ae
895d3f8487ea027a98bf3e0a3486553bc0e9ad8d5f6010b2a8a7b694c38b43e4
89bd39b2a848d8ef9910066b7c39e9742cc47bd2cf700c273e026c3f60d213d2
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8ac43d8b47d5b7ae40a6525b796995b9562225ac7da179fe59152a22b9272c1e
8c0918c9505f3e9e1a402db8a8fd2134d799af574e639a3965a0a28ded8cc0b0
8c1cd1584ec89eb876809fe513ec84daf9458cb27e71a03d9128965eed58e6fc
8c5c46b0c152e1307711ed9967db330b42c84aededa6e4fe5dc3ac72c486012b
8caff3a73b398a08c4fd959e5119aa9f587405a6efc2887137fd37e9c3033c4f
8d89eb465a5d0e02d640a53fd29b910c7895199cb951824fd3434d3774ae5996
8db8c4f4d67801f964c6cbb00000c3acea658b6e4ba6dd7641136e0f06f9ae98
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e4eb2fbe2428b73be6461073a48b2059abde0936219b8c1b2cc4b7dfbd85d83
8f767c30d8380d42b78c10ddb1fd45e8033ccc7fb6e3c4e62720778e284adaf9
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57
8fcb4c6cbfc6704fac07691104b3e527133f03e4bb3774800b7ef708bcc62b1f
903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e
91b2f9ea18cf42c1dd00bbf02dead146103c5cab5711605305172a4873a9c514
92004eb87a165e75d840e47a209328e8bec1bd2ddd5f2c3c54c06171bd9e9082
924d41695d2b1f0d463255707d1f8e99069df3fe358888c1659294e4d113493f
9269bf5c2f646f0f965d2cdece92a5a569269b942f37998989c82396ade5ee60
929bde64062a8c8f26323edac63c768b6133a3c506194eb112144825b5071986
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888
93fa2f916588b37414e9ff25749b143f9920279ab5f70911d667367193e9076f
949d724e9e3805489733bac2cefb140ad1116a53e1d18f8cd06da3b7101d7b90
94bf4c1ecd3ec3660e2ae5a924d53736f304e22ca504b738dc00bf07bea118a9
94c3631f006e651412da2380a5079c9168aec4a632ff17f03a23f6aa3cd7ee0a
94ef0abc5bb0cdfe39572037b537179b1cefa88b521c907a6247ea6b32327ca9
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905
96281150fc4b153640ffd15f9ce9a133ee631aecb0f955cd67974e72af74ae64
96286b0e2aa5f534f95fd4acaea7b0987b262a91583dbd703fb7f19e48978d23
96c2328ea485e5a0a760a7ba76192e6451b3e89168640551132d90d2630dd45d
9752d82531103027271d019d8b7905e2e1c2ab5c02d34630b1ed79f4d421b5ca
97572527a2980018db263ef655e682cbf275a171ad55a6321a8b4943ad879d51
98680bc84f14ad126a57df4c30e3cf3e6d533423a737b560e06757512b2d9119
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98fc4afa487e00f0ef6b30c2f0c05dc6da57cf9922eec49be07683caef9271f5
994be1d3fd8acb2aec49311bb726723a2f6bd9177eb0e44231c8bb75810609d1
9960ddb8c6047b822f90adf3e6647b8129c04fcd9899ce86c61db6e1485ddc1f
99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52
9a726353c4464385e8cbbbd35b4484e78e5c8075acb54f17630d89c0bf87e271
9b154f757a58c493385b36b163304495730459908cc98df836e3703781d2a197
9bb38f676e251c5e71c34dd290adf6072104c68785dcf1f5907342e2eff9a096
9bbd180159be2093620125e27d413f06e878ffb5cce0f2fe7a48954e12e07e5f
9bc9553815a4e18001313cd8a3ce36b4fc450e3ec2e7e2e3131eb43682645ca2
9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc
9e3ee5e2fe5eefe256b12c86b4816cc46dbf608074e6ca615b05a36b892a67d9
9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2
9fcf46e6d29ccabdd61a69757b32ff1c27e45333f9ce3bdb4e72c02a98899745
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0decad33b1f683155f1484948c86d6f1551e4e625cb4d41684eb4a4f95219f0
a0ed2bd3c17859c63823de720d1dfd9069679644463a910f4af0cfb5f203e45f
a15aab84ddbb3c2aa79395b3aeeff7156c94f0638a9032776ec5b6b139370252
a196b3fb2b82982736e1b040d6221fb1f1e4d563e10d9b46060714f255868f76
a1ca5700d74c4a596c40c475efd37daeb28dba43212a47db9d7bd358e54b9dfb
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a30bc2024b134085ffd2a2d47ecf9ee008e7c17e684bede7a3f997c5615bf84f
a372739722bdde0db757690e1344d1d67601a0b90e6e441c3e718aec89e475e7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a4d6cbf2e2f1fbe42d8225122edecc32f6b16bc97c375dab9a8e55a2611bb737
a6cf3bf775d68a1ca2cf2017fab25029316f54d60457afad1afcc3f38bb98d41
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
a9a40913b22b5452d4a1d2c236a65081eef062b9dda56b71a3808d5d9a01dec2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aab76f91601be10b9800dde0250d96d57e692646a0062a1a27ab93eba59366a7
ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae
ac432d855795a6925931eb74b5b861b4e9d0d5936158ac5b0a4461946e9a32a5
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adcc812e959337ea806767e296146eae68f9abbb9f196cdb732626bb943a1c27
ae00cc89b8dae9aa8400ca5927bbb322782e4517ae4d0731e18cadd52a4e63fe
ae1f2e2fa4f079a9e419c736c99ff0b4f74544ffa06cecafbd175c0ff15da418
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4fc40f0a54c6f57e23a7728605f90be7b8e98524dbf8a349c1163c1c12163d
afa307c7c022d1da11c2e46078362a9bfd56e006ea5bfbd45f55d1d9505bcf17
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b05f66b073b3b9d84d359334025cf3d9a0c0806ac456bcfe66cbdfd777f6e29f
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b12c51067503554e46d674dc5f02dbb2963c4667ee7c21fcf24a6f5339dd9168
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b163f67515339cb3fceb62a38285f108d0dd9eff93f8e0d8f25d2f0620f0a82f
b1c97cef3d44d885cac0847670a70b2f98d9a7784b87c35f2965473f7659e84a
b224aab1e1cdb1510d21b99428db819b5c83e1a743ccde1867d241470f7ab860
b23f7cf7e33c0bdcf4c32d70e7089eb1b37e593cc132e161133e11fae8dbc8ba
b3241b81089f124b449224ccc74ff1a49ebbf368a758b3421179c586e0f65e18
b354912e8c2e827c89a1177c00b44b5ee52701095cd2ac5584770a054e5371a4
b451618dcd287308ec9c1951997a4944e8cc90b881194e71c1c0d290ebc15d5e
b45d59dc67ac9e74bcffaeda49af58c1e9e67972717054e6b656d71322aea8a1
b577857c178a06510ed5a51ef48205d61a43b7107be350535a41b08c8b870e3d
b5ba18317a26209eaf1c79c8a97a603d06f02f747533fbb785a3b330e3c0d1e7
b6228b3122d3d526dee19f27104638cf7f60e75d580699a32eb6453412d40b6c
b62820bd62341ace748acaaa792d187d5c51df0b2b9f72d2bb7852759579a578
b65b256a65688221bccb2462b423ee9d942c94aad931168a59fa9a108a5f707f
b6fbe4acb3f0cca1512924e7e98dc80c49b4288765d6a7b565f961b4de203fac
b71806795f93f6f95a14150373bbd9e2c954bb916d757a383849e1ce7a646c14
b83f2f4d949df8230f25a380119610037902019b097f5e778573140c5b21fa5f
b84d9264aa289d3c89ba9535b1dbafaa81b6c3056a25ab05107080835872091a
b86ac89b026ea4cc0b8149823f738fcc196c93fbbb0562a1ea2d98909948c09d
b8897ad5b0a5171066c8e9edddabee1e3fe5be12608f7a0e67d9326a1bbe4a6e
b9c14d24e9131594413ba0310320164dcca2498dd06902364d42f2471414b73e
ba62a36c2a9634bbe0bc787fb39aef84a6b841e4fdef67aee9793f2c42584cf0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bc99a2830c935ad0293cdb0a168ceacfec29c81a868182575d30829fd45a8478
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
bd1057116f65b1f7f434eb95cbd998439b33f94ec4473ff664acf735264e9b8b
bd3653867b348f5432ff42d6308dfdda9739796b5798b1d9662b371970ec2582
bf3ceba52c194d664480f9b1f8823079746f69ea73f5604d3d48ff0869182643
bfa55833ab25056c2ba2d9dd70ee9f890d388bd8cd0b7daf600b0853ea2d0bab
c1030ff136cfc1a150e9ff996a2d0d4337d204e7a7adf6b5615578f6021ae51e
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c21b599ffc06467fb3e17a742e18929c3978ffc56f9c47967472c55460505fda
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2847dfa98900ef64c88669c2086ee40dd77574a2e1aaec81d729f9d4a10dc27
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3cfed6b2c524f2008653df00fa67fe38219166b97319c613bd9d296db3dc069
c4ec86804856af54d054588f1e52a5f5603d3087a19bb94be2fe6551c583c036
c59c2bcc3a5f7104572b9597f7349f56aee5d793e48c0a7d3193bcdbe988c0af
c5a2e1f1e87470e3dea4195dc62f917508e53204b6b7ccb7c220bed6971b8f46
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c69b28ef543c2f1158d214173763496dfcb493064c6c287d798961768a5ad9d9
c6bb6a7baabcc18c50b13e2acc3519cc781fdb3aacd85225f75e6c15f399d5df
c811955784aedcb4791d009cba69611364fd270231d2360e37b550ef43f52d3d
c85d2b35d842845882e0f7cedc77535f8df6d37d737edf45e2e31e049f49d1f5
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca424c4dfba0851c239d35903fc823afa34542f416b2412c590922080d6afd6b
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb61c16f39c2271f3045eadea699f7a9f00ac5116cf08c6c747c5167f3a93df7
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cbfbae54c8fdaf47f960493bbceff2a5ada3cb296136a84c18eedee75ca3bfb7
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc3a04265e756e8effbdd818d02360463b07ff4bfe108bb419b201a559884a47
cc8a1a9bbb7f8f2975412a9a7893690331e4a5bd31bdd27d6d17f24e1b46dcb7
cce8bcdf2baf0885efae0f8c21a08a138a6b9d7b3441e62f67f66814f5da0e99
cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c
ce5a952adef5b56217d82720907c3c7f5d68986dfdefb23e17bfa9d5478dbf5a
cec2c1b07ec561c19dbb290120711abfcfffc93359080ab3760af6119a364bad
cedbf93a9585406bd12b8d2851e9a1072660efceba56b33b249aa87d3c6ddaa2
cf23d5f7db7f995612da2550efd9c80a1c55002e64dfa20fd08949940e36cfb7
cf2eff41089d5779f925b153733876ca1b5effc43e0325b5f8cd2f14e84c647d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf70d5b737e1219484a146a0bf0d604ac582ca55e0c76716c671458573e0b579
cf933a19179b4733c5ec68640d966cae7d022c97cd4fcd3929f9e1d9556f66d1
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d086075e90e6b2ee708c049b87ff8474fdb1f76048d83c01ae9330b896207d8d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1286084ed46f676058ccee3d71a507c761a3ad86ecc6d6b3a46b764ad286378
d1328f9689391077bcb56ba764a9be242430668e6cec738f37bd1bc0faa69042
d158422c123eaa0f1cebb99fbaec1548945ef4a690e8bed8bbc366994a1e42e8
d258002e6bf5b80e2bd8165e91081fb8fb9a8d28324fb85bb60ec9615901e65d
d29d75982a379f63eac10bc234e3082f70e6e9492511f64e41474ada6d0e945c
d2aa84f8b1b05b81a084b42fc4c556ffa223188d91ace4ed917a527da3dd4419
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d3e0798256b7ceb7ccc52c03d90a16989050d6bfde7b5ebeec4b904effa84f40
d41ebc67d9b80d5262ff504fb6e8571e616a092ab4679986de2d587f2abf867a
d43bc12297964e6b137a49a7869a15413adff28a9823e2bbc97315395fd5c442
d4cb18dee05b3d666b0540dac9c843237caedfa822142b45a394a01af6cddc00
d5cdc0a3c87cf269b335d01e9e933aa041b057496437fac1dba0f8daff5f3b59
d6198e8ebc377e2699e4141c15ebb211570c6b9bb4c2d77ab49863bcb2ef22c4
d6ad681aac60b5d8492de226879c9db4fe7c21e2d69b7a2b97f7f0ab3edaf41a
d7180dad9ce60cfa324daec6872ed121b9f4e5e349d54ba425cb6ebf0cf42c3b
d79401585d50c8e625f6abd3c443cdd31f1ec73cc7f7f570d3330dc706f433f7
d81d5ecf82bbddaf161bb5da75f5ccdefaedb8d25847a33273b4b694fea5637c
d9287248af5bfe7de884669240ab3d91d4bc8b1e1d02b78383cd71af794454de
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da2ebf9d6f73baff6598530178f2f356e186e15350b359585453f8810370b6e7
da6b3c52646fe58adbdecc50f4d660f7bb67bfafbd90d1957ae43d97ea563066
dab917590e66ca48190f9cd4ed106eeef65bd0f15e1a341d0fcf2385023a0666
db3843f38366de14225bd979b7224452059a493ec89ffccaade3696bad5b6128
db97878c9d5186a87446a9d4af4a6ce4060d34214ea3fac3848bc5c7337067bf
dbae90311d9ffbdf7c45ab8a8ffdab26972a5b1b92871ac3ac6d400f60223ec9
dc071163381b41ae55f8543563c0bea216dc747d128612418032ea520d6ebf9e
dceaed91172e8181a7f412471822e86318f178a391170cb81f07824c2c1bf0b9
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
ddd28e191ace405d3cae111673a51847eef728fea583cfc468c58aad894b52a5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de62a8f0353d9cc0e19e21b644243bc8e880ab5303c3ef2157d5972b962ec69d
ded3a84cedbddde48580c51e30f3a2552256c3e0aae5355d7cb44d9082c79a77
df4af4b635031596881f58d6489335855fa61bcce6660e8748d276257c4e6f70
e152d1c4cd44c5acae66aee40da3d96d762a545172cdb379e0f380cec0b08c27
e1cde2a489ae53f665118ce7aa129f83163b30de1fbf811cbee82e77a4476b55
e1d64dcce03bbb7c2bd033767a73cd36fd3d14f2f9f1424e1a184f37038938b0
e26f0dbe004da23e616e8ff2fcd6eef634afab53b9422ab116de2279544ec5af
e30363ff547d3bb40b8ffc444ceaf283e93661db23188bfb24d37f5ac3ab4aa9
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e439c393873181f818b7029f93d96afd4c6c164fcbfd31dcd12eb394af02808f
e46fea233c2bbfe9a17822f512d780ed8d09fc6d2a437e9ecd72019a1f3e2399
e54612891b354f884821d0f709479dddf2dbe1aa3ae29293eed8b11643f8f50e
e575ab6b2773545da04f52ac701c0c01691eb65ba26bf786a1afc414949d8e62
e5e3bf95b7dcb24cbb720c69f32bbc281240d57ae58d2f73852985584b07805c
e7597ab26dcbccfaf721ac9e3a63e96a09bc701486613b630acd7fe6889fa6b7
e76f935bc0cfc946882a095a883e099edcba3deb470173601657a2a5c502e55c
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21
e91b29f8e4d71bc85905c4155674fae8eb8e2f204062eeb86aba6c2e9b7dede0
e92c705f444d62f823dc852694d8faabc0afc96f642a90ff7e0c775d29689e8e
e96c585b9021ed98e1a58f73d547f0073023729eea14a56f611a1c2514caf879
ea476eb18681075efde6190dbe533f6a0d94e40d620b14c73b12f4253fd668bb
eadba0b8512a2f1fbced9923bfa21eb9753b2589afbfc042fa4b6851699f1a8c
eb4caddc8b42320a2e8725ea0edf2efc59a0226a5a278960c58be45bcd1fbf6a
eb7f14a7b52946a5c3c6727afaf19560b30fda3dc5eef39dc61b874c646e0272
ebb23a2689172bbf4ad8fd028b57bdcdeb5ad3e2a7c722e70dd3b0c4e9fd74c4
ebbdf01fe4620dcaf3b326d54800c5a98bfab1bf53a49a67562125d054a52765
ebe5c202d500de367e475b82eee58a41fb92cfc4ae9c0d0f793e0d354081dc00
ecffe388d0956d3936af2501056981473c5bc56906a8383a709e9a53dc6f0065
ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513
ede6f0c703d46c0990980b4ca9e54a12d5cfac28193e68391d0a62b0426ee80b
edf7188dfc47f1d392c7e05caacafe3556e79c8f284537016f88477486550527
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2a03d12d2daf393c80c447a30dc0bdd21f22831ad39e71dfadcd3be29c28b3
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404
f246d5ce051b7a2470b2532d7b516258ddaff25a72647209bd78b23b8cb02fd6
f25b68cae995caaaaea17d890f255f8863419c6126a53322bb4469053acfc4c8
f2cc293e73bec173ebab43239536826bd04c1d1e38f29522e62db5b223ecff6b
f3dd332fb0de094c0c8bf831950b337ff0c87487f477235d64df71a2e87710a2
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f5052630a5db0970c0b38d57eb4fa05b24cfbfb605ffb699848c29e7703a640b
f529c3ecc2467d3a337c410fee3c18ff003e9031c36077c789bbccfa749170ac
f55a1a15b84cce1e042d6c7bba8b8a33211fd84841d84d52c417a72264e37e91
f6eb34b3d90455b0bde933e6ab0921a63eb59fab1321b2175f8353d07d0fb9e9
f90c4f6b8ca2fca86a58c3c34b24002144a803f6aa0c058d35d4150afc5dd549
f94baedbd7fdb13d99a0e70b929c77ddcbcb9f8374d874f35c8ac71ce9673386
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f
fbfeabaa21774ceecd9734083d566d5bc7689989ab56a2bdbdeb5a1f8ab8ca3f
fdcdd31e20a40aaa485d085c34aaa0dff1ef13690e25cd6376d00d00a5bc38e7
fe8f23b9025f3de6a85f12880254b9087c4340a92e458d0f6eb257fbd7d3f4ea
feb6f791e087fb2511ce562a5527eb43d74bfffc2e2d838f9c00d858498230f5
ff15d124a482f31808ac3489eda78ddcf916e4c2c13528bc0cebee1b73480d60
ff5299bac8d99b98915f626ae498fb6c2fdf8be5441637e614c3b9426a18a7bb
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba