Submitted URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svG...
Effective URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_h...
Submission: On October 14 via api from US — Scanned from US

Summary

This website contacted 164 IPs in 11 countries across 155 domains to perform 771 HTTP transactions. The main IP is 2a04:4e42:200::773, located in United States and belongs to FASTLY, US. The main domain is www.cnn.com. The Cisco Umbrella rank of the primary domain is 5523.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q1 on February 11th 2022. Valid for: a year.
This is the only time www.cnn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
10 2a04:4e42:200... 54113 (FASTLY)
1 2600:1400:d:4... 20940 (AKAMAI-ASN1)
1 13.225.214.12 16509 (AMAZON-02)
70 2600:1400:d:4... 20940 (AKAMAI-ASN1)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.73.233.196 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 143.204.150.76 16509 (AMAZON-02)
3 2600:1901:0:6... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.1.188.23 14618 (AMAZON-AES)
19 2600:9000:251... 16509 (AMAZON-02)
6 151.101.194.133 54113 (FASTLY)
1 2600:9000:251... 16509 (AMAZON-02)
3 6 63.251.28.233 26558 (FREEWHEEL)
1 2600:1f18:659... 14618 (AMAZON-AES)
1 23.73.227.191 16625 (AKAMAI-AS)
14 2a04:4e42:400... 54113 (FASTLY)
1 3 192.35.249.127 11742 (SPOTX-IAD)
8 10 68.67.160.75 29990 (ASN-APPNEX)
3 54.80.141.180 14618 (AMAZON-AES)
1 2 2600:1f18:659... 14618 (AMAZON-AES)
9 14 69.173.151.100 26667 (RUBICONPR...)
2 3 2600:1f18:612... 14618 (AMAZON-AES)
1 5 34.111.234.236 396982 (GOOGLE-CL...)
1 2 18.190.165.21 16509 (AMAZON-02)
3 2600:1400:d::... 20940 (AKAMAI-ASN1)
1 7 108.139.47.33 16509 (AMAZON-02)
17 107.22.218.231 14618 (AMAZON-AES)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.251.40.134 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
1 3.81.223.235 14618 (AMAZON-AES)
1 34.120.155.137 396982 (GOOGLE-CL...)
9 10 52.223.40.198 16509 (AMAZON-02)
2 3.224.75.67 14618 (AMAZON-AES)
1 2600:9000:24f... 16509 (AMAZON-02)
1 34.120.253.250 396982 (GOOGLE-CL...)
2 2a04:4e42:600... 54113 (FASTLY)
3 104.18.252.222 13335 (CLOUDFLAR...)
16 23.52.162.190 16625 (AKAMAI-AS)
21 2606:4700::68... 13335 (CLOUDFLAR...)
3 54.221.50.150 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.66.133 54113 (FASTLY)
1 130.211.23.194 15169 (GOOGLE)
3 17 104.18.19.126 13335 (CLOUDFLAR...)
2 63.140.38.117 14618 (AMAZON-AES)
10 23.52.164.28 16625 (AKAMAI-AS)
9 34.98.72.95 396982 (GOOGLE-CL...)
2 54.210.69.97 14618 (AMAZON-AES)
1 54.173.22.171 14618 (AMAZON-AES)
1 2600:9000:23c... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
13 52.3.27.31 14618 (AMAZON-AES)
3 74.119.119.129 19750 (AS-CRITEO)
3 35.211.165.199 19527 (GOOGLE-2)
3 2602:803:c002... 26667 (RUBICONPR...)
4 108.138.124.226 16509 (AMAZON-02)
3 146.75.38.132 54113 (FASTLY)
2 2600:1400:d::... 20940 (AKAMAI-ASN1)
2 21 52.46.151.131 16509 (AMAZON-02)
25 64.202.112.159 22075 (AS-OUTBRAIN)
4 76.223.14.12 16509 (AMAZON-02)
6 52.54.188.160 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 75.2.41.202 16509 (AMAZON-02)
5 5 54.80.61.218 14618 (AMAZON-AES)
14 18 142.250.80.2 15169 (GOOGLE)
1 3 184.50.205.90 16625 (AKAMAI-AS)
4 6 35.190.60.146 15169 (GOOGLE)
2 5 108.138.106.100 16509 (AMAZON-02)
2 2 199.38.167.131 54312 (ROCKETFUEL)
2 104.244.42.131 13414 (TWITTER)
1 52.23.59.39 14618 (AMAZON-AES)
3 6 3.224.10.93 14618 (AMAZON-AES)
5 5 2620:116:800b... 27281 (QUANTCAST)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 1 107.178.254.65 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
4 4 64.202.112.127 23352 (SERVERCEN...)
1 52.69.167.60 16509 (AMAZON-02)
2 2 35.207.24.140 15169 (GOOGLE)
18 19 35.211.178.172 15169 (GOOGLE)
2 2 54.156.230.254 14618 (AMAZON-AES)
2 74.119.119.150 19750 (AS-CRITEO)
1 2 35.211.168.6 19527 (GOOGLE-2)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 2 52.3.138.212 14618 (AMAZON-AES)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 3 34.229.3.43 14618 (AMAZON-AES)
3 3 162.248.18.11 62713 (AS-PUBMATIC)
3 31 8.28.7.83 62713 (AS-PUBMATIC)
1 6 8.28.7.84 62713 (AS-PUBMATIC)
3 4 35.244.159.8 15169 (GOOGLE)
8 9 3.218.90.66 14618 (AMAZON-AES)
2 2 44.209.207.157 14618 (AMAZON-AES)
2 2 34.196.133.247 14618 (AMAZON-AES)
2 2 2600:9000:220... 16509 (AMAZON-02)
1 1 199.187.193.197 47043 (SMARTADSE...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 129.159.70.95 31898 (ORACLE-BM...)
4 4 207.198.113.88 13768 (COGECO-PEER1)
2 7 198.148.27.140 19189 (PULSEPOINT)
1 1 35.208.249.213 19527 (GOOGLE-2)
3 142.251.32.98 15169 (GOOGLE)
3 15 52.71.183.251 14618 (AMAZON-AES)
32 2607:f8b0:400... 15169 (GOOGLE)
11 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
5 23.52.161.180 16625 (AKAMAI-AS)
1 100.24.185.7 14618 (AMAZON-AES)
4 23.192.7.104 16625 (AKAMAI-AS)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 2 162.19.138.82 16276 (OVH)
2 3 35.71.139.29 16509 (AMAZON-02)
2 75.2.29.249 16509 (AMAZON-02)
22 34.111.8.32 396982 (GOOGLE-CL...)
6 2600:1400:d:5... 20940 (AKAMAI-ASN1)
4 52.73.149.117 14618 (AMAZON-AES)
3 3 52.5.242.57 14618 (AMAZON-AES)
2 2 35.210.53.219 19527 (GOOGLE-2)
1 29 192.40.39.223 27381 (CASALE-MEDIA)
6 6 2606:ae80:145... 26762 (CNVR-US-EAST)
7 7 54.237.142.200 14618 (AMAZON-AES)
1 1 13.33.60.10 16509 (AMAZON-02)
1 2 44.193.231.250 14618 (AMAZON-AES)
3 23.217.155.4 16625 (AKAMAI-AS)
3 54.196.132.16 14618 (AMAZON-AES)
3 44.196.51.150 14618 (AMAZON-AES)
3 3 2600:9000:214... 16509 (AMAZON-02)
3 3.5.2.181 14618 (AMAZON-AES)
3 104.36.115.113 62713 (AS-PUBMATIC)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 104.244.42.5 13414 (TWITTER)
2 2600:9000:251... 16509 (AMAZON-02)
4 4 68.67.160.76 29990 (ASN-APPNEX)
9 2600:1400:900... 20940 (AKAMAI-ASN1)
2 3 35.207.10.239 15169 (GOOGLE)
3 3 35.211.233.246 19527 (GOOGLE-2)
1 6 2600:1f18:4e9... 14618 (AMAZON-AES)
1 54.239.38.253 16509 (AMAZON-02)
3 2600:1400:900... 20940 (AKAMAI-ASN1)
8 104.18.13.76 13335 (CLOUDFLAR...)
18 23.36.90.250 16625 (AKAMAI-AS)
34 2600:1f13:800... 16509 (AMAZON-02)
3 4 185.167.164.49 198622 (ADFORM)
4 4 151.101.194.49 54113 (FASTLY)
3 3 216.200.232.253 30419 (MEDIAMATH...)
4 5 34.150.170.96 396982 (GOOGLE-CL...)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
5 3.228.209.13 14618 (AMAZON-AES)
1 54.198.142.223 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
4 52.86.14.246 14618 (AMAZON-AES)
7 7 199.127.204.171 26120 (RHYTHMONE)
1 185.86.139.96 201081 (SMARTADSE...)
2 4 38.91.45.7 398989 (DEEPINTENT)
2 3 54.205.5.141 14618 (AMAZON-AES)
3 4 107.178.246.49 15169 (GOOGLE)
3 3 173.231.178.115 32475 (SINGLEHOP...)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.192.159.16 14618 (AMAZON-AES)
2 34.236.83.94 14618 (AMAZON-AES)
2 104.36.115.111 62713 (AS-PUBMATIC)
2 198.148.27.134 19189 (PULSEPOINT)
1 23.83.76.97 395954 (LEASEWEB-...)
1 199.127.204.163 26120 (RHYTHMONE)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 199.187.193.193 47043 (SMARTADSE...)
3 3 34.199.181.183 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
3 4 23.219.95.182 16625 (AKAMAI-AS)
1 5.161.47.120 213230 (HETZNER-C...)
1 1 139.162.78.222 63949 (LINODE-AP...)
1 3 2a04:4e42:600... 54113 (FASTLY)
1 151.101.1.44 54113 (FASTLY)
1 195.5.165.20 44968 (IPROM-AS)
4 4 141.94.171.214 16276 (OVH)
2 2 35.201.96.126 15169 (GOOGLE)
1 162.248.18.10 62713 (AS-PUBMATIC)
1 2 50.57.31.206 19994 (RACKSPACE)
1 1 54.237.249.69 14618 (AMAZON-AES)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
1 1 52.72.225.237 14618 (AMAZON-AES)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
2 2001:4de0:ac1... 20446 (STACKPATH...)
3 18.207.52.81 14618 (AMAZON-AES)
1 23.22.76.72 14618 (AMAZON-AES)
1 35.190.113.31 15169 (GOOGLE)
1 23.52.164.7 16625 (AKAMAI-AS)
1 44.196.124.93 14618 (AMAZON-AES)
1 8.2.111.121 46636 (NATCOWEB)
1 2 2606:4700:1::... 13335 (CLOUDFLAR...)
1 23.52.167.93 16625 (AKAMAI-AS)
1 1 34.224.196.35 14618 (AMAZON-AES)
1 1 3.12.170.58 16509 (AMAZON-02)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 1 74.222.140.101 35908 (VPLSNET)
1 2 50.16.120.253 14618 (AMAZON-AES)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 52.45.77.219 14618 (AMAZON-AES)
771 164
Apex Domain
Subdomains
Transfer
85 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 594
pixel.adsafeprotected.com — Cisco Umbrella Rank: 620
fw.adsafeprotected.com — Cisco Umbrella Rank: 794
dt.adsafeprotected.com — Cisco Umbrella Rank: 546
701 KB
84 cnn.com
www.cnn.com — Cisco Umbrella Rank: 5523
lightning.cnn.com — Cisco Umbrella Rank: 6775
dynaimage.cdn.cnn.com — Cisco Umbrella Rank: 7866
verticals-static.cnn.com — Cisco Umbrella Rank: 40908
www.i.cdn.cnn.com — Cisco Umbrella Rank: 6867
umto.cnn.com — Cisco Umbrella Rank: 10128
z.cdp-dev.cnn.com — Cisco Umbrella Rank: 9442
cdn.cnn.com — Cisco Umbrella Rank: 5726
smetrics.cnn.com — Cisco Umbrella Rank: 6545
collector.cdp.cnn.com — Cisco Umbrella Rank: 5129
2 MB
51 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 590
image2.pubmatic.com — Cisco Umbrella Rank: 894
image4.pubmatic.com — Cisco Umbrella Rank: 875
ads.pubmatic.com — Cisco Umbrella Rank: 495
image6.pubmatic.com — Cisco Umbrella Rank: 671
simage2.pubmatic.com — Cisco Umbrella Rank: 706
simage4.pubmatic.com — Cisco Umbrella Rank: 1221
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
aud.pubmatic.com — Cisco Umbrella Rank: 4698
117 KB
46 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1407
htlb.casalemedia.com — Cisco Umbrella Rank: 519
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
dsum.casalemedia.com — Cisco Umbrella Rank: 1311
r.casalemedia.com — Cisco Umbrella Rank: 1351
35 KB
44 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1136
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2978
odb.outbrain.com — Cisco Umbrella Rank: 1488
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5924
sync.outbrain.com — Cisco Umbrella Rank: 832
libs.outbrain.com — Cisco Umbrella Rank: 2924
216 KB
33 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 185
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
228 KB
32 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
325 KB
29 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
65 KB
26 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1662
consumer.krxd.net — Cisco Umbrella Rank: 2206
beacon.krxd.net — Cisco Umbrella Rank: 528
usermatch.krxd.net — Cisco Umbrella Rank: 1251
194 KB
22 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1004
x.bidswitch.net — Cisco Umbrella Rank: 303
9 KB
21 googlesyndication.com
12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
233 KB
21 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
120 KB
21 rubiconproject.com
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 852
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
token.rubiconproject.com — Cisco Umbrella Rank: 682
eus.rubiconproject.com — Cisco Umbrella Rank: 596
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
31 KB
18 evidon.com
c.evidon.com — Cisco Umbrella Rank: 1164
49 KB
18 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2054
dfp.bouncex.net — Cisco Umbrella Rank: 4910
1 KB
17 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 895
7 KB
17 cnn.io
graphql.verticals.api.cnn.io — Cisco Umbrella Rank: 92843
zion.api.cnn.io — Cisco Umbrella Rank: 17283
registry.api.cnn.io — Cisco Umbrella Rank: 6863
fave.api.cnn.io — Cisco Umbrella Rank: 9731
2 MB
16 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1889
track1.aniview.com — Cisco Umbrella Rank: 1880
observe.aniview.com — Cisco Umbrella Rank: 2878
sync.aniview.com — Cisco Umbrella Rank: 2335
246 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com — Cisco Umbrella Rank: 438
13 KB
13 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 2683
assets.bounceexchange.com — Cisco Umbrella Rank: 2240
cnn.bounceexchange.com — Cisco Umbrella Rank: 7570
414 KB
12 typekit.net
use.typekit.net — Cisco Umbrella Rank: 473
p.typekit.net — Cisco Umbrella Rank: 601
120 KB
10 warnermediacdn.com
wmff.warnermediacdn.com — Cisco Umbrella Rank: 6142
lightning.warnermediacdn.com — Cisco Umbrella Rank: 6077
19 KB
10 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4089
images.outbrainimg.com — Cisco Umbrella Rank: 2207
402 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
5 KB
9 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 538
bid.contextweb.com — Cisco Umbrella Rank: 2621
9 KB
8 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
cdn.indexww.com — Cisco Umbrella Rank: 1375
7 KB
8 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 702
cdn.stickyadstv.com — Cisco Umbrella Rank: 5426
146 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 413
161 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 508
3 KB
7 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 474
d.agkn.com — Cisco Umbrella Rank: 651
4 KB
7 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 825
idsync.rlcdn.com — Cisco Umbrella Rank: 344
id.rlcdn.com — Cisco Umbrella Rank: 584
2 KB
7 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
4 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
tag.1rx.io — Cisco Umbrella Rank: 1362
4 KB
6 betrad.com
c.betrad.com — Cisco Umbrella Rank: 1531
l.betrad.com — Cisco Umbrella Rank: 1354
6 KB
6 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2662
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3185
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 5949
2 KB
6 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 756
2 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 841
2 KB
5 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5478
ads.yieldmo.com — Cisco Umbrella Rank: 660
3 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 863
www3.smartadserver.com — Cisco Umbrella Rank: 6311
prg.smartadserver.com — Cisco Umbrella Rank: 1396
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 640
2 KB
5 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 516
cms.quantserve.com — Cisco Umbrella Rank: 729
2 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
dis.criteo.com — Cisco Umbrella Rank: 679
9 KB
5 ml314.com
cdn.ml314.com — Cisco Umbrella Rank: 8091
ml314.com — Cisco Umbrella Rank: 1665
19 KB
5 turner.com
i.cdn.turner.com — Cisco Umbrella Rank: 15805
s.cdn.turner.com — Cisco Umbrella Rank: 6887
turnip.cdn.turner.com — Cisco Umbrella Rank: 7955
371 KB
5 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 714
cdn3.optimizely.com — Cisco Umbrella Rank: 4195
a125375509.cdn.optimizely.com — Cisco Umbrella Rank: 7335
logx.optimizely.com — Cisco Umbrella Rank: 1224
136 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3372
2 KB
4 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 697
match.taboola.com — Cisco Umbrella Rank: 2790
906 B
4 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1063
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 456
771 B
4 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 891
1 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 627
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
186 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
3 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 664
us-u.openx.net — Cisco Umbrella Rank: 409
825 B
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
3 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 578 Failed
966 B
4 wmcdp.io
psm.wmcdp.io — Cisco Umbrella Rank: 9626
receive.wmcdp.io — Cisco Umbrella Rank: 6222
434 B
4 tremorhub.com
eq97f.publishers.tremorhub.com — Cisco Umbrella Rank: 11508
q017o-jh7o1.ads.tremorhub.com — Cisco Umbrella Rank: 4312
partners.tremorhub.com — Cisco Umbrella Rank: 1115
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 765
2 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1435
2 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1462
1 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
2 KB
3 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2293
1 KB
3 behave.com
ssp.behave.com — Cisco Umbrella Rank: 3015
1 KB
3 amazonaws.com
imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com — Cisco Umbrella Rank: 4679
1 KB
3 imtwjwoasak.com
imtwjwoasak.com — Cisco Umbrella Rank: 3635
1 KB
3 samplicio.us
tracker.samplicio.us — Cisco Umbrella Rank: 1920
1 KB
3 tvpixel.com
p.tvpixel.com — Cisco Umbrella Rank: 2250
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 373
1 KB
3 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1270
3 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
1 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 504
tags.bluekai.com — Cisco Umbrella Rank: 539
2 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
3 KB
3 tree.com
widgets.tree.com — Cisco Umbrella Rank: 10889
widgets.staging.tree.com Failed
67 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 572
2 KB
3 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 2504
bea4.v.fwmrm.net — Cisco Umbrella Rank: 7568
1 KB
3 steadfastseat.com
steadfastseat.com — Cisco Umbrella Rank: 7677
29 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 3685
643 B
2 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 1522
877 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4672
965 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1134
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4184
624 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 828
s.tribalfusion.com — Cisco Umbrella Rank: 2234
1 KB
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1252
69 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
131 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1094
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
222 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 766
943 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
111 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3500
564 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4673
749 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 471
3 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2083
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3667
970 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1204
1 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 717
1 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2152
831 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1055
838 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 657
787 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1010
1 KB
2 trustx.org
sofia.trustx.org — Cisco Umbrella Rank: 4052
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4112
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 923
869 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
58 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 547
507 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 740
1 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1228
401 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1180
1 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1373
15 B
2 imrworldwide.com
secure-us.imrworldwide.com — Cisco Umbrella Rank: 1935
2 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1084
api.btloader.com — Cisco Umbrella Rank: 1184
6 KB
2 sharethrough.com
native.sharethrough.com — Cisco Umbrella Rank: 2007
match.sharethrough.com — Cisco Umbrella Rank: 554
73 KB
2 weshield.us
order.weshield.us
5 KB
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1123
209 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2435
534 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 2664
900 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1415
706 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1484
540 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1195
637 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1925
664 B
1 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3622
206 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1137
287 B
1 atemda.com
atemda.com — Cisco Umbrella Rank: 5121
1 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3829
465 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6060
323 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 934
554 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5936
279 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2273
395 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6334
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2163
291 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1344
674 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1679
350 B
1 wunderkind.co
contextual-analytics.wunderkind.co — Cisco Umbrella Rank: 3435
2 KB
1 t.co
t.co — Cisco Umbrella Rank: 483
376 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 3258
615 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1507
332 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
667 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1500
473 B
1 im-apps.net
sync-jp.im-apps.net — Cisco Umbrella Rank: 3919
194 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 749
632 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1192
540 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
43 KB
1 ngtv.io
geo.ngtv.io — Cisco Umbrella Rank: 6500
854 B
1 zqtk.net
segment-data-us-east.zqtk.net — Cisco Umbrella Rank: 7368
909 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720
20 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1323
24 KB
1 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 950
458 B
1 cloudfront.net
d9esmwyn3ffr1.cloudfront.net
42 KB
1 ugdturner.com
www.ugdturner.com — Cisco Umbrella Rank: 7198
535 B
1 videoplayerhub.com
warnermediagroup-com.videoplayerhub.com — Cisco Umbrella Rank: 7591
488 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
2 KB
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 liadm.com Failed
i6.liadm.com Failed
0 geistm.com Failed
id.geistm.com Failed
0 nexac.com Failed
r.nexac.com Failed
771 155
Domain Requested by
34 dt.adsafeprotected.com www.cnn.com
32 s0.2mdn.net order.weshield.us
s0.2mdn.net
cdnjs.cloudflare.com
26 pixel.adsafeprotected.com static.adsafeprotected.com
www.cnn.com
order.weshield.us
22 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
22 sync.outbrain.com widgets.outbrain.com
22 dynaimage.cdn.cnn.com www.cnn.com
21 simage2.pubmatic.com 2 redirects ads.pubmatic.com
s.amazon-adsystem.com
www.cnn.com
bh.contextweb.com
21 s.amazon-adsystem.com 2 redirects d9esmwyn3ffr1.cloudfront.net
s.amazon-adsystem.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
www.cnn.com
eus.rubiconproject.com
ads.pubmatic.com
bh.contextweb.com
21 cdnjs.cloudflare.com d9esmwyn3ffr1.cloudfront.net
widgets.tree.com
s0.2mdn.net
cdnjs.cloudflare.com
19 x.bidswitch.net 18 redirects www.cnn.com
19 static.adsafeprotected.com i.cdn.turner.com
steadfastseat.com
order.weshield.us
www.cnn.com
12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
18 c.evidon.com order.weshield.us
www.cnn.com
c.betrad.com
18 cm.g.doubleclick.net 14 redirects sync-amz.ads.yieldmo.com
eus.rubiconproject.com
www.cnn.com
17 events.bouncex.net www.cnn.com
17 verticals-static.cnn.com www.cnn.com
verticals-static.cnn.com
d9esmwyn3ffr1.cloudfront.net
widgets.tree.com
14 widgets.outbrain.com d9esmwyn3ffr1.cloudfront.net
www.cnn.com
widgets.outbrain.com
13 beacon.krxd.net d9esmwyn3ffr1.cloudfront.net
www.cnn.com
widgets.outbrain.com
13 cdn.cnn.com i.cdn.turner.com
www.cnn.com
12 www.i.cdn.cnn.com www.cnn.com
d9esmwyn3ffr1.cloudfront.net
12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
11 pagead2.googlesyndication.com d9esmwyn3ffr1.cloudfront.net
tpc.googlesyndication.com
www.cnn.com
order.weshield.us
10 image2.pubmatic.com 1 redirects s.amazon-adsystem.com
ads.pubmatic.com
www.cnn.com
10 match.adsrvr.org 9 redirects i.cdn.turner.com
10 ib.adnxs.com 8 redirects www.cnn.com
bh.contextweb.com
9 use.typekit.net s0.2mdn.net
use.typekit.net
9 ups.analytics.yahoo.com 8 redirects bh.contextweb.com
9 ssum-sec.casalemedia.com 3 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
9 images.outbrainimg.com www.cnn.com
9 assets.bounceexchange.com d9esmwyn3ffr1.cloudfront.net
www.cnn.com
9 securepubads.g.doubleclick.net d9esmwyn3ffr1.cloudfront.net
securepubads.g.doubleclick.net
order.weshield.us
8 tpc.googlesyndication.com order.weshield.us
12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
8 registry.api.cnn.io d9esmwyn3ffr1.cloudfront.net
8 lightning.warnermediacdn.com d9esmwyn3ffr1.cloudfront.net
lightning.warnermediacdn.com
8 cdn.cookielaw.org www.cnn.com
cdn.cookielaw.org
d9esmwyn3ffr1.cloudfront.net
8 lightning.cnn.com www.cnn.com
lightning.cnn.com
order.weshield.us
d9esmwyn3ffr1.cloudfront.net
7 match.prod.bidr.io 7 redirects
7 bh.contextweb.com 2 redirects order.weshield.us
bh.contextweb.com
7 htlb.casalemedia.com i.cdn.turner.com
player.aniview.com
7 sb.scorecardresearch.com 1 redirects order.weshield.us
www.cnn.com
6 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
www.cnn.com
6 dsum.casalemedia.com ssum-sec.casalemedia.com
bh.contextweb.com
6 player.aniview.com d9esmwyn3ffr1.cloudfront.net
order.weshield.us
6 fw.adsafeprotected.com 3 redirects order.weshield.us
6 sync.crwdcntrl.net 3 redirects www.cnn.com
widgets.outbrain.com
6 zion.api.cnn.io verticals-static.cnn.com
6 ads.stickyadstv.com 3 redirects www.cnn.com
d9esmwyn3ffr1.cloudfront.net
player.aniview.com
6 cdn.krxd.net i.cdn.turner.com
cdn.krxd.net
d9esmwyn3ffr1.cloudfront.net
5 sync.1rx.io 5 redirects
5 track1.aniview.com www.cnn.com
player.aniview.com
5 um.simpli.fi 4 redirects ads.pubmatic.com
5 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
bh.contextweb.com
5 ads.pubmatic.com s.amazon-adsystem.com
d9esmwyn3ffr1.cloudfront.net
order.weshield.us
5 token.rubiconproject.com 4 redirects www.cnn.com
5 aa.agkn.com 2 redirects www.cnn.com
widgets.outbrain.com
5 idsync.rlcdn.com 3 redirects www.cnn.com
s.amazon-adsystem.com
5 usermatch.krxd.net 5 redirects
4 pixel.onaudience.com 4 redirects
4 px.owneriq.net 3 redirects bh.contextweb.com
4 pixel.tapad.com 3 redirects www.cnn.com
4 cdn.indexww.com ssum-sec.casalemedia.com
4 match.deepintent.com 2 redirects ssum-sec.casalemedia.com
4 sync.aniview.com order.weshield.us
www.cnn.com
bh.contextweb.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 js-sec.indexww.com d9esmwyn3ffr1.cloudfront.net
order.weshield.us
4 secure.adnxs.com 4 redirects
4 ads.yieldmo.com sync-amz.ads.yieldmo.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
d9esmwyn3ffr1.cloudfront.net
4 www.googletagservices.com d9esmwyn3ffr1.cloudfront.net
12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
4 cms.quantserve.com 4 redirects
4 pixel-sync.sitescout.com 4 redirects
4 b1sync.zemanta.com 4 redirects
4 sync-tm.everesttech.net www.cnn.com
4 collector.cdp.cnn.com z.cdp-dev.cnn.com
4 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
4 ml314.com 1 redirects d9esmwyn3ffr1.cloudfront.net
order.weshield.us
ml314.com
4 pixel-us-east.rubiconproject.com 4 redirects
3 l.betrad.com www.cnn.com
3 trc.taboola.com 1 redirects bh.contextweb.com
3 pm.w55c.net 3 redirects
3 simage4.pubmatic.com ads.pubmatic.com
3 cm.adgrx.com 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 p.typekit.net use.typekit.net
3 a.sportradarserving.com 3 redirects
3 ssp.behave.com 2 redirects www.cnn.com
3 image6.pubmatic.com ads.pubmatic.com
3 imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com www.cnn.com
3 imtwjwoasak.com 3 redirects
3 tracker.samplicio.us www.cnn.com
3 p.tvpixel.com www.cnn.com
3 c.betrad.com order.weshield.us
3 sync.srv.stackadapt.com 3 redirects
3 cnn.bounceexchange.com d9esmwyn3ffr1.cloudfront.net
3 eb2.3lift.com 2 redirects bh.contextweb.com
3 googleads4.g.doubleclick.net order.weshield.us
3 image4.pubmatic.com 1 redirects s.amazon-adsystem.com
www.cnn.com
3 image8.pubmatic.com 3 redirects
3 loadus.exelator.com 2 redirects widgets.outbrain.com
3 px.ads.linkedin.com 1 redirects widgets.outbrain.com
eus.rubiconproject.com
3 mcdp-nydc1.outbrain.com d9esmwyn3ffr1.cloudfront.net
3 odb.outbrain.com d9esmwyn3ffr1.cloudfront.net
3 fastlane.rubiconproject.com i.cdn.turner.com
3 grid.bidswitch.net i.cdn.turner.com
3 bidder.criteo.com i.cdn.turner.com
3 dpm.demdex.net lightning.cnn.com
www.cnn.com
widgets.outbrain.com
3 widgets.tree.com d9esmwyn3ffr1.cloudfront.net
widgets.tree.com
3 umto.cnn.com www.cnn.com
3 sync.search.spotxchange.com 1 redirects www.cnn.com
3 steadfastseat.com i.cdn.turner.com
d9esmwyn3ffr1.cloudfront.net
3 c.amazon-adsystem.com i.cdn.turner.com
c.amazon-adsystem.com
2 io.narrative.io 1 redirects www.cnn.com
2 cm.mgid.com 1 redirects bh.contextweb.com
2 pulsepoint-match.dotomi.com 2 redirects
2 cdn.stickyadstv.com order.weshield.us
cdn.stickyadstv.com
2 pmp.mxptint.net 1 redirects www.cnn.com
2 pubmatic-match.dotomi.com 2 redirects
2 uipglob.semasio.net 1 redirects www.cnn.com
2 visitor.fiftyt.com 2 redirects
2 rtb-csync.smartadserver.com 1 redirects bh.contextweb.com
2 bid.contextweb.com player.aniview.com
2 hbopenbid.pubmatic.com player.aniview.com
2 c2shb.pubgw.yahoo.com player.aniview.com
2 turnip.cdn.turner.com d9esmwyn3ffr1.cloudfront.net
2 rtb.adentifi.com ssum-sec.casalemedia.com
www.cnn.com
2 csync.loopme.me ssum-sec.casalemedia.com
ads.pubmatic.com
2 sync.targeting.unrulymedia.com 2 redirects
2 www.facebook.com www.cnn.com
2 ad.turn.com 2 redirects
2 us-u.openx.net 1 redirects bh.contextweb.com
2 d.agkn.com www.cnn.com
2 www.google.com www.cnn.com
2 googleads.g.doubleclick.net 2 redirects
2 connect.facebook.net d9esmwyn3ffr1.cloudfront.net
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 pool.admedo.com 2 redirects
2 receive.wmcdp.io lightning.cnn.com
2 id5-sync.com 2 redirects
2 sync.technoratimedia.com 2 redirects
2 s.ad.smaato.net 2 redirects
2 ice.360yield.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 u.openx.net 2 redirects
2 creativecdn.com 2 redirects
2 ps.eyeota.net 1 redirects widgets.outbrain.com
2 sofia.trustx.org 1 redirects widgets.outbrain.com
2 dis.criteo.com widgets.outbrain.com
ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 static.criteo.net d9esmwyn3ffr1.cloudfront.net
static.criteo.net
2 analytics.twitter.com www.cnn.com
2 p.rfihub.com 2 redirects
2 stags.bluekai.com 1 redirects www.cnn.com
2 psm.wmcdp.io lightning.cnn.com
2 12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com d9esmwyn3ffr1.cloudfront.net
2 wmff.warnermediacdn.com lightning.cnn.com
2 ping.chartbeat.net www.cnn.com
2 smetrics.cnn.com lightning.cnn.com
2 consumer.krxd.net d9esmwyn3ffr1.cloudfront.net
cdn.krxd.net
2 z.cdp-dev.cnn.com d9esmwyn3ffr1.cloudfront.net
2 graphql.verticals.api.cnn.io d9esmwyn3ffr1.cloudfront.net
2 logx.optimizely.com cdn.optimizely.com
2 ad-delivery.net www.cnn.com
2 i.clean.gg d9esmwyn3ffr1.cloudfront.net
2 secure-us.imrworldwide.com 1 redirects www.cnn.com
2 eq97f.publishers.tremorhub.com 2 redirects
2 bea4.v.fwmrm.net 1 redirects www.cnn.com
2 i.cdn.turner.com www.cnn.com
2 order.weshield.us 1 redirects
1 rtb.gumgum.com www.cnn.com
1 match.adsby.bidtheatre.com 1 redirects
1 match.bnmla.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 sync.adotmob.com 1 redirects
1 d.adroll.com 1 redirects
1 hbx.media.net bh.contextweb.com
1 sync.colossusssp.com bh.contextweb.com
1 sync.springserve.com bh.contextweb.com
1 sync.teads.tv bh.contextweb.com
1 atemda.com bh.contextweb.com
1 partners.tremorhub.com bh.contextweb.com
1 match.sharethrough.com bh.contextweb.com
1 fave.api.cnn.io registry.api.cnn.io
1 ads.playground.xyz 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 aud.pubmatic.com www.cnn.com
1 tags.bluekai.com www.cnn.com
1 core.iprom.net ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 q017o-jh7o1.ads.tremorhub.com player.aniview.com
1 tag.1rx.io player.aniview.com
1 prg.smartadserver.com player.aniview.com
1 dmp.brand-display.com 1 redirects
1 r.casalemedia.com ssum-sec.casalemedia.com
1 www3.smartadserver.com order.weshield.us
1 observe.aniview.com player.aniview.com
1 dfp.bouncex.net assets.bounceexchange.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 contextual-analytics.wunderkind.co assets.bounceexchange.com
1 t.co www.cnn.com
1 cm.smadex.com 1 redirects
1 sync.inmobi.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 libs.outbrain.com d9esmwyn3ffr1.cloudfront.net
1 trace.mediago.io 1 redirects
1 id.rlcdn.com 1 redirects
1 c.bing.com widgets.outbrain.com
1 ssbsync.smartadserver.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync-jp.im-apps.net widgets.outbrain.com
1 pippio.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 jadserve.postrelease.com www.cnn.com
1 adservice.google.com d9esmwyn3ffr1.cloudfront.net
1 www.googletagmanager.com widgets.tree.com
1 geo.ngtv.io lightning.cnn.com
1 segment-data-us-east.zqtk.net d9esmwyn3ffr1.cloudfront.net
1 widget-pixels.outbrain.com www.cnn.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 as-sec.casalemedia.com i.cdn.turner.com
1 api.btloader.com warnermediagroup-com.videoplayerhub.com
1 maxcdn.bootstrapcdn.com widgets.tree.com
1 tag.bounceexchange.com d9esmwyn3ffr1.cloudfront.net
1 static.chartbeat.com d9esmwyn3ffr1.cloudfront.net
1 api.rlcdn.com i.cdn.turner.com
1 mid.rkdms.com i.cdn.turner.com
1 ad.doubleclick.net www.cnn.com
1 s.cdn.turner.com order.weshield.us
1 cdn.ml314.com order.weshield.us
1 a125375509.cdn.optimizely.com cdn.optimizely.com
1 1f2e7.v.fwmrm.net www.cnn.com
1 d9esmwyn3ffr1.cloudfront.net i.cdn.turner.com
1 www.ugdturner.com i.cdn.turner.com
1 btloader.com www.cnn.com
1 warnermediagroup-com.videoplayerhub.com 1 redirects
1 cdn.jsdelivr.net i.cdn.turner.com
1 cdn3.optimizely.com cdn.optimizely.com
1 native.sharethrough.com www.cnn.com
1 cdn.optimizely.com www.cnn.com
1 www.cnn.com order.weshield.us
0 cs.chocolateplatform.com Failed bh.contextweb.com
0 i6.liadm.com Failed bh.contextweb.com
0 id.geistm.com Failed widgets.outbrain.com
0 r.nexac.com Failed www.cnn.com
0 widgets.staging.tree.com Failed widgets.tree.com
771 252
Subject Issuer Validity Valid
order.weshield.us
Cloudflare Inc ECC CA-3
2022-01-18 -
2023-01-18
a year crt.sh
cnn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-02-11 -
2023-03-15
a year crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA
2021-12-24 -
2022-12-24
a year crt.sh
*.sharethrough.com
Amazon
2022-07-14 -
2023-08-12
a year crt.sh
www.turner.com
GlobalSign RSA OV SSL CA 2018
2022-08-31 -
2023-10-02
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
*.optimizely.com
DigiCert SHA2 Secure Server CA
2021-12-24 -
2022-12-24
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
steadfastseat.com
R3
2022-08-22 -
2022-11-20
3 months crt.sh
www.ugdturner.com
Amazon
2022-04-16 -
2023-05-15
a year crt.sh
static.adsafeprotected.com
Amazon
2022-08-06 -
2023-09-04
a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-12-30 -
2022-12-29
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-19 -
2023-05-19
a year crt.sh
*.cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-03 -
2023-06-07
a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-29 -
2022-12-30
a year crt.sh
ml314.com
GTS CA 1D4
2022-08-20 -
2022-11-18
3 months crt.sh
cdn.turner.com
GlobalSign RSA OV SSL CA 2018
2022-09-06 -
2023-10-08
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
fw.adsafeprotected.com
Amazon
2022-04-28 -
2023-05-27
a year crt.sh
i.clean.gg
GTS CA 1D4
2022-10-04 -
2023-01-02
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.rkdms.com
Entrust Certification Authority - L1K
2021-10-04 -
2022-10-30
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
logx.optimizely.com
Amazon
2022-07-24 -
2023-08-22
a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2022-05-06 -
2023-06-03
a year crt.sh
tag.bounceexchange.com
R3
2022-09-26 -
2022-12-25
3 months crt.sh
*.cdp.cnn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-02-05 -
2023-03-09
a year crt.sh
tree.com
Cloudflare Inc ECC CA-3
2022-09-06 -
2023-09-06
a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-03 -
2023-04-04
a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2022-06-08 -
2023-06-07
a year crt.sh
api.btloader.com
GTS CA 1D4
2022-08-21 -
2022-11-19
3 months crt.sh
smetrics.cnn.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-07 -
2023-04-07
a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-11 -
2023-03-15
a year crt.sh
assets.bounceexchange.com
GTS CA 1D4
2022-10-03 -
2023-01-01
3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2021-12-01 -
2022-12-30
a year crt.sh
*.zqtk.net
Amazon
2022-07-18 -
2023-08-16
a year crt.sh
geo.ngtv.io
Amazon
2022-10-09 -
2023-11-08
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-27 -
2022-11-22
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
s.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-21
a year crt.sh
*.api.cnn.io
Amazon
2021-12-15 -
2023-01-13
a year crt.sh
*.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
psm.wmcdp.io
Amazon
2022-01-26 -
2023-02-23
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-22 -
2023-02-22
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-01 -
2022-11-30
3 months crt.sh
*.im-apps.net
Amazon
2022-04-25 -
2023-05-24
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-09-06 -
2023-09-21
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2022-09-03 -
2023-03-03
6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
*.ads.yieldmo.com
Amazon
2022-04-25 -
2023-05-24
a year crt.sh
receive.wmcdp.io
Amazon
2022-09-19 -
2023-10-17
a year crt.sh
*.wunderkind.co
R3
2022-10-12 -
2023-01-10
3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA
2021-12-30 -
2023-01-03
a year crt.sh
um3.eqads.com
Amazon
2022-06-11 -
2023-07-09
a year crt.sh
*.betrad.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-28 -
2023-05-31
a year crt.sh
*.tvpixel.com
Amazon
2021-12-15 -
2023-01-12
a year crt.sh
*.samplicio.us
Amazon
2022-03-18 -
2023-04-16
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-07-23 -
2022-10-21
3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1
2022-02-22 -
2023-02-22
a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-01-15 -
2023-01-13
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon
2022-07-20 -
2023-07-19
a year crt.sh
*.evidon.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-12 -
2023-04-12
a year crt.sh
dt.adsafeprotected.com
Amazon
2021-11-19 -
2022-12-18
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-14 -
2022-12-07
6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
adentifi.com
Amazon
2022-08-05 -
2023-09-03
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-07 -
2023-05-08
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2022-06-28 -
2023-07-29
a year crt.sh
*.tremorhub.com
Amazon
2022-03-24 -
2023-04-22
a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon
2022-04-13 -
2023-05-12
a year crt.sh
truffle.bid
R3
2022-10-03 -
2023-01-01
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.iprom.net
R3
2022-09-13 -
2022-12-12
3 months crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-12 -
2023-02-12
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-09-27 -
2023-03-22
6 months crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.atemda.com
Go Daddy Secure Certificate Authority - G2
2022-01-10 -
2023-02-11
a year crt.sh
teads.tv
R3
2022-08-17 -
2022-11-15
3 months crt.sh
*.springserve.com
Amazon
2022-09-20 -
2023-10-20
a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2
2021-11-07 -
2022-11-07
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2022-02-20 -
2023-02-22
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2021-10-27 -
2022-11-27
a year crt.sh
*.gumgum.com
Amazon
2022-09-14 -
2023-10-11
a year crt.sh

This page contains 86 frames:

Primary Page: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Frame ID: 441D667D60CBDCF75A07217D7CF4FF0A
Requests: 351 HTTP requests in this frame

Frame: https://a125375509.cdn.optimizely.com/client_storage/a125375509.html
Frame ID: 7CA9382EC8493480ADD9F58BEFF9F4B4
Requests: 1 HTTP requests in this frame

Frame: https://widgets.tree.com/widget/5c4f1e80a581c30001acca92
Frame ID: 7AC0CB0A66DBB1690B0B8B6639673B08
Requests: 8 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: CCE02C60408D205B3F7CF770BDE0569F
Requests: 28 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&dcc=t
Frame ID: AFCEB75ADD3FCC7C5E9540450081C44E
Requests: 1 HTTP requests in this frame

Frame: https://lightning.warnermediacdn.com/cdp/psmtk/complete.html
Frame ID: 759E656C4355AAE50E8469FB48361B10
Requests: 2 HTTP requests in this frame

Frame: https://lightning.warnermediacdn.com/cdp/psmtk/getcdpid.html
Frame ID: 022B3E2C0C14E317134D37F591FCAB72
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=486b77bd-d47b-404e-8979-7206b9b4c94d
Frame ID: 5E8DFE98742E018CC4E2155F4A6E4478
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 9D9D9EBF2771BDAE2955109AF105004B
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 2E01F4AD15EC4613990BAEF604E9E9B6
Requests: 35 HTTP requests in this frame

Frame: https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F4189E7F232B46C767EDF04352999ACC
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 956FAE5136DD764FE4150F49C60DC1C4
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 41DC4C150C5CB07663B7E93F293EFD74
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7ehslvCHfPzKuz-mx-IuUz64lNi5p6IjGElN8VJfkaoAWJSCByBV-totUNrZL7BH_jl3Ag_nePoWl_o2Q3fNfITJrvT3yNGX2f0cIOllD95kqaxXIB8Y4N-QpU6qCktqu6U71RPNEHlFklUsMWMkGESy853ZG7wZiOvjHZrvt25NMmUOShiub2tHIguQZqzSsoowlWUUfM9ijPKEb301o4jRVGvyUDFmiJljoc1d70c8_jPgWzCkcWZZyOxytFXyaI1zSwymRcBoA5rSNev99SOlHtwO2imHeMQxntumxJ9otjy_hWTDMyy2Ic1Js8WoJoGshOzKtvUfJWtc2GH8W4Yi8EBj3s9eu8zjEE8_1MAZbdNSd3zxmig&sai=AMfl-YTj8Me3txe0u5E2AO0eQ2nDdh_oKaGQK8YoHrbduQsTcZt-upygDPo4yazpQrtf3YurNUm2OKZ5iyjBVWwXZ6JAv2pUTJK8nzkbHDgrn75w50fqp-WsCAmeGHouVDDCnAFQzQ&sig=Cg0ArKJSzNYc08_zhtvDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 1806C2F97859243A15143866A6A7C052
Requests: 23 HTTP requests in this frame

Frame: https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4524935289482174F51CFA195C5A95FB
Requests: 9 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrCQxuxX_UHGXRlRJahTe4_GlTmx5754HquyXu-VEzZ6lcJwdWOFmXoqWqaYzNApQJY0j92oTo0BBE7VDRhVkkUNSGCw-FERDNmQDpHaHUGW7qfhEhXzqatodv8fx9w52J6WPrEAd63tgVdiP-2rFYiAYNMPGK8p6v5H9JfV-tF4_eNHXW0fDeTCtlWVuMcbmoFl4wG4gYDl9ZV-dzHmSmD33To-l6ZUM8iTsBMkRoMkvATwVMNgF888gVoJWa2gv7NH2o5XwrvH6zXkdIegQ8ojaAxjef4FD7QHuFObvIAcW5C0dwgCKwbzUD1lpYQzJ-lPomIPPSJ8MCEkc_8c90wZeHtFQogOiq5JPO-OtNHwVaDUGB81JzBw&sai=AMfl-YQRNTc9UEdYvczgsnD5p_opA9tv5cfRwjXWgDaYlmaKpk4g0xvChU1o01ELjV97nIVTbf25kRKqCyhfVd429_FeoMGc3IyL_oXBclFfPrHF5IMMc_JGzFYcWtRvH39SGMog7g&sig=Cg0ArKJSzOc3XDpU2kFZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 25A9473A5D0CF4C971745D5A98D2B1F5
Requests: 22 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-h2eajsHW2_j8jrhdpUNIFpkqyZ148Y3z2KbzSrblVghrCiqvwJAs3TuRdYMvdRGCHA2F1xk3aE6BbC436cOkKJJw25bsBT-Xsej0CAdwO2dXzcWRKXJyaWBfttJ0jT8Jc2iycgFIe-7Ccmb4GQHs5WWtXIdpxrX4Rhw0mmoFrILc2FRtXnLMXcqtApFrla6OxkSFq5UGRt2_J7lrjMTFdCqCw_mkBJKhmgf_UG_s_n4JhMDNnFxT56_gSGZzw_42TzUix0xOdKWc__tbT82ws3cn-3jS3_TRugKmzx5MtMhVw-SwH9gUAoW8VpOrJR0HTCN-CyWp9P9AJUmK6JOtiwGRwvRYC0v0l8XH2h-84RoAdLSr46xF5Q&sai=AMfl-YQiO0dObUWkjbYdOohG357d_tLfmNMoQyu_0nHEhXXfz_Mn-tUH2kecEO_DDOOWX7crldFzNmBjOailCDu8BZhYvu-LxSLlWUMKScSnO5WIV27qawJtHYQ7tq7MVAzyfPAfAg&sig=Cg0ArKJSzNIjOXtg5hPxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 7E61E70C4D91B18644519B8BA16C6C9B
Requests: 23 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 5B505E97F204F93C3D34572CAADFAAF9
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: D54A81B03BA2511FF80AD38A56AFAF7E
Requests: 10 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: FA2F61D253FC367DFCB42C9FBB0FC7BE
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: AC33316894EEBF6D6DB0005E091E4B4D
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ieDlRaG5wRTJ1THZYeXYzdWVmc3FzTDVZMGdMSkFYMn5B
Frame ID: D09DCC6CE86535E5841B5A6001444726
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOr-_kkCxKiLdZTD1zDwb7sMDfY5Ck2aaUJQVxPQ
Frame ID: D0EDFF0AA1487FD98EA8F3B38C81CA08
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7131516223038119427&ex=appnexus.com
Frame ID: B6F63969201083AD4C916B9DD06B82E7
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1313157157490509546917
Frame ID: B3FA6A20E5AAC12C0A4862F7249DE82F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=925660&campId=300x250&pubId=38377837&chanId=70774117&placementId=6121155019&pubCreative=138407334265&pubOrder=3001842219&cb=1754621262&adsafe_par&impId=2b1db02d-4bd0-11ed-83d1-02b862816393&custom=rect_btf_01&custom2=&custom3=&custom4=&custom5=&custom6=
Frame ID: 6AE5D93196DF35FD346E455F8187AF97
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 15E3B1D2E136069364DBCE7007E93876
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 780186AAB5663A81BBDE02E325E21ADD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
Frame ID: 94F67463F250E0779A141FD4A50670FC
Requests: 19 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=925660&campId=728x90&pubId=38377837&chanId=70774117&placementId=6121155019&pubCreative=138407334136&pubOrder=3001842219&cb=868407317&adsafe_par&impId=2b0a9d9f-4bd0-11ed-8703-0e6557286d5b&custom=bnr_atf_01&custom2=&custom3=&custom4=&custom5=&custom6=
Frame ID: 94F4D94CDE49C42C2501385616EDFF00
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9E58D88A61C30A660CAFFD1F4FF5E564
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
Frame ID: 531DFFE54C2C6E9DBF45D05DC64A9AA5
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0182FED6C71D1E6CE8A719C1C951E4A3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
Frame ID: 9904BF77684EFD259096DE6C26B1AFD6
Requests: 19 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=925660&campId=300x250&pubId=38377837&chanId=70774117&placementId=6121155019&pubCreative=138406824543&pubOrder=3001842219&cb=674126636&adsafe_par&impId=2b28374b-4bd0-11ed-bc07-0a7d2ca1a63d&custom=rect_atf_01&custom2=&custom3=&custom4=&custom5=&custom6=
Frame ID: 1E45E84C7C104F42A0C728836864A472
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Frame ID: 784833EC0C57FBBBD82442C0A302C3ED
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A274BA232F7627EB9E78378EC6A53A23
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EAD47AE146F7810B1297185D501AD1F2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: 55F3364CAC976DE22BCC7CF1BFA27318
Requests: 18 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D487F84A6434593BC1771347AC3F48F8
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=925660&campId=0x0&pubId=100473157&chanId=70774117&placementId=5644072975&pubCreative=138406769406&pubOrder=2684215891&cb=1022928613&adsafe_par&impId=2b13c543-4bd0-11ed-ad97-0a3253e544a7&custom=nat_btf_01&custom2=&custom3=&custom4=&custom5=&custom6=
Frame ID: B6B58D6BECF42353FA6D126D0C598847
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 07E51A5106957023ED82B3BB1C3300B0
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9BB20854DB9B6C98B190F1EF302FB072
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 13EF234E2F63AAD968590173E481E7D5
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7234A28FC7068244D5E277DF64856F7E
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Frame ID: 0C21843BD82F48FD1C2567ACE9C27B7C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0l4RAAAAanUSgAT&gdpr=0&gdpr_consent=&_test=Y0l4RAAAAanUSgAT
Frame ID: 2889096A861E829D228E314A44C05D9D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&redir=true&gdpr=0&gdpr_consent=
Frame ID: D0EF994249ACD8FE91B6FA2B3F282679
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Frame ID: 0D13F3DA8F5782862FBD504A51690D17
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4C9DBF9AA5DF030D0683B12B7D8086E2
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4FE03972087C99638D35963128F0043B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FAE34C7280F0C83709408E52BC1D677B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6063B0628070DDACAE24F75A06DA40C8
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4C162896D673CF8A47E54B66239944C6
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 84C6C1287214680B4CDBA25E1C24563C
Requests: 10 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-AJky0vdE2uGqV7F8LhdYDTGn8SY.kBZtGuPEZms-~A&gdpr=0&gdpr_consent=
Frame ID: 44C53E76517B81371071B46526B2926F
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1665759301012-976147915756-007734-012-001359&biddername=200&key=RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005
Frame ID: 962B35C581ED9BB06F2D39F246E739C2
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6335215AB35ED35F5ED7163A4F9ABF7D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7CC83C8FBA713E9038458F11572E7187
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEDek7GkvEAAB5Vp63uTg
Frame ID: CF030F4BC0E62847C139018920AB3B5D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:97f46349-7844-4300-86cf-3c860e6e57c7&gdpr=0&gdpr_consent=
Frame ID: D3EEC6C9742A9CCD9198A2B1F0BBA466
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yBxsqMkXbKPTFz7zmhp18M4fb6LTGT71zB7Dsfqb
Frame ID: 0507E50A8C9D6482F3132AEF9B12AD76
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_65f95a0236824e23b0efd
Frame ID: 1AEF73B446B4D0092E35FFE81923670B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2f2ac954-4bd0-11ed-869d-8bd57caea974
Frame ID: 7507058A8D6C79635CC969978650B79D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 70768F8761E2C5EA8AF84FB0C463E345
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4YcvVatpQRlHac9ZHs6pq2AJ9sU
Frame ID: 9616BB58AEF7CE54A1E1728DF1AAE127
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:e8hOHL8z1OJm5z5&gdpr=0&gdpr_consent=
Frame ID: A0F8BE445E7607936097DC023E721CF0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=699232399620
Frame ID: 43008DEE6A2A3EC90A66061BB1C752C0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=s5BD93-aM
Frame ID: 6E5F9DF83F3BE69A5BE9094C301D39AA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005
Frame ID: F507438D495F59DDB323657DC0FFBF31
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6970389CE13537E5A8E5DE0F6F066314
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Frame ID: EF95A5F2ECA2B538E4182E09D375E63F
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: C080B50FD967A6E5D396F243233DD8F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7190457051879055423
Frame ID: A6D884D59DBD081F599E5C178B5E3348
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 6808E8637A9FC31A71D7C6F8A9A6FE20
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Uldthyd0AaGBQR3eSXhJYw
Frame ID: 7F95EBBE0257EF224A61E59F95600264
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1e00769e-42e2-4e6f-a351-c3a1eaf3ffd2-tucta42fdc9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 276FD201D5ECDD3125C3DEC53CE9163F
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 5671A63E6782018CDCFC121CE9253F3B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 70C66E96A88E181B5D44157DAD0F2A47
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158615&us_privacy=1YNN
Frame ID: A9F2F4B6943B3FC220F582C22E19EAF0
Requests: 8 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 1961AA3678982CD748BE00E160213E70
Requests: 28 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 57648782CE942CAD6AABDBABDBD5E12A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DCC1E5778FE38D7D84A8708C9AD5B95A
Requests: 10 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=c16267ac-ccff-4421-8885-3ef7dad4c15d
Frame ID: AEE02D250A78161AC6C14EFD9669C706
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/epx
Frame ID: DF14BDE2EF7C8D1A2CF22B45111E7FA2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:878D02C6705744198FB20951038F4088
Frame ID: 151C28A561A0368E15154C6C1514EF5A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

What Covid-19 precautions should people take for international travel? | CNN TravelPlayBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-... Page URL
  2. https://order.weshield.us/events/public/v1/encoded/track/tc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5... HTTP 307
    https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • c\.evidon\.com

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • head\.(?:core|load)(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

771
Requests

82 %
HTTPS

26 %
IPv6

155
Domains

252
Subdomains

164
IPs

11
Countries

8548 kB
Transfer

24912 kB
Size

316
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1 Page URL
  2. https://order.weshield.us/events/public/v1/encoded/track/tc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1?_ud=626da7f2-bebe-4d99-9d83-9f2a5786a477&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://warnermediagroup-com.videoplayerhub.com/galleryloader.js HTTP 301
  • https://btloader.com/tag?h=warnermediagroup-com&upapi=true
Request Chain 20
  • https://ads.stickyadstv.com/user-matching?id=185&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=15f1b2ba43771b3f9cb9c22c83664&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 47
  • https://sync.search.spotxchange.com/audience_id HTTP 302
  • https://sync.search.spotxchange.com/audience_id?__user_check__=1
Request Chain 48
  • https://ib.adnxs.com/getuid?https://umto.cnn.com/user-sync?zwmc=$UID&domain=cnn.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fumto.cnn.com%2Fuser-sync%3Fzwmc%3D%24UID%26domain%3Dcnn.com HTTP 302
  • https://umto.cnn.com/user-sync?zwmc=7131516223038119427&domain=cnn.com
Request Chain 50
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=cnn HTTP 302
  • https://umto.cnn.com/user-sync?ifyr=L98M2PLK-Y-BTOL&domain=cnn.com
Request Chain 51
  • https://eq97f.publishers.tremorhub.com/pubsync?redir=https://umto.cnn.com/user-sync?goiz=%5Btvid%5D%26domain=cnn.com HTTP 302
  • https://eq97f.publishers.tremorhub.com/pubsync/verify?redir=https://umto.cnn.com/user-sync?goiz=%5Btvid%5D%26domain=cnn.com HTTP 302
  • https://umto.cnn.com/user-sync?goiz=427fcc71780f41d8b13f97aba743dc45&domain=cnn.com
Request Chain 54
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-204044h&cg=0&cc=1&si=https%3A//www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&rp=&ts=compact&rnd=1665759294377 HTTP 302
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-204044h&cg=0&cc=1&si=https%3A//www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&rp=&ts=compact&rnd=1665759294377&ja=1
Request Chain 82
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035748&cs_ucfr=1&cs_it=b3&cv=3.8.0.210223&ns__t=1665759295556&ns_c=UTF-8&c7=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&c8=What%20Covid-19%20precautions%20should%20people%20take%20for%20international%20travel%3F%20%7C%20CNN%20Travel&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035748&cs_ucfr=1&cs_it=b3&cv=3.8.0.210223&ns__t=1665759295556&ns_c=UTF-8&c7=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&c8=What%20Covid-19%20precautions%20should%20people%20take%20for%20international%20travel%3F%20%7C%20CNN%20Travel&c9=
Request Chain 198
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&dcc=t
Request Chain 230
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=UEl6cXBBdzU HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJbJKOc5jiiBC4kd9D9LVSc&google_cver=1
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UEl6cXBBdzU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=UEl6cXBBdzU&google_tc= HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIj_O2admy_QYM3jOTYmg-o&google_cver=1
Request Chain 232
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=PIzqpAw5&gdpr=0 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=43be5bfc-2333-45c8-b58e-491325ded701
Request Chain 236
  • https://usermatch.krxd.net/um/v2?partner=spotx HTTP 302
  • https://sync.search.spotxchange.com/audience_sync/9?uid=PIzqpAw5
Request Chain 238
  • https://bea4.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dfreewheel%26partner_uid%3D%23%7Buser.id%7D HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=freewheel&partner_uid=e5f69_7154381690738909760
Request Chain 239
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=7131516223038119427
Request Chain 243
  • https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PIzqpAw5
Request Chain 244
  • https://aa.agkn.com/adscores/g.pixel?sid=9212303288&_kdpid=PIzqpAw5 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=neustar&partner_uid=M6xIrXdxpsVi0j%2FQfDsomzIwE56upj6cPqmISYjX2i0%3D
Request Chain 245
  • https://p.rfihub.com/cm?in=1&pub=6919&kuid=PIzqpAw5 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1797288116820033575
Request Chain 248
  • https://usermatch.krxd.net/um/v2?partner=nativo HTTP 302
  • https://jadserve.postrelease.com/dmp/6?vk=PIzqpAw5
Request Chain 249
  • https://sync.crwdcntrl.net/map/c=9164/TP=KRUX/tpid=PIzqpAw5 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=PIzqpAw5
Request Chain 250
  • https://usermatch.krxd.net/um/v2?partner=quantcast HTTP 302
  • https://pixel.quantserve.com/pixel/p-j_f_9hh7_PWUw.gif?idmatch=0&partner_user_id=PIzqpAw5 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?gdpr=0&partner=quantcast&partner_uid=FXxMWxR3TFAOdx4AR3pVAxN_T1EOeR4GEX5hYtv1
Request Chain 254
  • https://idsync.rlcdn.com/420046.gif?partner_uid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEpLX3c4UW5UZ2ZKdVBZcWJXVHRnUlMzZnNPdzJ6RXZVcEdnRUt4VU10UUlQQ0IxY3FWUFkxcHZuZ0M4THlFZGwQABoNCMHwpZoGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=cf3e43b0172cbbe139e20e3e0316fdd273a4f46f1e805dc8ac50931c1fa5c6fa791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cf3e43b0172cbbe139e20e3e0316fdd273a4f46f1e805dc8ac50931c1fa5c6fa791426b5417dce21&rand=07788227 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cf3e43b0172cbbe139e20e3e0316fdd273a4f46f1e805dc8ac50931c1fa5c6fa791426b5417dce21&rand=07788227&expected_cookie=0ad9ee38-2cdb-4948-aa3f-2544a01ce08f
Request Chain 255
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN HTTP 302
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&s=2&us_privacy=1YNN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=nn12DaTFKjxqFrRvUj2d&gdpr=0&us_privacy=1YNN
Request Chain 256
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7131516223038119427&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 259
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=43be5bfc-2333-45c8-b58e-491325ded701&gdpr=0&gdpr_consent=
Request Chain 262
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=94c3909b-d059-4f0c-acbe-cdd72d108f1f
Request Chain 263
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&us_privacy=1YNN&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&us_privacy=1YNN&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=outbrain&bsw_custom_parameter=54581ddb-cf4b-4c83-8772-b771adc7cdd3 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=outbrain&bsw_custom_parameter=54581ddb-cf4b-4c83-8772-b771adc7cdd3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=8a8de51f-330e-4ff5-8dbc-ddce92b6c70c&ssp=outbrain&expires=30&user_group=5&bsw_param=54581ddb-cf4b-4c83-8772-b771adc7cdd3 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&google_dbm=&google_tc= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIc0TtEGGdMsfBihZEKd-7s&google_cver=1 HTTP 302
  • https://sofia.trustx.org/sync?tp_id=1&tp_uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&ssp_custom_data= HTTP 302
  • https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&ssp_custom_data=
Request Chain 266
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1YNN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7154381707928795275&gdpr=0&gdpr_consent=
Request Chain 267
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Request Chain 269
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1YNN HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1YNN&tc=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=KiBr5w6Mdp6KaDCbClGH&pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1YNN&tc=1
Request Chain 270
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1YNN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L98M2PLK-Y-BTOL&gdpr=0&us_privacy=1YNN
Request Chain 272
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl HTTP 302
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&xl8blockcheck=1 HTTP 302
  • https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl{%22attributes%22:%20{},%20%22agreedId%22:%20%22%22}
Request Chain 273
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN&s=193091&C=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 274
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%2526gdpr%253D%2524GDPR_APPLIES%2526gdpr_consent%253D%2524CONSNT_STRING%2526us_privacy%253D%2524CCPA%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%2526gdpr%253D%2524GDPR_APPLIES%2526gdpr_consent%253D%2524CONSNT_STRING%2526us_privacy%253D%2524CCPA%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzIzNjdEQ0YtNzRGQy00QUE4LThFNzgtMkQ3MURDREQ1QUMz&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26uid%3DC2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Request Chain 275
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1YNN&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&uid=1694e100-7229-4538-a7a7-05db7983f96a
Request Chain 276
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1YNN&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1YNN&redir=true&verify=true HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-AJky0vdE2uGqV7F8LhdYDTGn8SY.kBZtGuPEZms-~A&gdpr=0&gdpr_consent=
Request Chain 277
  • https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1KS193OFFuVGdmSnVQWXFiV1R0Z1JTM2ZzT3cyekV2VXBHZ0VLeFVNdFFJUENCMWNxVlBZMXB2bmdDOEx5RWRsJmdkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOTg== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=7131516223038119427&redirect=https://sync.outbrain.com/cookie-sync?p=emx&uid=$EMXUID&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1KS193OFFuVGdmSnVQWXFiV1R0Z1JTM2ZzT3cyekV2VXBHZ0VLeFVNdFFJUENCMWNxVlBZMXB2bmdDOEx5RWRsJmdkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOTg== HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=emx&uid=7131516223038119427brt53601665759298707451b6&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 278
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=a461fc5b-dae0-4755-b69a-465dd6e7c6b9&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 279
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=240de039&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 280
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=5095224376267906723&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 282
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26us_privacy%3D1YNN HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=synacor&uid=34407F43C3FE4EEB80AABDCB94E5E702&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&us_privacy=1YNN
Request Chain 283
  • https://id.rlcdn.com/711945.gif?cparams=obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Request Chain 284
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1YNN&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=0&gdpr_consent=&us_privacy=1YNN&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 285
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&uid=U5OdMFKYnTtImM9rAZWEaFWQnjpIls9tV5F8_G8y
Request Chain 286
  • https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%7BuserId%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid={userId}&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN&ev=1&us_privacy=${us_privacy}&pid=562709
Request Chain 287
  • https://trace.mediago.io/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Request Chain 326
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 330
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ieDlRaG5wRTJ1THZYeXYzdWVmc3FzTDVZMGdMSkFYMn5B
Request Chain 331
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOr-_kkCxKiLdZTD1zDwb7sMDfY5Ck2aaUJQVxPQ
Request Chain 332
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7131516223038119427&ex=appnexus.com
Request Chain 333
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1313157157490509546917
Request Chain 357
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=L98M2PLK-Y-BTOL
Request Chain 358
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gefbf7dff3412f81e141 HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=43be5bfc-2333-45c8-b58e-491325ded701
Request Chain 359
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=4YcvVatpQRlHac9ZHs6pq2AJ9sU&gdpr=&gdpr_consent=
Request Chain 361
  • https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_custom_parameter=54581ddb-cf4b-4c83-8772-b771adc7cdd3 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_custom_parameter=54581ddb-cf4b-4c83-8772-b771adc7cdd3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=284a5727-69e8-48d1-bf38-85bae0bed6ed&user_group=1&ssp=yieldmo&bsw_param=54581ddb-cf4b-4c83-8772-b771adc7cdd3 HTTP 302
  • https://ads.yieldmo.com/sync?userid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
Request Chain 365
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0l4QhsVnrOdD2McikNy5AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN6sSaypwucG29ourbiWVU0&google_cver=1
Request Chain 367
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=43be5bfc-2333-45c8-b58e-491325ded701&expiration=1668351299&gdpr=0&gdpr_consent=
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP4Ov7M01DaM6gbiU5qXi7s&google_cver=1
Request Chain 369
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=71cbebbabd661483&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHSY3L4uHSVQN1bxKtAAAAAAA&expiration=1665845699&is_secure=true
Request Chain 370
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEDek7GkvEAAB5Vp63uTg&expiration=1666968899
Request Chain 371
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=index&bds_param=54581ddb-cf4b-4c83-8772-b771adc7cdd3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=3b38920b-66f5-482a-9c13-5abb4c44464b&expires=10&ssp=index&bsw_param=54581ddb-cf4b-4c83-8772-b771adc7cdd3 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=54581ddb-cf4b-4c83-8772-b771adc7cdd3
Request Chain 376
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 383
  • https://imtwjwoasak.com/trk?CNTRY=USA&SID=2500016607&TFID=10801&CMP_ID=140764&PUB_ID=N458401.8535CNNNETWORK&CTE=179349222&PLC_ID=346198417&RND_NUM=1193608672 HTTP 302
  • https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
Request Chain 391
  • https://imtwjwoasak.com/trk?CNTRY=USA&SID=2500016607&TFID=10801&CMP_ID=140764&PUB_ID=N458401.8535CNNNETWORK&CTE=179347275&PLC_ID=346198420&RND_NUM=3216548757 HTTP 302
  • https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
Request Chain 398
  • https://imtwjwoasak.com/trk?CNTRY=USA&SID=2500016607&TFID=10801&CMP_ID=140764&PUB_ID=N458401.8535CNNNETWORK&CTE=178874260&PLC_ID=346198420&RND_NUM=2235500178 HTTP 302
  • https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
Request Chain 405
  • https://ml314.com/csync.ashx?fp=PIzqpAw5&person_id=3630748696449122349&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3630748696449122349 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3630748696449122349
Request Chain 407
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986255830/?value=0&guid=ON&script=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/986255830/?value=0&guid=ON&script=0&is_vtc=1&random=2812036844
Request Chain 410
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/925133270/?value=1.00&currency_code=USD&label=IEQNCNXH9GcQ1tORuQM&guid=ON&script=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/925133270/?value=1.00&currency_code=USD&label=IEQNCNXH9GcQ1tORuQM&guid=ON&script=0&is_vtc=1&random=2671572946
Request Chain 412
  • https://aa.agkn.com/adscores/g.pixel?sid=9212296238&tid=PIzqpAw5 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1665759299673&ip=96.9.246.197
Request Chain 413
  • https://secure.adnxs.com/getuid?https://s.amazon-adsystem.com/x/da2e6c890e6e3636 HTTP 302
  • https://s.amazon-adsystem.com/x/da2e6c890e6e3636
Request Chain 414
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L98M2PLK-Y-BTOL HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L98M2PLK-Y-BTOL&ex=d-rubiconproject.com&status=ok
Request Chain 430
  • https://fw.adsafeprotected.com/rfw/st/993073/65715864/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&adsafe_type=abedq&adsafe_url=https%3A%2F%2Fwww.cnn.com%2F&adsafe_type=f&adsafe_jsinfo=,id:f670ba03-9ae8-af2b-b358-264aba3dbb08,c:r1VDDZ,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-f68d76959-v298r,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.0.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:817,mot:0,app:0,maw:0,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.993073-65715864%7C1e1%7C1e2%7C1e3%7C1f%7C1g1%7C1g2%7C1g3%7C1h1%7C1h2%7C1h3%7C1i,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:846,oid:2c11115d-4bd0-11ed-8ca0-3a6f2f2948d4,v:19.8.355,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 432
  • https://fw.adsafeprotected.com/rfw/st/993073/65715865/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&adsafe_type=abedq&adsafe_url=https%3A%2F%2Fwww.cnn.com%2F&adsafe_type=f&adsafe_jsinfo=,id:243d9f67-53d7-b892-5bdf-49966da6ec14,c:r1VDEF,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-f68d76959-jptc2,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1050.2542.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:866,mot:0,app:0,maw:0,fm:tkfygcD+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g*.993073-65715865%7C1g1%7C1g2%7C1g3%7C1h1%7C1h2%7C1h3%7C1i,idMap:1g*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:878,oid:2c183c72-4bd0-11ed-aaba-2675eb65c497,v:19.8.355,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 439
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=bouncex HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=bouncex HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2da24d39-36ac-4537-8e1e-fa5cf644c790&ssp=bouncex HTTP 302
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3
Request Chain 443
  • https://fw.adsafeprotected.com/rfw/st/993073/65715865/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&adsafe_type=abedq&adsafe_url=https%3A%2F%2Fwww.cnn.com%2F&adsafe_type=f&adsafe_jsinfo=,id:e8ee9ae9-ec03-cd9d-df06-cd88d46a4021,c:r1VDIt,sl:partialViewPlus,em:true,fr:true,thd:1,mn:jsserver-primary-f68d76959-4spns,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1050.1038.300.250,am:sp,cc:0.0.300.250,piv:65,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:1061,mot:0,app:0,maw:0,fm:tkfygdf+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g1%7C1g2%7C1g3%7C1g4%7C1h*.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:1076,oid:2c200519-4bd0-11ed-8b58-4e8a8efb6588,v:19.8.355,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 445
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L98M2PLK-Y-BTOL
Request Chain 446
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk4TTJQTEstWS1CVE9M
Request Chain 447
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=43be5bfc-2333-45c8-b58e-491325ded701&gdpr=0&gdpr_consent=&expires=30
Request Chain 448
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iRxwYbCKRdGE4XOmWk8h5A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iRxwYbCKRdGE4XOmWk8h5A
Request Chain 449
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ymGo4LWacyL0b7QpxEAdbg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5625274655601947985
Request Chain 450
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKy4gaTUlEfdC5BcA9r8_6E&google_cver=1
Request Chain 452
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDcyMjU3NmNmNTZjMTg1YTVjNWFhYThkODY5OTY2NTg4MTJlMzU3YQ
Request Chain 474
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Request Chain 475
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y0l4RAAAAanUSgAT HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0l4RAAAAanUSgAT&gdpr=0&gdpr_consent=&_test=Y0l4RAAAAanUSgAT
Request Chain 478
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wjZ9z3T8SqiOeC1x3N1aww%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 479
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f343b761-c080-4ea4-9bb1-d785f8a35f99
Request Chain 480
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97f46349-7844-4300-86cf-3c860e6e57c7
Request Chain 481
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPs5tkJK4AOA7oMXyaLWlTQ&google_cver=1
Request Chain 482
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:878D02C6705744198FB20951038F4088
Request Chain 483
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2810044332467077412&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 484
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=43be5bfc-2333-45c8-b58e-491325ded701
Request Chain 537
  • https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-AJky0vdE2uGqV7F8LhdYDTGn8SY.kBZtGuPEZms-~A&gdpr=0&gdpr_consent=
Request Chain 538
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1665759301012-976147915756-007734-012-001359%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1665759301012-976147915756-007734-012-001359%26biddername%3D200%26key%3D%5BRX_UUID%5D&cb=1665759301561 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6216615425 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/43be5bfc-2333-45c8-b58e-491325ded701 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1665759301012-976147915756-007734-012-001359%26biddername%3D200%26key%3DRX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1665759301012-976147915756-007734-012-001359&biddername=200&key=RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005
Request Chain 546
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1665759301012-976147915756-007734-012-001359%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1YNN HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1665759301012-976147915756-007734-012-001359&biddername=24&pid=59c9148628a0612da3689288&key=54581ddb-cf4b-4c83-8772-b771adc7cdd3
Request Chain 547
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzdiNGMwYmI5NjNiZWZiZWY5NWU5ODc3NGRjYzI2Yg==&gdpr=0&gdpr_consent=
Request Chain 548
  • https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=c7b4c0bb963befbef95e98774dcc26b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 556
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7131516223038119427&us_privacy=1YNN
Request Chain 558
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB&gdpr_consent=&us_privacy=1YNN&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
Request Chain 559
  • https://ad.turn.com/r/cs?pid=21&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2810044332467077412
Request Chain 561
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1YNN&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=nn12DaTFKjxqFrRvUj2d&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD23TOGEZEIYKUIZFWU6DRIZZFE5SVNIZGIJTVONPXA4TJOZQWG6J5GFMU4TQ&us_privacy=1YNN HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD23TOGEZEIYKUIZFWU6DRIZZFE5SVNIZGIJTVONPXA4TJOZQWG6J5GFMU4TQ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=nn12DaTFKjxqFrRvUj2d&us_privacy=1YNN
Request Chain 562
  • https://beacon.lynx.cognitivlabs.com/ix.gif?us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=d33adbdc-c6a0-45bf-8979-97e8a3cdb74c&expiration=1697295303
Request Chain 563
  • https://p.rfihub.com/cm?in=1&pub=2079&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1797288116820033575
Request Chain 565
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0l4RAAAAanUSgAT&us_privacy=1YNN
Request Chain 566
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97f46349-7844-4300-86cf-3c860e6e57c7
Request Chain 567
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dQfVo3QM1ahuDIf4JwHM-3ME1qluAof-cQVBdUuf
Request Chain 568
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&us_privacy=1YNN HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc465da82-33be-4311-84c5-c60565b4654b-63497843-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dc465da82-33be-4311-84c5-c60565b4654b-63497843-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Dc465da82-33be-4311-84c5-c60565b4654b-63497843-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Dc465da82-33be-4311-84c5-c60565b4654b-63497843-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&gdpr=0&gdpr_consent=
Request Chain 569
  • https://c1.adform.net/serving/cookie/match?party=29&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3163447472039705408&expiration=1666968903
Request Chain 570
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&us_privacy=1YNN HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=2f2ac954-4bd0-11ed-869d-8bd57caea974
Request Chain 572
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e&us_privacy=1YNN HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=6164ce0f-d93f-f5d6-90dc4d33
Request Chain 574
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7131516223038119427&us_privacy=1YNN
Request Chain 576
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB&gdpr_consent=&us_privacy=1YNN&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
Request Chain 577
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0l4RAAAAanUSgAT&us_privacy=1YNN
Request Chain 647
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFRGVrN0drdkVBQUI1VnA2M3VUZw&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEDek7GkvEAAB5Vp63uTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEDek7GkvEAAB5Vp63uTg&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAEDek7GkvEAAB5Vp63uTg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEDek7GkvEAAB5Vp63uTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5095224376267906723 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEDek7GkvEAAB5Vp63uTg
Request Chain 648
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:97f46349-7844-4300-86cf-3c860e6e57c7&gdpr=0&gdpr_consent=
Request Chain 649
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yBxsqMkXbKPTFz7zmhp18M4fb6LTGT71zB7Dsfqb
Request Chain 650
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_65f95a0236824e23b0efd
Request Chain 651
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2f2ac954-4bd0-11ed-869d-8bd57caea974
Request Chain 653
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4YcvVatpQRlHac9ZHs6pq2AJ9sU
Request Chain 654
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:e8hOHL8z1OJm5z5&gdpr=0&gdpr_consent=
Request Chain 655
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=699232399620
Request Chain 656
  • https://ad.mrtnsvr.com/sync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=s5BD93-aM
Request Chain 657
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005&rndcb=4292773886 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2da24d39-36ac-4537-8e1e-fa5cf644c790&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/54581ddb-cf4b-4c83-8772-b771adc7cdd3?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005
Request Chain 658
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 659
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d33adbdc-c6a0-45bf-8979-97e8a3cdb74c&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Request Chain 661
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7190457051879055423&uid=Q7190457051879055423&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7190457051879055423
Request Chain 663
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Uldthyd0AaGBQR3eSXhJYw
Request Chain 664
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1e00769e-42e2-4e6f-a351-c3a1eaf3ffd2-tucta42fdc9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 666
  • https://pixel.onaudience.com/?partner=214&mapped=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=43be5bfc-2333-45c8-b58e-491325ded701&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b634e9e09fa8272d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=2f043a78a432c272ed2107d3793e2e88&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=77b5de23e4257d51
Request Chain 667
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&addseg=10,33,39
Request Chain 668
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 671
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HszbWylE2uVL_mKbjgr.2M_43K6NGgw-~A&gdpr=0&gdpr_consent=
Request Chain 672
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0602a09a-9f21-4e5d-ac24-dc5606f0b66d&gdpr=0&gdpr_consent=
Request Chain 673
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7131516223038119427&gdpr=0&gdpr_consent=
Request Chain 674
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=25c1ad91c0101483&is_secure=true&networkId=17100&version=1&nuid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHSY3L4uHTPwMYJt5-AAAAAAA&expiration=1665845705&nuid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 676
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&gdpr=0&gdpr_consent=
Request Chain 677
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_F7BEF837_22BD5B1A&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 678
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=54581ddb-cf4b-4c83-8772-b771adc7cdd3&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_f95d0d40-91ff-4467-88ce-c4ad708bc18b&bsw_param=54581ddb-cf4b-4c83-8772-b771adc7cdd3&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=54581ddb-cf4b-4c83-8772-b771adc7cdd3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 679
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3163447472039705408
Request Chain 680
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7131516223038119427
Request Chain 730
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=32d074d2af9b1087&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFw3dHOCaycgM47NAcAAAAAAA&expiration=1665845706&nuid=&is_secure=true
Request Chain 731
  • https://px.owneriq.net/eucm/p/cwc HTTP 302
  • https://px.owneriq.net/fr/epx.gif
Request Chain 732
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=M2Y2ZVQxRmY0ODY3WkVuMF9VTlNJQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEJPjJRjm5ONLmZKH5Jp9gHY&google_cver=1
Request Chain 733
  • https://x.bidswitch.net/sync?ssp=pulsepoint HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=pulsepoint&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=pulsepoint&gdpr=0&user_id=5KhOaOWjTmP_oxwztq5XMOKrTWL_rRw14KrBNUCz HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=54581ddb-cf4b-4c83-8772-b771adc7cdd3
Request Chain 737
  • https://s.ad.smaato.net/c/?dspInit=1001299&dspCookie=fO645FflFaZM HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=240de039
Request Chain 738
  • https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_cm&google_hm=fO645FflFaZM HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEPUeN-15dXJz-yF5bzL5mqI&google_cver=1
Request Chain 749
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=fO645FflFaZM HTTP 303
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=fO645FflFaZM&_li_chk=true&previous_uuid=d4817b4fcfa14f54afb0f62dc294237e HTTP 303
  • https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=fO645FflFaZM
Request Chain 750
  • https://x.bidswitch.net/sync?dsp_id=400&user_id=fO645FflFaZM&expires=30&user_group=[NUMERICAL_VALUE] HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=54581ddb-cf4b-4c83-8772-b771adc7cdd3&gdpr=&consentData=&uspString= HTTP 307
  • https://cm.mgid.com/m?c=54581ddb-cf4b-4c83-8772-b771adc7cdd3&cdsp=433145&consentData=&gdpr=&uspString=&sct=1
Request Chain 763
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=878D02C6705744198FB20951038F4088&us_privacy=1YNN
Request Chain 764
  • https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=MWRlYmRjMjc4ZTU4MTNlOWM3NjA5NzNhYjZhOWM5MDk&expiration=1697295306
Request Chain 765
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=e8hOHL8z1OJm5z5&us_privacy=1YNN
Request Chain 766
  • https://sync.srv.stackadapt.com/sync?nid=68&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=4YcvVatpQRlHac9ZHs6pq2AJ9sU
Request Chain 767
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&us_privacy=1YNN HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=084022040721ccefec9a803e&expiration=[EXPIRATION]
Request Chain 768
  • https://match.deepintent.com/usersync/113?us_privacy=1YNN HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_65f95a0236824e23b0efd
Request Chain 769
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&us_privacy=1YNN HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7131516223038119427&us_privacy=1YNN
Request Chain 773
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=c7b4c0bb963befbef95e98774dcc26b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e5f69_7154381690738909760&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=43be5bfc-2333-45c8-b58e-491325ded701 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YzdiNGMwYmI5NjNiZWZiZWY5NWU5ODc3NGRjYzI2Yg==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDAf5LEFTfvkWv9YELcNCwk&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/c7b4c0bb963befbef95e98774dcc26b?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-E2W_q5tE2oNqoReZFTXOwLusO_.kFJXIsjZqKTfb~A HTTP 302
  • https://usersync.octillion.tv/fw HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554&userId=28e127f9-7157-465f-8309-913e19824084 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=7131516223038119427 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAEDek7GkvEAAB5Vp63uTg&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=e8hOHL8z1OJm5z5&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3163447472039705408 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Y0l4RAAAAanUSgAT
Request Chain 779
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=c16267ac-ccff-4421-8885-3ef7dad4c15d
Request Chain 780
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://um.simpli.fi/epx
Request Chain 781
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:878D02C6705744198FB20951038F4088
Request Chain 782
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=32efcad0-4bd0-11ed-829c-0661d704b7c9&companyId=673&id=pubmatic_id:C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Request Chain 784
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=923e1045-fbdf-4106-ae07-ff4664f8de7b%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=43be5bfc-2333-45c8-b58e-491325ded701&ttd_puid=923e1045-fbdf-4106-ae07-ff4664f8de7b%2C
Request Chain 785
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3e6b44d6-de14-48b2-8b30-de9d59d95ec0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

771 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC2...
order.weshield.us/e3t/Ctc/RI+113/cZZj304/
10 KB
4 KB
Document
General
Full URL
https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
MISS
cf-ray
75a1271bc9a1f7f4-BNA
content-encoding
br
content-type
text/html;charset=utf-8
date
Fri, 14 Oct 2022 14:54:52 GMT
last-modified
Fri, 14 Oct 2022 14:54:52 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iB8elGpMcsd8L4x6wh2n%2Bq0YDzz2G9z8fRp0vz8fJ2ozntsn8KhIz5t5NLJR0WPrBKBMvIeRVZo1V9ONkQHxrtZoZrw8yT3sq4TN73ieJ%2FgazXoz%2F%2BXW1qXT6UmZq98Anu7gUphgMi6eH6ES1hsq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-hs-https-only
worker
x-hubspot-correlation-id
9b31ffc2-17df-466c-a374-65641e5cc877
x-robots-tag
none
Primary Request index.html
www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/
Redirect Chain
  • https://order.weshield.us/events/public/v1/encoded/track/tc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WY...
  • https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYK...
216 KB
50 KB
Document
General
Full URL
https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44760875eb5d979c21e5a8478efb889a6088f6bfdb5a4ff047b2c6b92ee7a988
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* courageousstudio.com
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
124
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=60
content-encoding
gzip
content-length
50129
content-security-policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* courageousstudio.com
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:54:53 GMT
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
3, 1
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-served-by
cache-iad-kcgs7200082-IAD, cache-ewr18133-EWR
x-servedbyhost
::ffff:127.0.0.1
x-timer
S1665759293.275458,VS0,VE2
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
false
cf-cache-status
MISS
cf-ray
75a1271d3bf9f7f4-BNA
date
Fri, 14 Oct 2022 14:54:53 GMT
link
<https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email>; rel="canonical"
location
https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siGld1eI4xQGatlnpgPrU70MA3YQQVHKE9Xa5tYk8KLGJXsFCD6jbKItVD%2F%2Bnh0C8uU8zI7gtxYViUOKY7HGaeZ5sArM1CpT1%2Bxew768LfAryGxOuJ%2BFVu5efBUkWHvLSF90J6xHitasbVTFdHXg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-hs-https-only
worker
x-hubspot-correlation-id
c63fe00d-a4e6-4e76-8fe1-f69f7a81464a
x-robots-tag
none
131788053.js
cdn.optimizely.com/js/
615 KB
133 KB
Script
General
Full URL
https://cdn.optimizely.com/js/131788053.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a3::13b8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67603bf5fc4bbac38db4249af72d478c182817669c22757eb9730e47f2216da6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
HzjmZS4rj9FYvfbCvcvxaAZ_3RmFyaO.
content-encoding
gzip
date
Fri, 14 Oct 2022 14:54:53 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
1988E1TTN671GANC
x-amz-server-side-encryption
AES256
x-amz-meta-revision
50142
x-amz-replication-status
COMPLETED
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="20";dur=0,cdnip;desc="2600:1400:d:4a3::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length
135169
x-amz-id-2
3klPHt9hoeYFY3500cToVz6WMPotCXe3V2KsEUsmnfjwfAxBaizUfvfv+0c8JOt6FFsKdcPwHBg=
last-modified
Fri, 14 Oct 2022 14:13:36 GMT
server
AmazonS3
etag
"afc66fad1b0e4d7fe6b14cfefb4eb18e"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
sfp.js
native.sharethrough.com/assets/
268 KB
72 KB
Script
General
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-12.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f584c9d6aba1cbd0502cc327c19bd8339247815ac83a031066bcb75568497cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:22:03 GMT
content-encoding
gzip
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
last-modified
Mon, 10 Oct 2022 20:22:01 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
1971
etag
W/"850f1f3eaeb56fbd05e812c68e92e866"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
lZlvpiH39ufhUqVmyLbNcRAMYl8vraEkxx-XPC6NE20Ja-E8md0bpw==
expires
Mon, 10 Oct 2022 21:21:59 GMT
launch-2878c87af5e3.min.js
lightning.cnn.com/launch/7be62238e4c3/97fa00444124/
290 KB
73 KB
Script
General
Full URL
https://lightning.cnn.com/launch/7be62238e4c3/97fa00444124/launch-2878c87af5e3.min.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ae1484b1d5ef64f2687caf0bcb08e74677551a38c8fe0ddc101c8c97f10b051b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:53 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 17:30:33 GMT
server
AkamaiNetStorage
etag
"696126052a2fcf3cdcaff32cc08618fe:1660325433.60877"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
*
cache-control
max-age=123
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 14 Oct 2022 14:56:56 GMT
cnn-ais.js
i.cdn.turner.com/ads/adfuel/ais/2.1/
1 MB
226 KB
Script
General
Full URL
https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
594674117ee7fbfeafb70cb2258230148ac79822797659461c23f123adaf74bc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:53 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 14:03:37 GMT
server
AkamaiNetStorage
etag
"2ff9aa0e88676a2fee2b48bb59192365:1664978617.176988"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 14 Oct 2022 15:54:53 GMT
adfuel-2.1.js
i.cdn.turner.com/ads/adfuel/
239 KB
53 KB
Script
General
Full URL
https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a906eb16f76c88221a9c3a0e42db23a20886ee333cd8e2e2a5a7f5085ff2a10b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:53 GMT
content-encoding
gzip
last-modified
Tue, 27 Sep 2022 16:11:24 GMT
server
AkamaiNetStorage
etag
"6dcff415e8f60fdf5669acafb469e65f:1664295084.494197"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
expires
Fri, 14 Oct 2022 15:54:53 GMT
http%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F221011162157-02-coronavirus-omicron-travel-vaccine-health-wellness.jpg
dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_auto,h_28,ar_16:9/
403 B
497 B
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_auto,h_28,ar_16:9/http%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F221011162157-02-coronavirus-omicron-travel-vaccine-health-wellness.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
289dadbee2c8071696c7618cf8121e4a92be71f1654d4f89af02d2b8919ac2e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:53 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
403
content-type
image/jpeg
http%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F171220172042-best-beaches-promo.jpg
dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_auto,h_28,ar_16:9/
368 B
462 B
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_auto,h_28,ar_16:9/http%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F171220172042-best-beaches-promo.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2a5ecf8d0ef59a28ffc063a80cdb76bd373c037f95f9e560752d07e2541efd10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:53 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
368
content-type
image/jpeg
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zvDmpz9S9y5z1XhncmOZ/w==
age
7787
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Thu, 13 Oct 2022 06:44:41 GMT
server
cloudflare
etag
0x8DAACE667EC63AC
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7c81ff50-801e-00a9-5bd7-de0d0e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75a127240ec2d15b-BUF
common.48f932d9c7d2f0903925.js
verticals-static.cnn.com/travel/assets/
493 KB
146 KB
Script
General
Full URL
https://verticals-static.cnn.com/travel/assets/common.48f932d9c7d2f0903925.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00f8d504457c14ab3989f9dbe2deabf6fd74e0c8fa703ec778e5fa4c4785bb2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:53 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 19:08:41 GMT
server
AmazonS3
x-amz-request-id
V80NMANJSXVF367N
etag
"4514cf483c7ee0a593734d8feca5bce9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
3000
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=18593245
accept-ranges
bytes
x-amz-id-2
p12RzH0HW0mMY0Us57LEjPbGwXOyN+5KUv+N2p8WiAXAMyrj5bOf0syZM7XTaURMrDlG/8D7B0U=
app.da9a472094941e62cf98.js
verticals-static.cnn.com/travel/assets/
146 KB
32 KB
Script
General
Full URL
https://verticals-static.cnn.com/travel/assets/app.da9a472094941e62cf98.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8f82f427a143e43627990393fec6d358ae5861d2e434c29a485b9bf680e1cdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:53 GMT
content-encoding
gzip
x-amz-request-id
1BN53F3Q1MD190G5
x-amz-server-side-encryption
AES256
content-length
32696
x-amz-id-2
HOAyQGIIUcvFlGf7UGT9kYkG+QUGd8ILLEl5w8YWEXMJXcjntkuSAaMePrdZyAawa6jASB68Y5o=
last-modified
Fri, 26 Aug 2022 13:18:29 GMT
server
AmazonS3
etag
"34a49e3dcde38ad9fc27c2f1ae70d935"
vary
Accept-Encoding
access-control-max-age
3000
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=27303303
accept-ranges
bytes
geo4.js
cdn3.optimizely.com/js/
310 B
811 B
Script
General
Full URL
https://cdn3.optimizely.com/js/geo4.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/131788053.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.73.233.196 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-233-196.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f4dccd9f47ddd9c45c515c5367a1064400eef210f31928b11eb79c13ba1c5e87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Unused62
8096267
x-amz-version-id
F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
Date
Fri, 14 Oct 2022 14:54:53 GMT
Server
AmazonS3
x-amz-request-id
638R03P2W29HB91C
x-amz-server-side-encryption
AES256
ETag
"8777c006589ecabfa3d63a6b5bf24393"
Content-Type
application/javascript
Cache-Control
max-age=57694
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
310
x-amz-id-2
9C7/rkLGNwRbI0lNZIQ6K9DFtbqmQxYZIOcDicGeMw4i3B6rvbG8EKwv/s+6Yv2sSwRO1oScTn4=
freewheel-mapping.json
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/
14 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
1.0.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-cdg20766-CDG
x-jsd-version-type
version
server
cloudflare
etag
W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCwx2uTEr56y9WfqnADEzfnaJfLMSTrygwVfWmFqJxVR9ksw04fwN7R%2BysK1pAmVrAiUH9MCnDcdHFvsQNM02gGRX8aax2MNVagib9P8zyuPM%2BvdCAz%2B9nf52sfQArrOkaBdCjuuVOsNtthPpyk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75a127224b04d157-BUF
apstag.js
c.amazon-adsystem.com/aax2/
176 KB
44 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:33:45 GMT
content-encoding
gzip
via
1.1 c6bba20dc3ec8526b729f039a2fdf7ae.cloudfront.net (CloudFront), 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 22:15:22 GMT
server
AmazonS3
x-amz-cf-pop
IAD12-P2, EWR52-C2
age
1269
x-amz-server-side-encryption
AES256
etag
W/"4c87a00941c1aa3dcbab77fc8dc08ec0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
gfsMWf_1067tKlDx57A4o4D9I1tVizmVv7rmlXZ8TOiP0W_LJqBcqQ==
v2svxFVJ-Mg82zHMJUHkQBWwVF721AsFf1Y3MomzEUqIMQlG6f2VaL6ctdsQc2VgA
steadfastseat.com/
92 KB
28 KB
Script
General
Full URL
https://steadfastseat.com/v2svxFVJ-Mg82zHMJUHkQBWwVF721AsFf1Y3MomzEUqIMQlG6f2VaL6ctdsQc2VgA
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:6072::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6efeb1e49f8d15198616fade431c964aae80923879f36311b2f4e3380c2a52b6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 14 Oct 2022 14:54:53 GMT
x-datacenter
gce-us-east1
etag
"d5743795f2a12e278dc7556e559f3aedd0d4ce2ec9712f69b432f0c4e1d48ff5"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-4607
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
661392823
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tag
btloader.com/
Redirect Chain
  • https://warnermediagroup-com.videoplayerhub.com/galleryloader.js
  • https://btloader.com/tag?h=warnermediagroup-com&upapi=true
13 KB
6 KB
Script
General
Full URL
https://btloader.com/tag?h=warnermediagroup-com&upapi=true
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fd085863ad696f554615ed2f47c6bbd077fc6e6172418ca1a4c3784cc3d8f3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 14:40:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
871
etag
W/"e9e70157cd00a56f3b76c555c87323be"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVv0p6McEqrqK9TSwGl0TFYWj8MX3m9u2O%2Fv9cz%2FTyVWKyKMA3HVUVwQPkPr5wqhOVrRR7oNLN1mSxZILeKS%2B8d6P5HVu%2Boxa0LJ5KWPy5jbRQhohQbfjEcz5PftYOoGDLPV6kPFQ4FOJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
75a12724e91cc416-EWR

Redirect headers

date
Fri, 14 Oct 2022 14:54:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzbuZQpjGh5efhzDXY1VjNo3v9J%2FXDyGRAJXufu0UamDiH74U22%2Fty%2F5G86co%2F0tAJiNCeoc743qBiHL1%2BfqAG1xK6iFlhNoHJ1VC9EDb6GIQjfbDtXN%2FA48Us3x3%2BZf5q84bnlo%2F8quYXEbz5M5jzOcVRKM2rrOWCQv%2Fgde%2BLkN4AFXVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=warnermediagroup-com&upapi=true
cache-control
max-age=3600
cf-ray
75a12722ea9c8c72-EWR
expires
Fri, 14 Oct 2022 15:54:53 GMT
xd.sjs
www.ugdturner.com/
329 B
535 B
Script
General
Full URL
https://www.ugdturner.com/xd.sjs
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.188.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-188-23.compute-1.amazonaws.com
Software
openresty /
Resource Hash
5ea213ca4780f5a9084e58ef00f944ce58d5883d22c3d0a3ef145ea70675b188

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:53 GMT
cache-control
no-cache
server
openresty
content-type
text/javascript
iasPET.1.js
static.adsafeprotected.com/
22 KB
7 KB
Script
General
Full URL
https://static.adsafeprotected.com/iasPET.1.js
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
UWTIHcIBCTlOhfqinKDA9NwqhFA8.Ocb
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 13:35:19 GMT
x-amz-cf-pop
JFK50-P5
age
91175
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Jun 2021 13:42:44 GMT
server
AmazonS3
etag
W/"51636de3ce868a2172f9e6996c2934e0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
L6i3vZU1Zm3v_PucFzZo5SHGajnAE-p9EHzjuz71vCEV__2HVwiPuA==
controltag
cdn.krxd.net/
51 KB
11 KB
Script
General
Full URL
https://cdn.krxd.net/controltag?confid=ITb_4eqO
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dbc718cb9ae1df7c2938dc85cc9cfb02d2a5fdc0bad6b093480ae67e0336214b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Fri, 14 Oct 2022 14:54:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
964
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-length
10530
x-served-by
config-service-a003-ash-prod.krxd.net, cache-iad-kiad7000104-IAD, cache-ewr18151-EWR
x-response-time
0
x-do-esi
esi
x-timer
S1665759294.916342,VS0,VE0
etag
"9136bff34cad4ea597f143088f47cdd14d016d48"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 9, 185
script.js
d9esmwyn3ffr1.cloudfront.net/
121 KB
42 KB
Script
General
Full URL
https://d9esmwyn3ffr1.cloudfront.net/script.js
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:b000:14:42af:1f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35e0dfb52ef6815e19735e5e24c5724eba15906da2124c27689c459dcdbb2677

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
gb4pow.Mv5Gx3p6k2QjIe.BTVg_VgWov
content-encoding
gzip
via
1.1 7aea4d81c29185bd2784c2f86062007a.cloudfront.net (CloudFront)
date
Fri, 14 Oct 2022 14:49:08 GMT
last-modified
Thu, 13 Oct 2022 13:45:59 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
346
etag
W/"44d7834718a201f97a6887738235fcf9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
K8N1xAYGISEoVWZZI2DE2Dg_4sNl_pQp8M3I-iEougtIRwnmixk-ag==
u
1f2e7.v.fwmrm.net/ad/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=185&_fw_gdpr=0&_fw_gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=15f1b2ba43771b3f9cb9c22c83664&_fw_gdpr=0&_fw_gdpr_consent=
43 B
455 B
Image
General
Full URL
https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=15f1b2ba43771b3f9cb9c22c83664&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Server
2600:1f18:6593:f606:2bad:1cf:7b7b:1af Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:54 GMT
Content-Type
image/gif
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:54 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=15f1b2ba43771b3f9cb9c22c83664&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1665759294338004-318
auto-user-sync
ads.stickyadstv.com/
43 B
499 B
Image
General
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:54 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1665759294336017-277
a125375509.html
a125375509.cdn.optimizely.com/client_storage/ Frame 7CA9
2 KB
1 KB
Document
General
Full URL
https://a125375509.cdn.optimizely.com/client_storage/a125375509.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/131788053.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.227.191 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-227-191.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
76fae0bd28c9d3e5c0b515748309ac22fc66c180dfe323432b80fbf18401d683
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
806
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:54:53 GMT
etag
"4d4e61612abb24d040cc720eaf79a56b"
last-modified
Fri, 14 Oct 2022 14:13:10 GMT
server
AmazonS3
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="21";dur=0,cdnip;desc="23.73.227.191";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-amz-id-2
Xf8flz+waZNY4UIe+nWJPqGMQ+YG5oCCXEHHMXrgcLobEm1sXlyjcoy/TQHyfEfTVIEUXjR1usE=
x-amz-meta-pci_enabled
False
x-amz-replication-status
PENDING
x-amz-request-id
CBFFM9XNBPJK85SQ
x-amz-server-side-encryption
AES256
x-amz-version-id
dxfUCEADCjWxhLveJpjilzbTWdcKtMmd
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24292692c0764a82f2b4eeb701e14b6c102f05cd8acd4e3f18198ad71a92076d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51df93b818c51153f40463a75a56fb55da06fcaae908f0a36c237d3464ad376d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
327 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0201b2a2116fb85a47297a8f8815343584fafb1c4018a5201cd983b191ad3975

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
365 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74983772e78b4ab621bd8d5d8a686a2ded7cc9376cc34cd4f57c04a3c41eac90

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
660 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed956d8b011dad1c2e7cf81e161e4fec4da0a5aaad8c60a40f94a4d652760ca4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
563 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf54ba25dde67304d51588ae967712adeb5ea3d307164b06e4b04ae9786be118

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
cnntravel-light.woff2
www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/
55 KB
55 KB
Font
General
Full URL
https://www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/cnntravel-light.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1cb26822149a5039570eb936bdcce3adfc61e3e8031082e6188cae156e80979d
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 14:54:53 GMT
x-servedbyhost
::ffff:127.0.0.1
age
2442885
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
56128
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200025-IAD, cache-ewr18177-EWR
x-timer
S1665759294.908490,VS0,VE0
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
74, 625
211b2f2141e3c4e2ddef82016bf521e8.woff2
verticals-static.cnn.com/travel/assets/
45 KB
46 KB
Font
General
Full URL
https://verticals-static.cnn.com/travel/assets/211b2f2141e3c4e2ddef82016bf521e8.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67e8269cd944134ebe49deda2f7b3c76fba0b2b97037c8649d0a411007de23f5

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:53 GMT
Last-Modified
Wed, 01 Dec 2021 19:08:37 GMT
Server
AmazonS3
x-amz-request-id
CTVFSYCF38HBHV1R
ETag
"211b2f2141e3c4e2ddef82016bf521e8"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=18593239
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46464
x-amz-id-2
YpqJyXTmAFOZba5Jcznn2d3U5KaMSlXnpKJBdNitBHM0W8XKvOJltOKYGNxOU8KFQyLuPAvywwGiopM3DyYkZw==
cnntravel-semibold.woff2
www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/
56 KB
56 KB
Font
General
Full URL
https://www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/cnntravel-semibold.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6b4795935173dd8879c4892909ac59f2be2f6bc3f6f8e8448d3a72dc5dd9ac9
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 14:54:53 GMT
x-servedbyhost
::ffff:127.0.0.1
age
2442795
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
57040
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200025-IAD, cache-ewr18177-EWR
x-timer
S1665759294.908469,VS0,VE0
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
94, 665
cnntravel-medium.woff2
www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/
55 KB
56 KB
Font
General
Full URL
https://www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/cnntravel-medium.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ceb863becaa364f1d55bf6d643e9c79cb3316e3add1e75269d464a53576b9385
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 14:54:53 GMT
x-servedbyhost
::ffff:127.0.0.1
age
947005
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
56468
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000150-IAD, cache-ewr18177-EWR
x-timer
S1665759294.908455,VS0,VE0
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 700
ed91e68296cc0c8391e8fc429759704e.png
verticals-static.cnn.com/travel/assets/
38 KB
39 KB
Image
General
Full URL
https://verticals-static.cnn.com/travel/assets/ed91e68296cc0c8391e8fc429759704e.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa66103f79eef86d00ea032010300e4ced0d79bf7c8e87d265f186e48ccbab3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
last-modified
Wed, 01 Dec 2021 19:08:42 GMT
server
AmazonS3
x-amz-request-id
0QD2W3NQ4FK7FD8N
etag
"ed91e68296cc0c8391e8fc429759704e"
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=18593287
accept-ranges
bytes
content-length
39174
x-amz-id-2
A5RMDs1a9DqNnWA8uj3nI5gXZd9YJ0X2FIX7M2ONJTy6xESr2cKElF1kcGu+tdomw4aluCVPOd0=
cnnsans-regular.woff2
www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/
45 KB
46 KB
Font
General
Full URL
https://www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/cnnsans-regular.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
67e8269cd944134ebe49deda2f7b3c76fba0b2b97037c8649d0a411007de23f5
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 14:54:54 GMT
x-servedbyhost
::ffff:127.0.0.1
age
204716
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
46464
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100114-IAD, cache-ewr18177-EWR
x-timer
S1665759294.013899,VS0,VE0
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
8, 27794
cnnsans-bold.woff2
www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/
34 KB
35 KB
Font
General
Full URL
https://www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/cnnsans-bold.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8732346bbc22ba869b01b76807b15e10af1cbeb6d9ffd57beb8f9b776204ae86
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 14:54:54 GMT
x-servedbyhost
::ffff:127.0.0.1
age
860678
x-cache
MISS, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
35204
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100095-IAD, cache-ewr18177-EWR
x-timer
S1665759294.014136,VS0,VE0
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
0, 41151
cnntravel-regular.woff2
www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/
54 KB
55 KB
Font
General
Full URL
https://www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/cnntravel-regular.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1975c68a11eeeec221de98531a1be1121d7b6aa3d0f551e44fa25d9d0245dbe1
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 14:54:54 GMT
x-servedbyhost
::ffff:127.0.0.1
age
855588
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
55732
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200172-IAD, cache-ewr18177-EWR
x-timer
S1665759294.014116,VS0,VE0
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1770
0.a854a62bd42e1349f04a.js
verticals-static.cnn.com/travel/assets/
1 MB
326 KB
Script
General
Full URL
https://verticals-static.cnn.com/travel/assets/0.a854a62bd42e1349f04a.js
Requested by
Host: verticals-static.cnn.com
URL: https://verticals-static.cnn.com/travel/assets/app.da9a472094941e62cf98.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9dce40b619e921f47861f42150fe9ab574ecc47db3953a6394a8d7030cc5ce03

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 19:08:34 GMT
server
AmazonS3
x-amz-request-id
FGJXWMT0BS3TNH08
etag
"dbaea728b3515a3137ccb78db1b5ae71"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
3000
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=18593182
accept-ranges
bytes
x-amz-id-2
BgnoR27Z8mBPySFYzrWWihV+aFwOESZBNzQa70Mx8fMsES2bdvrmLOyTGWx79N5X8Fs8A/W2dGc=
1.d9ee47840003f172d21c.js
verticals-static.cnn.com/travel/assets/
23 KB
8 KB
Script
General
Full URL
https://verticals-static.cnn.com/travel/assets/1.d9ee47840003f172d21c.js
Requested by
Host: verticals-static.cnn.com
URL: https://verticals-static.cnn.com/travel/assets/app.da9a472094941e62cf98.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ae4312f7607dbb787e201e48009fa93dd62236506efff04d9a6684fd60cb57b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
x-amz-request-id
FGJKP2K9N3KPTST6
x-amz-server-side-encryption
AES256
content-length
7678
x-amz-id-2
7Y+0p6s73DMbRZf97R5+iJd29WckdJbTVZ+o/QOK0pf6FpiNNwoxUYAng7sWVcWR/zhVGFhuqN8=
last-modified
Wed, 01 Dec 2021 19:08:35 GMT
server
AmazonS3
etag
"7128eb6a1f5eeecc2de8d6a996a8d211"
vary
Accept-Encoding
access-control-max-age
3000
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=18593232
accept-ranges
bytes
2.4be0a705f02b9d62040e.js
verticals-static.cnn.com/travel/assets/
40 KB
11 KB
Script
General
Full URL
https://verticals-static.cnn.com/travel/assets/2.4be0a705f02b9d62040e.js
Requested by
Host: verticals-static.cnn.com
URL: https://verticals-static.cnn.com/travel/assets/app.da9a472094941e62cf98.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
329318ab19ccf973c54c56989d8a3bfc2b778ca5da60af92374e0b43b61a6c34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
x-amz-request-id
2DH0Z3B8N7DZQQE2
x-amz-server-side-encryption
AES256
content-length
11089
x-amz-id-2
0jO16v1Rhjahh6ruh5fjmxUq8O5oB394yueYMuZvwrhBGuZ1HcT5JXAoPBYi5OTadt7kk0X+0/A=
last-modified
Wed, 01 Dec 2021 19:08:37 GMT
server
AmazonS3
etag
"7ec9b4e285ba7db5aeeef4f939bc336f"
vary
Accept-Encoding
access-control-max-age
3000
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=18593189
accept-ranges
bytes
3.12c48e0ae84fb6e9593b.js
verticals-static.cnn.com/travel/assets/
11 KB
4 KB
Script
General
Full URL
https://verticals-static.cnn.com/travel/assets/3.12c48e0ae84fb6e9593b.js
Requested by
Host: verticals-static.cnn.com
URL: https://verticals-static.cnn.com/travel/assets/app.da9a472094941e62cf98.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a28f73a5741b70ca26246a9b76c3f43e7de4b2a787e9aec59d1a045402a9cb31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
x-amz-request-id
0QD0KEJB7JKFKEZ6
x-amz-server-side-encryption
AES256
content-length
4121
x-amz-id-2
rXQF/2JouTVxYJGhjm41oNVc6tDyRorDnC2Dy9nrG29DewRfxy7bjaFN5ffMej74rvPKiOfK7jo=
last-modified
Wed, 01 Dec 2021 19:08:37 GMT
server
AmazonS3
etag
"8020577431ee5db179ef5211f872c973"
vary
Accept-Encoding
access-control-max-age
3000
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=18593248
accept-ranges
bytes
9.160a2d8ec40b833aa744.js
verticals-static.cnn.com/travel/assets/
195 KB
40 KB
Script
General
Full URL
https://verticals-static.cnn.com/travel/assets/9.160a2d8ec40b833aa744.js
Requested by
Host: verticals-static.cnn.com
URL: https://verticals-static.cnn.com/travel/assets/app.da9a472094941e62cf98.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eee98945090dc5236e66bfa2eaabd4130d06873a97633e64d54dfe76a1d745ec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
x-amz-request-id
NA9C2J2EG2QJ7DJW
x-amz-server-side-encryption
AES256
content-length
40493
x-amz-id-2
631q9nQRzDF7xFaseKih2LsQntqAwO/b2ICZcTu6S4wsaSMrXybdrYBTMZcK8TFmjl4Fd0iv9nvf4VildJfcNg==
last-modified
Wed, 06 Jul 2022 19:28:36 GMT
server
AmazonS3
etag
"c6efb54f15aed24ee9562355a78aa197"
vary
Accept-Encoding
access-control-max-age
3000
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=22916630
accept-ranges
bytes
a9dd70f8b1b04de30f0d5ad1bb1134d2.woff2
verticals-static.cnn.com/travel/assets/
56 KB
56 KB
Font
General
Full URL
https://verticals-static.cnn.com/travel/assets/a9dd70f8b1b04de30f0d5ad1bb1134d2.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
105971e4adc710c3a901cfcdf863bca4f5dedbfaa4c4500626abbdc6d7d85573

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:54 GMT
Last-Modified
Wed, 01 Dec 2021 19:08:40 GMT
Server
AmazonS3
x-amz-request-id
V80X4QXHGH04TRC4
ETag
"a9dd70f8b1b04de30f0d5ad1bb1134d2"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=18593276
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57024
x-amz-id-2
tj4ZiTXbZF7zmeyO0Gp1+RiDviN6JHi27wI4vGpORI5MkZNMbP72ztYXaHyaEv5ofVsTD8ssx94=
9c13f4c0a5b24fa0bd5f249da45b85c2.woff2
verticals-static.cnn.com/travel/assets/
55 KB
56 KB
Font
General
Full URL
https://verticals-static.cnn.com/travel/assets/9c13f4c0a5b24fa0bd5f249da45b85c2.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70aca2a6be1160cab108cc64c19118b74cc2b344cb9cf20ffa94738548e39820

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:54 GMT
Last-Modified
Wed, 01 Dec 2021 19:08:40 GMT
Server
AmazonS3
x-amz-request-id
CTVFAA7TZ2GWK82F
ETag
"9c13f4c0a5b24fa0bd5f249da45b85c2"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=18593309
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56348
x-amz-id-2
AO94DkOtV/38AaVxE6W7FjUH8q80DmVWVwhHkxZecm4/p2vuL5riawym9wqtisNg0X/6tb7d28U=
cd02fb2f31c0dd5036f647c8ee20c586.woff2
verticals-static.cnn.com/travel/assets/
54 KB
55 KB
Font
General
Full URL
https://verticals-static.cnn.com/travel/assets/cd02fb2f31c0dd5036f647c8ee20c586.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151ee9b6cc20cf1ebfc11b980f8be4623e85d439af8ba430629db32ac1310c4f

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:54 GMT
Last-Modified
Wed, 01 Dec 2021 19:08:41 GMT
Server
AmazonS3
x-amz-request-id
FGJWH5RD9WJ2DS22
ETag
"cd02fb2f31c0dd5036f647c8ee20c586"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=18593280
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55268
x-amz-id-2
PcjSkvQSXxoO6hQCB9DJ0BJTKuOrQGNf8cO5XXugnC+ZzlQ2dRQ4BetwPEwwVsNAU5b7WdWaGeA=
531dff7d4e1abb89f59f087aa22a0e8d.woff2
verticals-static.cnn.com/travel/assets/
55 KB
56 KB
Font
General
Full URL
https://verticals-static.cnn.com/travel/assets/531dff7d4e1abb89f59f087aa22a0e8d.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1e4888fea653359d24e130790805cfa1d340d1d6c5375e4c09c7b7735b25d0a

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:54 GMT
Last-Modified
Wed, 01 Dec 2021 19:08:39 GMT
Server
AmazonS3
x-amz-request-id
V80XDW8430N34NYV
ETag
"531dff7d4e1abb89f59f087aa22a0e8d"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=18593235
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56488
x-amz-id-2
w4S5SGBv7ZL1s7wtv9PfxG+V3w7uUh3Ciom+f5Dg5orNYvqOEcVr8lRyQzeqmCznImKUjGatnSs=
cnnsans-medium.woff2
www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/
34 KB
34 KB
Font
General
Full URL
https://www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/cnnsans-medium.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
971ac0afbc5b9af174313666676cbe6385da537f4109fd1cbae65e1dfd4dfcbb
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 14:54:54 GMT
x-servedbyhost
::ffff:127.0.0.1
age
2161227
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34500
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200151-IAD, cache-ewr18149-EWR
x-timer
S1665759294.262635,VS0,VE0
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 12872
audience_id
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/audience_id
  • https://sync.search.spotxchange.com/audience_id?__user_check__=1
54 B
584 B
XHR
General
Full URL
https://sync.search.spotxchange.com/audience_id?__user_check__=1
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Server
192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
388d6899382bb9c403f05346c4d90ff37d8f23c41097c36165220fa6759dc885

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:54 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cnn.com
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
X-fe
210
Connection
keep-alive
Content-Length
54

Redirect headers

Date
Fri, 14 Oct 2022 14:54:54 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
//sync.search.spotxchange.com/audience_id?__user_check__=1
Access-Control-Allow-Origin
https://www.cnn.com
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
X-fe
319
Connection
keep-alive
Content-Length
0
user-sync
umto.cnn.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://umto.cnn.com/user-sync?zwmc=$UID&domain=cnn.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fumto.cnn.com%2Fuser-sync%3Fzwmc%3D%24UID%26domain%3Dcnn.com
  • https://umto.cnn.com/user-sync?zwmc=7131516223038119427&domain=cnn.com
0
156 B
Image
General
Full URL
https://umto.cnn.com/user-sync?zwmc=7131516223038119427&domain=cnn.com
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
54.80.141.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-141-180.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
server
awselb/2.0
content-length
0
content-type
application/octet-stream

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:54 GMT
AN-X-Request-Uuid
8e4b3c88-4ab1-4eda-8395-b795c1534906
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://umto.cnn.com/user-sync?zwmc=7131516223038119427&domain=cnn.com
Connection
keep-alive
X-Proxy-Origin
96.9.246.197; 96.9.246.197; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
u
bea4.v.fwmrm.net/ad/
0
411 B
Image
General
Full URL
https://bea4.v.fwmrm.net/ad/u?mode=echo&cr=https://umto.cnn.com/user-sync%3Fbea4%3D%23%7Buser.id%7D%26domain%3Dcnn.com
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:54 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
user-sync
umto.cnn.com/
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=cnn
  • https://umto.cnn.com/user-sync?ifyr=L98M2PLK-Y-BTOL&domain=cnn.com
0
154 B
Image
General
Full URL
https://umto.cnn.com/user-sync?ifyr=L98M2PLK-Y-BTOL&domain=cnn.com
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
54.80.141.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-141-180.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
server
awselb/2.0
content-length
0
content-type
application/octet-stream

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://umto.cnn.com/user-sync?ifyr=L98M2PLK-Y-BTOL&domain=cnn.com
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
Expires
0
user-sync
umto.cnn.com/
Redirect Chain
  • https://eq97f.publishers.tremorhub.com/pubsync?redir=https://umto.cnn.com/user-sync?goiz=%5Btvid%5D%26domain=cnn.com
  • https://eq97f.publishers.tremorhub.com/pubsync/verify?redir=https://umto.cnn.com/user-sync?goiz=%5Btvid%5D%26domain=cnn.com
  • https://umto.cnn.com/user-sync?goiz=427fcc71780f41d8b13f97aba743dc45&domain=cnn.com
0
165 B
Image
General
Full URL
https://umto.cnn.com/user-sync?goiz=427fcc71780f41d8b13f97aba743dc45&domain=cnn.com
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
54.80.141.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-141-180.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
server
awselb/2.0
content-length
0
content-type
application/octet-stream

Redirect headers

location
https://umto.cnn.com/user-sync?goiz=427fcc71780f41d8b13f97aba743dc45&domain=cnn.com
date
Fri, 14 Oct 2022 14:54:54 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
EX1d194815a3a24f70a72344c972c1a2fa-libraryCode_source.min.js
lightning.cnn.com/launch/7be62238e4c3/97fa00444124/3166d84232cb/
33 KB
12 KB
Script
General
Full URL
https://lightning.cnn.com/launch/7be62238e4c3/97fa00444124/3166d84232cb/EX1d194815a3a24f70a72344c972c1a2fa-libraryCode_source.min.js
Requested by
Host: lightning.cnn.com
URL: https://lightning.cnn.com/launch/7be62238e4c3/97fa00444124/launch-2878c87af5e3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
57ad8175a700fc3c80f5c819c9e564b9c0ee3a68a66e0af3a8a2b936a186cc71

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
content-length
12176
last-modified
Fri, 12 Aug 2022 17:30:31 GMT
server
AkamaiNetStorage
etag
"d509ae32a0ffdc9a5e71aebc2e781e09:1660325431.30943"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
*
cache-control
max-age=122
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 14 Oct 2022 14:56:56 GMT
taglw.js
cdn.ml314.com/
18 KB
6 KB
Script
General
Full URL
https://cdn.ml314.com/taglw.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5079076cf278338285df356086a41b7f6eab04fd299296e6a7d68013c48c4e87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:05:01 GMT
content-encoding
br
age
2993
x-guploader-uploadid
ADPycduv_nLmT5eI72azCs14iDmr2_Ma-wCnHhINLktGmlg35m4p2zN9p7yFcS2bKzpfhkHZ3BDFKeGWhsunFrACFdjc-w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6035
last-modified
Tue, 09 Aug 2022 21:49:07 GMT
server
UploadServer
etag
W/"edbcc3773f77146cef74231c26ee0954"
vary
Accept-Encoding
x-goog-generation
1660081747484154
x-goog-hash
crc32c=PIuCwg==, md5=7bzDdz93FGzvdCMcJu4JVA==
content-type
application/javascript
cache-id
LGA-12baf686
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
18039
accept-ranges
none
m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-204044h&cg=0&cc=1&si=https%3A//www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html%3Futm_medium%3Demail%26_hs...
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-204044h&cg=0&cc=1&si=https%3A//www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html%3Futm_medium%3Demail%26_hs...
44 B
596 B
Image
General
Full URL
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-204044h&cg=0&cc=1&si=https%3A//www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&rp=&ts=compact&rnd=1665759294377&ja=1
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
18.190.165.21 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-165-21.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:54 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:54 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
location
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-204044h&cg=0&cc=1&si=https%3A//www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&rp=&ts=compact&rnd=1665759294377&ja=1
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
streamsense.5.2.0.160629.min.js
s.cdn.turner.com/analytics/comscore/
91 KB
18 KB
Script
General
Full URL
https://s.cdn.turner.com/analytics/comscore/streamsense.5.2.0.160629.min.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::17db:5ddb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
cfe9c981c4b6a98bcf7bad851a321d94cd5d6b52166581a1ee054607aa1727a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
last-modified
Mon, 11 Jul 2022 13:15:39 GMT
server
AkamaiNetStorage
etag
"b2700d7949b7f35b8a162d180dba4ef7:1657545339.072775"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
17730
expires
Fri, 14 Oct 2022 15:54:54 GMT
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-33.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 00:52:10 GMT
content-encoding
gzip
via
1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
50565
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
wQ7S9SSeknlJ655ibvZHwv_jNtPUc_UzhZiNnJYHHn9zET2QWTGVeg==
psm.min.js
lightning.cnn.com/cdp/psm/brands/cnn/web/release/
10 KB
3 KB
Script
General
Full URL
https://lightning.cnn.com/cdp/psm/brands/cnn/web/release/psm.min.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9b29cc470a35e9de8c083fa1cb2d9f3d49fe0cd604ec98b5e99550ae2c245f68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
content-length
2773
last-modified
Wed, 28 Sep 2022 20:02:19 GMT
server
AkamaiNetStorage
etag
"4abbd4d4f603935f9afbd583db1c4372:1664395339.482063"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
*
cache-control
max-age=426
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 14 Oct 2022 15:02:00 GMT
skeleton.js
static.adsafeprotected.com/
17 B
464 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: steadfastseat.com
URL: https://steadfastseat.com/v2svxFVJ-Mg82zHMJUHkQBWwVF721AsFf1Y3MomzEUqIMQlG6f2VaL6ctdsQc2VgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 10:04:46 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
3732609
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
Ko_RD2aXYpVlItY8tXagIUIjfOn7eyxASnQOHgAjnkmBxX9U2Tk_rw==
pub
pixel.adsafeprotected.com/services/
663 B
894 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:video1,s:1.1,p:cnn.com_politics_carousel_t1,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=0f88dbe5-e41b-d6d7-2ba5-c3bea0eba177&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
62298265921b78734bf12beebaf0dcab868098b570755499874c796fb5124f19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
server
nginx
x-server-name
app25.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
controltag.js.d58f47095e6041e576ee04944cca45da
cdn.krxd.net/ctjs/
259 KB
83 KB
Script
General
Full URL
https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag?confid=ITb_4eqO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
725302
age
865910
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
84766
x-served-by
cache-ewr18151-EWR
last-modified
Tue, 04 Oct 2022 09:41:11 GMT
x-timer
S1665759294.483799,VS0,VE0
etag
"d58f47095e6041e576ee04944cca45da"
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Fri, 01 Oct 2032 09:41:10 GMT
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cnn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 14 Oct 2022 14:54:54 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/
0
15 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
config
c.amazon-adsystem.com/cdn/prod/
0
307 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3159&u=https%3A%2F%2Fwww.cnn.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 12:25:29 GMT
via
1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
age
8964
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.cnn.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
6q_yWepZL-if1J7yQc-Z4pARUSY1hMOnUR2bguErQ-1qu7U7e6Ezkg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 01:40:58 GMT
x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding
gzip
via
1.1 4c4a56815dfe3e256aedb11d486092f0.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
age
47637
x-cache
Hit from cloudfront
last-modified
Thu, 06 Oct 2022 01:32:47 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
H9HNz8mIt4nMVNb15tvFO5fSTGOnwJdxv1DfB0bExJy2OQje-JK8CA==
3d9a6f21-8e47-43f8-8d58-d86150f3e92b.json
cdn.cookielaw.org/consent/3d9a6f21-8e47-43f8-8d58-d86150f3e92b/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/3d9a6f21-8e47-43f8-8d58-d86150f3e92b/3d9a6f21-8e47-43f8-8d58-d86150f3e92b.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a6bb419cbbf58307abefc7224a57c0be452ab88446b0c2ced7be294fa50e0cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vVCEhYPYtqkVp1Mk/f2INQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1637
x-ms-lease-status
unlocked
last-modified
Mon, 01 Aug 2022 14:58:05 GMT
server
cloudflare
etag
0x8DA73CE3D4B7872
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4693320c-d01e-007d-69b7-a5442e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75a127278f4dd15b-BUF
expires
Fri, 14 Oct 2022 18:54:54 GMT
px.gif
ad-delivery.net/
43 B
936 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86713
x-guploader-uploadid
ADPycduJ9PTVzPLEHwm5hZkCXqpnxiwzstlKn8iyou7d9sVhDPQVcjCVCpDEZQCPSi2oovHgFfTzqWLnJC8r-KgZ6W8Dwg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Vs1RS2YnBXjzyHNq9BTHnr5w30XLZCPuqprJF8eOooSCQolUcRFTLpzu13c51JkFGCO5m1l7KycJIEi9o%2FE8RbFsG2c4uSxWp2BFolJVY2DYJVkuHIP0GCqxoNHHOJVNt0oinHRkLcp1hvSKA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
75a127284a4018bc-EWR
expires
Sat, 15 Oct 2022 14:54:54 GMT
favicon.ico
ad.doubleclick.net/
1 KB
664 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:50:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Oct 2022 18:50:02 GMT
px.gif
ad-delivery.net/
43 B
343 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7770143602334074
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86713
x-guploader-uploadid
ADPycduJ9PTVzPLEHwm5hZkCXqpnxiwzstlKn8iyou7d9sVhDPQVcjCVCpDEZQCPSi2oovHgFfTzqWLnJC8r-KgZ6W8Dwg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cepXXmjtPWHwwkOrfLAKmykcmb4gASzO9uQ%2FaSEhqZ%2FzBNcbuAwzI6DMWUm585DE%2BYe6itqTp4tQwH%2FGCRerYUlkx1QJeBIuiqk3Zlz6Ughkij0qEkdlO%2F2cYuUEi68%2FEGdHkxkBXIyKf9sNEA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
75a127284a4218bc-EWR
expires
Sat, 15 Oct 2022 14:54:54 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
79 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9a9c5b70316d0b77250c6410bff38f354e17e1c30495bfb340aede9e36963cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27683
x-xss-protection
0
server
sffe
etag
"1363 / 157 of 1000 / last-modified: 1665745594"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Oct 2022 14:54:54 GMT
idsv2
mid.rkdms.com/
2 B
458 B
XHR
General
Full URL
https://mid.rkdms.com/idsv2?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=TURNER
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.223.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-81-223-235.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.cnn.com
date
Fri, 14 Oct 2022 14:54:54 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/json
identity
api.rlcdn.com/api/
0
276 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/
109 B
542 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186948
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
3f2a65fc5589f099c6cdd8cdf83d2a937d18550b87b83cbac1dbacb6031a6ca5

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 14 Oct 2022 14:54:54 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cnn.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 13 Nov 2022 14:54:55 GMT
events
logx.optimizely.com/v1/
0
356 B
XHR
General
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/131788053.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.75.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-75-67.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 14 Oct 2022 14:54:54 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.cnn.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
a9b56fbb-91e6-4275-b1d9-bad3dffb46e2
20.b2233a5f6baa6273be03.js
verticals-static.cnn.com/travel/assets/
11 KB
4 KB
Script
General
Full URL
https://verticals-static.cnn.com/travel/assets/20.b2233a5f6baa6273be03.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52eec1fdf18e408e7def99967114a13fba7707896cdd08f5acb48f1bf6ca9003

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
gzip
x-amz-request-id
S93087HJQMJZEGQD
x-amz-server-side-encryption
AES256
content-length
3576
x-amz-id-2
8i/zxG1URXDiXk8FvkCcjsjUSU0j38xvOquUVYgWJD/e6L5EjCL4l3KWLEh8RaPIVWKy7gasRjI=
last-modified
Fri, 26 Aug 2022 13:18:25 GMT
server
AmazonS3
etag
"d21dcfaaa7c75e67ec0c6e13731faf71"
vary
Accept-Encoding
access-control-max-age
3000
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=27303332
accept-ranges
bytes
21.b6d3e9dd8bd084a00d03.js
verticals-static.cnn.com/travel/assets/
3 KB
2 KB
Script
General
Full URL
https://verticals-static.cnn.com/travel/assets/21.b6d3e9dd8bd084a00d03.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3b6d03341c68779e351ee7ece4003b4f48bde05b9c47667ac7e91a18bf70ce7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
gzip
x-amz-request-id
ZMYM3RYZDZHFJTN6
x-amz-server-side-encryption
AES256
content-length
1635
x-amz-id-2
lemZnDGy3yBYWuM+1POx2Ta0W78wrXadvrl9Co91BtiN9TsHDnyJK3JWP8lkdzLjJeKyoQUVur0=
last-modified
Wed, 01 Dec 2021 19:08:37 GMT
server
AmazonS3
etag
"c5e89df07295a259163b429b80065c92"
vary
Accept-Encoding
access-control-max-age
3000
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=18593328
accept-ranges
bytes
chartbeat_video.js
static.chartbeat.com/js/
70 KB
24 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:3800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:29:16 GMT
content-encoding
gzip
via
1.1 41c6f8f93eca2f7c81a04a82e2d6ae92.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:51:11 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
1539
etag
W/"62d7517f-1181e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
4wsRvBFaBBSs9tp-ul7_YofWdE0nGxRPLExfgpi7LTFCheLrEuCrdQ==
expires
Fri, 14 Oct 2022 16:29:16 GMT
graphql
graphql.verticals.api.cnn.io/
69 KB
5 KB
Fetch
General
Full URL
https://graphql.verticals.api.cnn.io/graphql?variables=%7B%22type%22%3A%22videoCollection%22%2C%22slug%22%3A%22CNN%20TRAVEL%22%7D&extensions={%22persistedQuery%22:{%22version%22:1,%22sha256Hash%22:%225e849d996d749cdbd3f1a2fcd33e2f3188a4807221ee046ac09e24b1474929a8%22}}
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da683bdedcaa402ef4a35d4dea12d836a009e4d6e1c46201c4848d8f282ecb50

Request headers

accept
*/*
Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
36
x-cache
HIT, HIT
content-length
4504
x-served-by
cache-iad-kjyo7100030-IAD, cache-ewr18177-EWR
x-timer
S1665759295.214357,VS0,VE1
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
7, 1
i.js
tag.bounceexchange.com/340/
279 KB
120 KB
Script
General
Full URL
https://tag.bounceexchange.com/340/i.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
8e0c63a2efcef6fffa7da5476862116eabc0ec2e3d9e94b70363cf49252bcaa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:08 GMT
content-encoding
gzip
via
1.1 google
age
47
x-envoy-upstream-service-time
25
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122310
server
istio-envoy
etag
11c536d5a9a766
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://cnn.bounceexchange.com>; rel=preconnect
zfh.js
z.cdp-dev.cnn.com/zfm/
5 KB
2 KB
Script
General
Full URL
https://z.cdp-dev.cnn.com/zfm/zfh.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::323 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c66b5fd80c2287d6639e3d2186873e393c160b22b77ac7f779a793bdc420202

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
PswvBtCUg8jyNJGdfLjNnS_hURnq8_jo
content-encoding
gzip
via
1.1 826f3843a9f6b2040e54551f0def9c7a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Fri, 14 Oct 2022 14:54:55 GMT
x-amz-cf-pop
IAD79-C2
age
57
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
1205
x-served-by
cache-iad-kiad7000144-IAD, cache-ewr18147-EWR
last-modified
Wed, 18 Aug 2021 19:44:54 GMT
x-timer
S1665759296.512790,VS0,VE0
etag
W/"06848aa81ef9b4b273be3c33f8cb9051"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
Z8_F2d0ya2r8yxZ3ctb6zNRXmkNbc9aEcENibydc5TqPV_byUAIKAA==
x-cache-hits
1, 2
5c4f1e80a581c30001acca92
widgets.tree.com/widget/ Frame 7AC0
32 KB
6 KB
Document
General
Full URL
https://widgets.tree.com/widget/5c4f1e80a581c30001acca92
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.252.222 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
672bd4038a2113fa6a188880ea1a099c423f3cd429418699dbb51ba34daf13ba

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
152
cache-control
public, max-age=300
cf-cache-status
HIT
cf-ray
75a1272d591e9e05-EWR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:54:55 GMT
expires
Fri, 14 Oct 2022 14:59:55 GMT
last-modified
Fri, 14 Oct 2022 14:52:23 GMT
server
cloudflare
vary
Accept-Encoding
outbrain.js
widgets.outbrain.com/
210 KB
73 KB
Script
General
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7a0d98aa9ef82527027a313c2097b331077653f53a1c019bd8439ee6a3eb1f17

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 10:07:48 GMT
etag
"14-hf/lz4qweEjBrAra03gCMD77eYU"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
no-cache
access-control-allow-credentials
false
x-traceid
b499ae73afc097e61451ebeeb6323cfc
timing-allow-origin
*, *
content-length
73776
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035748&cs_ucfr=1&cs_it=b3&cv=3.8.0.210223&ns__t=1665759295556&ns_c=UTF-8&c7=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vac...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035748&cs_ucfr=1&cs_it=b3&cv=3.8.0.210223&ns__t=1665759295556&ns_c=UTF-8&c7=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-va...
0
189 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035748&cs_ucfr=1&cs_it=b3&cv=3.8.0.210223&ns__t=1665759295556&ns_c=UTF-8&c7=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&c8=What%20Covid-19%20precautions%20should%20people%20take%20for%20international%20travel%3F%20%7C%20CNN%20Travel&c9=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
108.139.47.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-33.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
via
1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-amz-cf-id
extlLkZRexzKPTPsUWalxBYcGDctsV7uDK1RHLNLzbmijrWkuNAq1Q==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6035748&cs_ucfr=1&cs_it=b3&cv=3.8.0.210223&ns__t=1665759295556&ns_c=UTF-8&c7=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&c8=What%20Covid-19%20precautions%20should%20people%20take%20for%20international%20travel%3F%20%7C%20CNN%20Travel&c9=
date
Fri, 14 Oct 2022 14:54:55 GMT
via
1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
content-length
0
x-amz-cf-id
OTLdQgK81aPTRpphU8mAp89WTebtVOUEBWoWicRnwYt08ObmCpEptw==
x-cache
Miss from cloudfront
utsync.ashx
ml314.com/
34 B
833 B
Script
General
Full URL
https://ml314.com/utsync.ashx?et=0&eid=64240&ct=js&fp=YOUR_USER_ID&cp=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&pv=1665759295562_n7myu3fun&bl=en-us&cb=6313405&si=1665759295562_n7myu3fun&s=1600x1200&nc=1&v=2.5.2.2-lw&us_privacy=1YNN&cbo=1
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9aef644563f54706e2d90611c2a7c96c65ef84f516b7ef1a209dde9cfcd07361

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:54 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34
expires
0
psm.legacy.min.umd.js
lightning.cnn.com/cdp/psm/i/web/release/3.1.2/
143 KB
46 KB
Script
General
Full URL
https://lightning.cnn.com/cdp/psm/i/web/release/3.1.2/psm.legacy.min.umd.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
681d53718f0c6682143e6385469c8173d7ba32d93c8e5c3bc7d0aa3873052f47

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 16:04:26 GMT
server
AkamaiNetStorage
etag
"9241d4317334a1e20022d5036f34abdc:1662998666.297837"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
*
cache-control
max-age=370
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 14 Oct 2022 15:01:05 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.36.0/
362 KB
86 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00bab1a0ca70bae23e6e733c1b78045476a2d2688aa0c5cf26fc7efa81ccaa0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8atDBk1Pe2rTtV5h1AnhkA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
87793
x-ms-lease-status
unlocked
last-modified
Tue, 07 Jun 2022 19:29:06 GMT
server
cloudflare
etag
0x8DA48BBFD0F8D63
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
23691863-101e-00c1-31b0-7a535f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75a1272d6813d15b-BUF
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame CCE0
805 B
850 B
Document
General
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
39431585
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
525
content-type
text/html
date
Fri, 14 Oct 2022 14:54:55 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
expires
Fri, 19 Feb 2027 17:50:50 GMT
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
292904
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by
cache-ewr18151-EWR
x-timer
S1665759296.671689,VS0,VE0
iframeResizer.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.1/
13 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.1/iframeResizer.min.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bd3c9ac3c7d63f8005ab22bd26a19260c89d30c1d6a16020857f0e4df01f334
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
139386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4562
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9f-3335"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zWfq3QP2F5g%2FL02uPaS5xnrkvuUQ7MB6IUTZ8Vi3Y24ADb6A57m45r5kKnGEWXI%2Bz9rQd3HImJmCzFVwAqVSxb7wnr89VJE%2FHJzsCrZhCHLIFPkXU%2BzjC7BIfMhDZK7w5XnZ6Za8Gopd8Czz%2FxeQF%2FR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1272e082cd15b-BUF
expires
Wed, 04 Oct 2023 14:54:55 GMT
id
dpm.demdex.net/
216 B
1019 B
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=7FF852E2556756057F000101%40AdobeOrg&d_nsid=0&ts=1665759295651
Requested by
Host: lightning.cnn.com
URL: https://lightning.cnn.com/launch/7be62238e4c3/97fa00444124/launch-2878c87af5e3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.50.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-50-150.compute-1.amazonaws.com
Software
/
Resource Hash
da6758d8b1f408269e9a66000242b0a9cb89accde6c06c8c96a5d21f35efc012
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-va6-1-v043-0980c61ab.edge-va6.demdex.com 8 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
Elf5/yd9RUw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.cnn.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
213
Expires
Thu, 01 Jan 1970 00:00:00 UTC
RC0f55d142cf324bfe96150fc9a20d8e8c-source.min.js
lightning.cnn.com/launch/7be62238e4c3/97fa00444124/3166d84232cb/
668 B
978 B
Script
General
Full URL
https://lightning.cnn.com/launch/7be62238e4c3/97fa00444124/3166d84232cb/RC0f55d142cf324bfe96150fc9a20d8e8c-source.min.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f1802b470cbc719a2adb2603ae1371473a0f8ad30662e5ff2d87d9f7554b217e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
last-modified
Fri, 12 Aug 2022 17:30:31 GMT
server
AkamaiNetStorage
etag
"fb592d930ef0a2dbfc043507d9f749ef:1660325431.469256"
access-control-max-age
86400
access-control-allow-methods
*
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=235
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
668
expires
Fri, 14 Oct 2022 14:58:50 GMT
http%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F221011162157-02-coronavirus-omicron-travel-vaccine-health-wellness.jpg
dynaimage.cdn.cnn.com/cnn/q_auto,w_634,c_fill,g_auto,h_357,ar_16:9/
30 KB
31 KB
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/q_auto,w_634,c_fill,g_auto,h_357,ar_16:9/http%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F221011162157-02-coronavirus-omicron-travel-vaccine-health-wellness.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2cea9a4b108baafe4e44a838501fc030893c8f07f2258c16fa7881f942e5c002

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
31081
content-type
image/jpeg
http%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F171220172042-best-beaches-promo.jpg
dynaimage.cdn.cnn.com/cnn/q_auto,w_634,c_fill,g_auto,h_357,ar_16:9/
24 KB
25 KB
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/q_auto,w_634,c_fill,g_auto,h_357,ar_16:9/http%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F171220172042-best-beaches-promo.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9cc6fa58c95bd8348626766180bbbbb7a9c187bb8a507d9b485d28b3bde8c671

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
24997
content-type
image/jpeg
v2xvmvwPiyqA5tXr4J8I3uKlVE4hkjvJjMS4MBdLN7t8rMLbG2ix1rUFiDfk5bwgDF5BXnNGb
steadfastseat.com/
183 B
210 B
Fetch
General
Full URL
https://steadfastseat.com/v2xvmvwPiyqA5tXr4J8I3uKlVE4hkjvJjMS4MBdLN7t8rMLbG2ix1rUFiDfk5bwgDF5BXnNGb
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:6072::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0a43bebe400ea210ea456d062ce76aac840cc50dd0c180478ede66c39854d460
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 14 Oct 2022 14:54:55 GMT
via
1.1 google
x-buildnumber
661392823
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cnn.com
x-hostname
fen-hoothoot-us-east1-spot-4607
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 14 Oct 2022 14:54:54 GMT
intersection-observer.js
widgets.tree.com/js/ Frame 7AC0
10 KB
3 KB
Script
General
Full URL
https://widgets.tree.com/js/intersection-observer.js
Requested by
Host: widgets.tree.com
URL: https://widgets.tree.com/widget/5c4f1e80a581c30001acca92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.252.222 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67943aa57c80456915d96c2515f9f0ac5622a7fa29c53be3fe9f2b49931661f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.tree.com/widget/5c4f1e80a581c30001acca92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 26 Oct 2021 12:39:41 GMT
server
cloudflare
age
6635
cf-polished
origSize=22445
etag
W/"1d7ca668bb3f32d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
75a1272efcff9e05-EWR
expires
Fri, 14 Oct 2022 18:54:55 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame 7AC0
118 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: widgets.tree.com
URL: https://widgets.tree.com/widget/5c4f1e80a581c30001acca92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.tree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617, 617
age
4965880
cdn-cachedat
2021-06-08 14:35:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a25b3b26237dd55b5f417f26a9965dbb
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
75a1272f58fbd15f-BUF
cdn-requestpullsuccess
True
iframeResizer.contentWindow.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.15/ Frame 7AC0
14 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.15/iframeResizer.contentWindow.min.js
Requested by
Host: widgets.tree.com
URL: https://widgets.tree.com/widget/5c4f1e80a581c30001acca92
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e291e22c061178bfae4f5c46bbdbbc01f83d8e4695d2faddbbf0ddd1ac7d024f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://widgets.tree.com/
Origin
https://widgets.tree.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1975932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4609
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9f-377b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dr8KyxEQJSmq8RLuyvfTQvvF9%2BxaE64BH%2BBmYWx3lAH4z1uplthYmoBm3XBQ2dXke33UMDMlge3pIciknjcXsquqKW28y64CA0CdpgetL1gqePnG1Fu9E99zQp%2FrmBA5azBFgVdIc8alPId28Dw0fIFm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1272f0e14d153-BUF
expires
Wed, 04 Oct 2023 14:54:55 GMT
e9eaedd3-c1da-4334-82f0-d7e3ff883c87
consumer.krxd.net/consent/get/
238 B
432 B
Script
General
Full URL
https://consumer.krxd.net/consent/get/e9eaedd3-c1da-4334-82f0-d7e3ff883c87?idt=device&dt=kxcookie&callback=Krux.ns._default.kxjsonp_consent_get_0
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6609f61db22d9bdcc3dbfcbeda72953585bcdeadb294ca8a6b17a3bfd5b6801b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
consumer-a003-ash-prod.krxd.net, cache-ewr18123-EWR
date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-timer
S1665759296.895991,VS0,VE10
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
content-length
193
x-cache-hits
0, 0
pv
api.btloader.com/
0
128 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=OOEqvydOdo&w=5757623418748928&o=5762268746743808&cv=2.0.10-11-g48983ca&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&upapi=true
Requested by
Host: warnermediagroup-com.videoplayerhub.com
URL: https://warnermediagroup-com.videoplayerhub.com/galleryloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 14 Oct 2022 14:54:55 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
headerstats
as-sec.casalemedia.com/
0
505 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=263047&u=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&v=3
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXqEzTMh3nf1hDisNabgH8Lj2l0X4VP1Hq2SIu9n%2FhGDKW%2BJHULBG%2BUNw0rmCvuQml0%2F%2FQeWO48uF%2By8Q5Z5BVIGnd5AiQWOsNyiXv4UrRWwECZ%2Fv31Ducz4D6ArY4TzMfgX9XPzoRA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75a1272f78c918aa-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
events
logx.optimizely.com/v1/
0
356 B
XHR
General
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/131788053.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.75.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-75-67.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 14 Oct 2022 14:54:55 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.cnn.com
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
31d722a0-671d-4d6f-9003-17d70b243dd5
cnn_entitlement_01.json
cdn.cnn.com/ads/cnn/singles/
407 B
650 B
XHR
General
Full URL
https://cdn.cnn.com/ads/cnn/singles/cnn_entitlement_01.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a49dd3134463ea656a19e3881cc768d72ea169b3a2132aa30b3dfbfc6475b403

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
last-modified
Fri, 10 Dec 2021 16:54:58 GMT
server
AkamaiNetStorage
etag
"9c9f0f752aae307a91cadc96436166bd:1639155298.613198"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
407
expires
Fri, 14 Oct 2022 15:54:55 GMT
id
smetrics.cnn.com/
48 B
459 B
XHR
General
Full URL
https://smetrics.cnn.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=7FF852E2556756057F000101%40AdobeOrg&mid=16938152031959992083593953103926057598&ts=1665759295890
Requested by
Host: lightning.cnn.com
URL: https://lightning.cnn.com/launch/7be62238e4c3/97fa00444124/launch-2878c87af5e3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.117 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-117.data.adobedc.net
Software
jag /
Resource Hash
9a0fdf5f2f59d1723c6ac11472077ca4515952866f79b00feb9fa646c8db4b8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.cnn.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
pubads_impl_2022101301.js
securepubads.g.doubleclick.net/gpt/
380 KB
128 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131264
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 15:30:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 13 Oct 2023 18:20:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
2 KB
462 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cnn.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
654daaa439a0297541d075575f8e9fbbbe65232ea0a340db55176ef9f589aa6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
437
x-xss-protection
0
expires
Fri, 14 Oct 2022 14:54:56 GMT
ITb_4eqO.js
cdn.krxd.net/controltag/ Frame CCE0
51 KB
11 KB
Script
General
Full URL
https://cdn.krxd.net/controltag/ITb_4eqO.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dbc718cb9ae1df7c2938dc85cc9cfb02d2a5fdc0bad6b093480ae67e0336214b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
714
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-length
10530
x-served-by
config-service-a003-ash-prod.krxd.net, cache-iad-kcgs7200079-IAD, cache-ewr18151-EWR
x-response-time
1
x-do-esi
esi
x-timer
S1665759296.980731,VS0,VE0
etag
"9136bff34cad4ea597f143088f47cdd14d016d48"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1765, 84
cnn_travel_travel_leaf_vls.json
cdn.cnn.com/ads/cnn/
6 KB
1 KB
XHR
General
Full URL
https://cdn.cnn.com/ads/cnn/cnn_travel_travel_leaf_vls.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5fa4904db83f4442239a6f64b44f77c8e8108bc1c393d5549d13db0b18582dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 16:53:43 GMT
server
AkamaiNetStorage
etag
"26e206ab3ef8d3f38d6e9166b5963a97:1639155223.992957"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
799
expires
Fri, 14 Oct 2022 15:54:56 GMT
cnn_travel_travel_leaf_vls.json
cdn.cnn.com/ads/cnn/
6 KB
1 KB
XHR
General
Full URL
https://cdn.cnn.com/ads/cnn/cnn_travel_travel_leaf_vls.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5fa4904db83f4442239a6f64b44f77c8e8108bc1c393d5549d13db0b18582dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 16:53:43 GMT
server
AkamaiNetStorage
etag
"26e206ab3ef8d3f38d6e9166b5963a97:1639155223.992957"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
799
expires
Fri, 14 Oct 2022 15:54:56 GMT
cnn_travel_travel_leaf_vls.json
cdn.cnn.com/ads/cnn/
6 KB
1 KB
XHR
General
Full URL
https://cdn.cnn.com/ads/cnn/cnn_travel_travel_leaf_vls.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5fa4904db83f4442239a6f64b44f77c8e8108bc1c393d5549d13db0b18582dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 16:53:43 GMT
server
AkamaiNetStorage
etag
"26e206ab3ef8d3f38d6e9166b5963a97:1639155223.992957"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
799
expires
Fri, 14 Oct 2022 15:54:56 GMT
cnn_travel_travel_leaf_vls.json
cdn.cnn.com/ads/cnn/
6 KB
1 KB
XHR
General
Full URL
https://cdn.cnn.com/ads/cnn/cnn_travel_travel_leaf_vls.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5fa4904db83f4442239a6f64b44f77c8e8108bc1c393d5549d13db0b18582dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 16:53:43 GMT
server
AkamaiNetStorage
etag
"26e206ab3ef8d3f38d6e9166b5963a97:1639155223.992957"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
799
expires
Fri, 14 Oct 2022 15:54:56 GMT
cnn_travel_travel_leaf_vls.json
cdn.cnn.com/ads/cnn/
6 KB
1 KB
XHR
General
Full URL
https://cdn.cnn.com/ads/cnn/cnn_travel_travel_leaf_vls.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5fa4904db83f4442239a6f64b44f77c8e8108bc1c393d5549d13db0b18582dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 16:53:43 GMT
server
AkamaiNetStorage
etag
"26e206ab3ef8d3f38d6e9166b5963a97:1639155223.992957"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
799
expires
Fri, 14 Oct 2022 15:54:56 GMT
cnn_travel_travel_leaf_vls.json
cdn.cnn.com/ads/cnn/
6 KB
1 KB
XHR
General
Full URL
https://cdn.cnn.com/ads/cnn/cnn_travel_travel_leaf_vls.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5fa4904db83f4442239a6f64b44f77c8e8108bc1c393d5549d13db0b18582dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 16:53:43 GMT
server
AkamaiNetStorage
etag
"26e206ab3ef8d3f38d6e9166b5963a97:1639155223.992957"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
799
expires
Fri, 14 Oct 2022 15:54:56 GMT
cnn_travel_travel_leaf_vls.json
cdn.cnn.com/ads/cnn/
6 KB
1 KB
XHR
General
Full URL
https://cdn.cnn.com/ads/cnn/cnn_travel_travel_leaf_vls.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5fa4904db83f4442239a6f64b44f77c8e8108bc1c393d5549d13db0b18582dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 16:53:43 GMT
server
AkamaiNetStorage
etag
"26e206ab3ef8d3f38d6e9166b5963a97:1639155223.992957"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
799
expires
Fri, 14 Oct 2022 15:54:56 GMT
cnn_travel_travel_leaf_vls.json
cdn.cnn.com/ads/cnn/
6 KB
1 KB
XHR
General
Full URL
https://cdn.cnn.com/ads/cnn/cnn_travel_travel_leaf_vls.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5fa4904db83f4442239a6f64b44f77c8e8108bc1c393d5549d13db0b18582dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 16:53:43 GMT
server
AkamaiNetStorage
etag
"26e206ab3ef8d3f38d6e9166b5963a97:1639155223.992957"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
799
expires
Fri, 14 Oct 2022 15:54:56 GMT
cnn_travel_travel_leaf_vls.json
cdn.cnn.com/ads/cnn/
6 KB
1 KB
XHR
General
Full URL
https://cdn.cnn.com/ads/cnn/cnn_travel_travel_leaf_vls.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5fa4904db83f4442239a6f64b44f77c8e8108bc1c393d5549d13db0b18582dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 16:53:43 GMT
server
AkamaiNetStorage
etag
"26e206ab3ef8d3f38d6e9166b5963a97:1639155223.992957"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
799
expires
Fri, 14 Oct 2022 15:54:56 GMT
cnn_travel_travel_leaf_vls.json
cdn.cnn.com/ads/cnn/
6 KB
1 KB
XHR
General
Full URL
https://cdn.cnn.com/ads/cnn/cnn_travel_travel_leaf_vls.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5fa4904db83f4442239a6f64b44f77c8e8108bc1c393d5549d13db0b18582dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 16:53:43 GMT
server
AkamaiNetStorage
etag
"26e206ab3ef8d3f38d6e9166b5963a97:1639155223.992957"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
799
expires
Fri, 14 Oct 2022 15:54:56 GMT
cnn_travel_travel_leaf_vls.json
cdn.cnn.com/ads/cnn/
6 KB
1 KB
XHR
General
Full URL
https://cdn.cnn.com/ads/cnn/cnn_travel_travel_leaf_vls.json
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/adfuel-2.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5fa4904db83f4442239a6f64b44f77c8e8108bc1c393d5549d13db0b18582dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 16:53:43 GMT
server
AkamaiNetStorage
etag
"26e206ab3ef8d3f38d6e9166b5963a97:1639155223.992957"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
799
expires
Fri, 14 Oct 2022 15:54:56 GMT
d3d3LmNubi5jb20=
tcheck.outbrainimg.com/tcheck/check/
16 B
463 B
XHR
General
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmNubi5jb20=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:56 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=9009
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
abce2a61b304c57733ee1c999f061099
Content-Length
16
Expires
Fri, 14 Oct 2022 17:25:05 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/
43 B
342 B
Image
General
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 13 Nov 2022 14:54:56 GMT
truncated
/
109 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b13a73a3e3f43ee1ba0c49f8c364b64ea2424f22f7ae922ecd7b3f7e22e548b9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220827083548-mack-rutherford-1.jpg
dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/
431 B
525 B
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220827083548-mack-rutherford-1.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e8c56d0595a3f501568f8b9c0cd8441fcb90e2ef3e8f42d033cc5c22ea72d997

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
431
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220725111559-meow-wolf-07.jpg
dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/
427 B
521 B
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220725111559-meow-wolf-07.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
137c162c911f939eda7cd0f2bd8d73c49aef6825a81d8ea96e19a4b66d577085

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
427
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220615164901-vid-thumb-jumbo-restaurant.jpg
dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/
375 B
469 B
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220615164901-vid-thumb-jumbo-restaurant.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2b9af71d9b488981544d45064fb489209674011bbf7b494a557e2c2f4ba2911d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
375
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220716142120-bittermann-pkg-france-tourism-thumb-vpx.jpg
dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/
430 B
524 B
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220716142120-bittermann-pkg-france-tourism-thumb-vpx.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fd652c82344039a7f0f531b55d8ce5851c2755a68307b4ec53f82163f8573966

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
430
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220404111208-asheville-truffles-3.jpg
dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/
456 B
550 B
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220404111208-asheville-truffles-3.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e32708204fd9d2531ebb40e65a0b4304970d01345c4c03ab29311066cb640847

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
456
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220705134407-izmir-turkey-a-block-quests-world-of-wonder-spc-00020013.png
dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/
818 B
911 B
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220705134407-izmir-turkey-a-block-quests-world-of-wonder-spc-00020013.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
26cf27e2cee712025c08cf2ec3e0c8eed7d26775390d8861403dd6b77096ad6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
818
content-type
image/png
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220617121546-rock-trail-texas-thumb-1.jpg
dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/
441 B
535 B
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220617121546-rock-trail-texas-thumb-1.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eb3c88537c4191450dc5457dc2d8137cd5b784fe27b51e04e643672e96dcf882

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
441
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220629101158-dolly-parton-file.jpeg
dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/
425 B
519 B
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220629101158-dolly-parton-file.jpeg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
da2f4ebc12869a2dacf2f2f4f77310c977a0dda13c3a702c2fb18b40065b4c0c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
425
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220621144622-qwow-dublin-richard-quest-00070326.png
dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/
566 B
659 B
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/e_blur:500,q_auto:low,w_50,c_fill,g_face,h_38,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220621144622-qwow-dublin-richard-quest-00070326.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bc8353143f985630e0f06b0f1da1f28e5aba611050c249fbe3b1e1c32a64829c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
566
content-type
image/png
main_69facd5a27c3f03f18b11e870dd8c983.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
346 KB
69 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main_69facd5a27c3f03f18b11e870dd8c983.br.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b39f1aa03663a52de489e18a6e1c3dae1de2c0290eafe64458dfa8307fe20954

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 20:13:09 GMT
content-encoding
br
age
672107
x-guploader-uploadid
ADPycdvY2iPV3GibTIoz2LYk66Sz_2f-ww3ALqOo9Wl_5A0C3NDdODcPLKlj4BkvgcLNwvsxFOHC5w09Zu2g8uXQyDas0DxaF0Ap
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69855
last-modified
Thu, 06 Oct 2022 20:13:01 GMT
server
UploadServer
etag
"6c8a5219fab314df7e2ea0971a869a3c"
x-goog-generation
1665087181852523
x-goog-hash
crc32c=4JVGUQ==, md5=bIpSGfqzFN9+LqCXGoaaPA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
69855
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 06 Oct 2023 20:13:09 GMT
zion-sp.js
z.cdp-dev.cnn.com/sp/current/
77 KB
27 KB
Script
General
Full URL
https://z.cdp-dev.cnn.com/sp/current/zion-sp.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::323 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
nEt0XzwqD2OKq1kLEaAmBrSmBppd64IG
content-encoding
gzip
via
1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date
Fri, 14 Oct 2022 14:54:56 GMT
x-amz-cf-pop
IAD89-P2
age
111
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
26915
x-served-by
cache-iad-kiad7000073-IAD, cache-ewr18147-EWR
last-modified
Tue, 13 Apr 2021 13:26:25 GMT
x-timer
S1665759296.220786,VS0,VE0
etag
W/"1400970874add8a03a76148d9fd2f43d"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
k5ONR6Ah0fYYNMQItrhkik8jO8Lp6VOJ-Q_tD0FjBPMwWgBf-fRAKg==
x-cache-hits
2, 11
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=cnn.com&p=%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html&u=DweKZ8Ba-1cPnpDXM&d=cnn.com&g=37612&g0=travel&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5142&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3283&_m=email&_x=hs_email&_y=229722043&t=Bj2qjlDmQlfpDUl5d0CUAbP6Ir5Qd&V=136&i=What%20Covid-19%20precautions%20should%20people%20take%20for%20international%20travel%3F%20%7C%20CNN%20Travel&tz=0&sn=1&sv=DcSctQDilONWvKCnzCR9F_oDXe8R9&sd=1&im=067b0ef3&_
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.69.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-69-97.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
pub
pixel.adsafeprotected.com/services/
708 B
938 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:ad_mod_011ba0778,ss:%5B200.60,300.25%5D,p:/8663477/CNN,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=0f88dbe5-e41b-d6d7-2ba5-c3bea0eba177&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5dd52efe9f01f3a9d65da322b2d9bf2fbfa505b91b13d15885c7b323da84ec63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app07.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
663 B
893 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:video1,s:1.1,p:cnn.com_politics_carousel_t1,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=0a5f7dc7-3d3c-49f7-43a9-273474f1299d&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3e3ac730cb213b20bf93b1026c3f1fbbffb80623d246f3e35921a5e670cb52bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app24.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
turner-47fcf6
segment-data-us-east.zqtk.net/
996 B
909 B
Script
General
Full URL
https://segment-data-us-east.zqtk.net/turner-47fcf6?url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.22.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-22-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ef715a298ef085266c4cd67915f28f17590b4c930b0ed110844025be68d8828b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Oct 2022 10:45:22 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=6625
Connection
keep-alive
Expires
Fri, 14 Oct 2022 16:45:22 GMT
zion-mb.min.js
www.i.cdn.cnn.com/zion/
2 KB
1 KB
Script
General
Full URL
https://www.i.cdn.cnn.com/zion/zion-mb.min.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
c6104817ba76c7ef1ce99a73ab68bac973a3d0a1bef9db9f91624153754d8f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
x-amz-meta-privilege
664
via
1.1 varnish, 1.1 varnish
x-servedbyhost
::ffff:127.0.0.1
x-amz-request-id
5EHBP8EJ7F9HVPK5
age
1203
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
569
x-amz-id-2
vDCf6eghZGmmGxwFC4ItAZKAQz/X33Cgu91zJMHYeHQ/BYzgqGcHEiz+jK8YHAdt4ikByMl07bI=
x-served-by
cache-iad-kjyo7100045-IAD, cache-ewr18150-EWR
last-modified
Thu, 21 Jan 2021 05:08:08 GMT
server
openresty
x-timer
S1665759296.326637,VS0,VE0
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-md5
7fa91029084bd49ef9ec069641e263a2
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
7, 438
RCaf4b47266f7740a1a2680cc1a9e18e79-source.min.js
lightning.cnn.com/launch/7be62238e4c3/97fa00444124/3166d84232cb/
53 KB
8 KB
Script
General
Full URL
https://lightning.cnn.com/launch/7be62238e4c3/97fa00444124/3166d84232cb/RCaf4b47266f7740a1a2680cc1a9e18e79-source.min.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
921e5bd5a3b445ce7f478c141e50e69982f51a5c37ababf0d78cf2c4308005c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
content-length
7888
last-modified
Fri, 12 Aug 2022 17:30:31 GMT
server
AkamaiNetStorage
etag
"76981bc26e35d55896538199bae68618:1660325431.651456"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
*
cache-control
max-age=122
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 14 Oct 2022 14:56:58 GMT
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220827083548-mack-rutherford-1.jpg
dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/
2 KB
2 KB
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220827083548-mack-rutherford-1.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
33c27dfa15abcae114c497fafb1f0e9942e94c1da4ba218c22ea7c9400428d36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1711
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220725111559-meow-wolf-07.jpg
dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/
2 KB
2 KB
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220725111559-meow-wolf-07.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
012578769db652ab9526de0d528fdd1c8b2db089c4179c72813b19a79cd1b8f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2344
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220615164901-vid-thumb-jumbo-restaurant.jpg
dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/
3 KB
3 KB
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220615164901-vid-thumb-jumbo-restaurant.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3670cd6ea33a6e6eabcfd4dacc6fe7ee12dbcc84b6abfdb2b78cd3616d422d2d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2575
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220716142120-bittermann-pkg-france-tourism-thumb-vpx.jpg
dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/
3 KB
3 KB
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220716142120-bittermann-pkg-france-tourism-thumb-vpx.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bad9f46f79618c74afa969e86a2cda11792b6b032b809f10af1108b17360b9ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2628
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220404111208-asheville-truffles-3.jpg
dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/
2 KB
2 KB
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220404111208-asheville-truffles-3.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
813197a86f077dc5cb16f49b1d3ae5fe69754fcbbb6d0027ce251cc32e5c1ba2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1703
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220705134407-izmir-turkey-a-block-quests-world-of-wonder-spc-00020013.png
dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/
7 KB
7 KB
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220705134407-izmir-turkey-a-block-quests-world-of-wonder-spc-00020013.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8fd30b06e7ab6a3d0f7f2c494750a1893267cc02340e1292738fdcbe4e27c319

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
6859
content-type
image/png
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220617121546-rock-trail-texas-thumb-1.jpg
dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/
3 KB
3 KB
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220617121546-rock-trail-texas-thumb-1.jpg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bb76745d3ee1a80189705d4a778107c616362889fa9091a6d542f83a2619679e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2925
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220629101158-dolly-parton-file.jpeg
dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/
3 KB
3 KB
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220629101158-dolly-parton-file.jpeg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
42c7aa016e5da5e8b8e57f60505a9acd2724447c1a59894da3f5937e9d642c4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3231
content-type
image/jpeg
http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220621144622-qwow-dublin-richard-quest-00070326.png
dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/
6 KB
6 KB
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/q_auto,w_99,c_fill,g_face,h_74,ar_4:3/http%3A%2F%2Fi2.cdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F220621144622-qwow-dublin-richard-quest-00070326.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b2b602aa29cdb7dfa3857ccd6adef55af01a178fce12e8ee4138db6cf8567721

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
5701
content-type
image/png
s62272775753984
smetrics.cnn.com/b/ss/cnn-adbp-domestic/1/JS-2.17.0-LCUM/
43 B
343 B
XHR
General
Full URL
https://smetrics.cnn.com/b/ss/cnn-adbp-domestic/1/JS-2.17.0-LCUM/s62272775753984
Requested by
Host: lightning.cnn.com
URL: https://lightning.cnn.com/launch/7be62238e4c3/97fa00444124/3166d84232cb/EX1d194815a3a24f70a72344c972c1a2fa-libraryCode_source.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.117 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-117.data.adobedc.net
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 15 Oct 2022 14:54:56 GMT
server
jag
etag
3577190851161817088-4619776299627076618
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Thu, 13 Oct 2022 14:54:56 GMT
locate
geo.ngtv.io/
361 B
854 B
XHR
General
Full URL
https://geo.ngtv.io/locate
Requested by
Host: lightning.cnn.com
URL: https://lightning.cnn.com/cdp/psm/i/web/release/3.1.2/psm.legacy.min.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:a800:15:6b9f:1380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
gunicorn /
Resource Hash
b90f463149e1be2a45e93411401025b9b0fa3e078b054f8e5ebba2b4ee3f6d55

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
via
1.1 b0e346c8169b4f8b2ad260265d95ff1a.cloudfront.net (CloudFront)
server
gunicorn
x-provider
primary
x-amz-cf-pop
JFK50-P1
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-expose-headers
Date
access-control-allow-credentials
*
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,App-Id
content-length
361
x-amz-cf-id
9iA0-APos58sXMQUAVGwRe2L2yn8Y-ZtCZ7JS87m_DjNbtNI2qLP3Q==
gtm.js
www.googletagmanager.com/ Frame 7AC0
116 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NX4SMZL
Requested by
Host: widgets.tree.com
URL: https://widgets.tree.com/widget/5c4f1e80a581c30001acca92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d0b3ddde6f162bb866ce6bb72a7657b3acff48eb7ccec718ae23eac61768ad24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.tree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43933
x-xss-protection
0
last-modified
Fri, 14 Oct 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Oct 2022 14:54:56 GMT
en.json
cdn.cookielaw.org/consent/3d9a6f21-8e47-43f8-8d58-d86150f3e92b/bf63e0bb-50a8-4adc-8e8e-e4298b0ff3a7/
260 KB
43 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/3d9a6f21-8e47-43f8-8d58-d86150f3e92b/bf63e0bb-50a8-4adc-8e8e-e4298b0ff3a7/en.json
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ff67dc8f3edcb5b1491a1ca1cc8ee6cd12c95a8c3bd646ad6ad95a13c2cf3f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
+Bg9ueue60L2p489EucXEA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
43644
x-ms-lease-status
unlocked
last-modified
Mon, 01 Aug 2022 14:58:19 GMT
server
cloudflare
etag
0x8DA73CE45670375
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2947619c-001e-00d5-61b7-a5903b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75a12732f8c5d15b-BUF
expires
Fri, 14 Oct 2022 18:54:56 GMT
v2piofZ9DgllQ7uEWoOYvKuuk-DPe8X1OYVYgQhJaXbvOj2JOzn8bRzj2FDUFmwkfmFqp1dD2
steadfastseat.com/
1 KB
1 KB
Fetch
General
Full URL
https://steadfastseat.com/v2piofZ9DgllQ7uEWoOYvKuuk-DPe8X1OYVYgQhJaXbvOj2JOzn8bRzj2FDUFmwkfmFqp1dD2
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:6072::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d2e4ba007fb2b665be935d8ca963f318a346eba671f1f3803d06fab7ee1ecf7a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 14 Oct 2022 14:54:56 GMT
via
1.1 google
x-buildnumber
661392823
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1383
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cnn.com
x-hostname
fen-hoothoot-us-east1-spot-4607
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cookie2json
beacon.krxd.net/
59 B
223 B
Script
General
Full URL
https://beacon.krxd.net/cookie2json?callback=Krux.ns._default.kxjsonp_3pevents
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
b91716f5f6515323bac0be9828e77d126d21b2eedefd007f7bc2f10ea02a8d22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n017-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:54:56 GMT
cache-control
private, max-age=1800, s-max-age=1800
x-request-time
D=23 t=1665759296
content-type
text/javascript
cdb
bidder.criteo.com/
16 KB
7 KB
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.15.0&cb=27532139684&lsavail=0
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
47f4ef52c6885777bd24a5566e75c005b66176d382da8fe3667942e7565ef592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cnn.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7138
hbjson
grid.bidswitch.net/
23 B
361 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1fecbe05419b474d532b9a76baf8f33d4105f61247101ac8c78e80d06fde464e

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 14 Oct 2022 14:54:56 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
fastlane.json
fastlane.rubiconproject.com/a/api/
304 B
563 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11016&site_id=26792&zone_id=369850&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html&tk_flint=pbjs_lite_v7.15.0&x_source.tid=f339ba5b-911f-40f0-941b-06b02c7e0240&l_pb_bid_id=10bfcaf4f4dcf6f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=CNN%2Ftravel%2Fleaf%2Fvls%23bnr_atf_01&slots=1&rand=0.025409404018427617
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3b86c4ec158449f0d268750b41270422cf35fe4397250919bb896bd34447943b

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cnn.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
304
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/
37 B
311 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=423255&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22115331851b91b49%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A1%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%2C%22tmax%22%3A1150%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22ad_bnr_atf_01%22%2C%22divId%22%3A%22ad_bnr_atf_01%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22122471f79115e02%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22423255%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22423255%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22423255%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22CNN%2Ftravel%2Fleaf%2Fvls%23bnr_atf_01%22%2C%22tid%22%3A%22f339ba5b-911f-40f0-941b-06b02c7e0240%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2243be5bfc-2333-45c8-b58e-491325ded701%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-10-14T14%3A54%3A55%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5317fca956d9f65b8fdc17884b2693ab3e272b286dde6d434af867e6a5b33ba8

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwMt8FFl3AIklnuV3bwl1ayFT3YCUgHyZbSAPCtA%2FI7KomhATcmAzu2gGCAiAp5MsOJrtKcmm9%2FdZiC%2BgrS39Zy1p6Yukyf2Tb%2Fz0aj8dltLsPYiHJ5WNsvJzBH%2BSBmaJ8n9NZrD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75a12733ef528c54-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/
37 B
561 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=423255&ac=j&sd=1&r=%7B%22id%22%3A%22115331851b91b49%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A1%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%2C%22tmax%22%3A1150%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22ad_bnr_atf_01%22%2C%22divId%22%3A%22ad_bnr_atf_01%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214c758824f4f21e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22423255%22%2C%22tid%22%3A%22f339ba5b-911f-40f0-941b-06b02c7e0240%22%2C%22gpid%22%3A%22CNN%2Ftravel%2Fleaf%2Fvls%23bnr_atf_01%22%7D%2C%22native%22%3A%7B%22request%22%3A%22%7B%5C%22ver%5C%22%3A%5C%221.2%5C%22%2C%5C%22assets%5C%22%3A%5B%7B%5C%22id%5C%22%3A0%2C%5C%22required%5C%22%3A1%2C%5C%22title%5C%22%3A%7B%5C%22len%5C%22%3A80%7D%7D%2C%7B%5C%22id%5C%22%3A1%2C%5C%22required%5C%22%3A1%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A2%7D%7D%2C%7B%5C%22id%5C%22%3A2%2C%5C%22required%5C%22%3A1%2C%5C%22img%5C%22%3A%7B%5C%22type%5C%22%3A3%2C%5C%22wmin%5C%22%3A300%2C%5C%22hmin%5C%22%3A225%2C%5C%22ext%5C%22%3A%7B%5C%22aspectratios%5C%22%3A%5B%5C%224%3A3%5C%22%5D%7D%7D%7D%2C%7B%5C%22id%5C%22%3A3%2C%5C%22required%5C%22%3A1%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A1%7D%7D%2C%7B%5C%22id%5C%22%3A4%2C%5C%22required%5C%22%3A1%2C%5C%22img%5C%22%3A%7B%5C%22type%5C%22%3A1%2C%5C%22wmin%5C%22%3A15%2C%5C%22hmin%5C%22%3A15%2C%5C%22ext%5C%22%3A%7B%5C%22aspectratios%5C%22%3A%5B%5C%221%3A1%5C%22%5D%7D%7D%7D%2C%7B%5C%22id%5C%22%3A5%2C%5C%22required%5C%22%3A0%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A12%7D%7D%5D%2C%5C%22eventtrackers%5C%22%3A%5B%7B%5C%22event%5C%22%3A1%2C%5C%22methods%5C%22%3A%5B1%2C2%5D%7D%5D%2C%5C%22privacy%5C%22%3A1%7D%22%2C%22ver%22%3A%221.2%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2243be5bfc-2333-45c8-b58e-491325ded701%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-10-14T14%3A54%3A55%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5317fca956d9f65b8fdc17884b2693ab3e272b286dde6d434af867e6a5b33ba8

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4XpiI4KQ%2BRkr2OOx8eDJhBSmnpmyS1FV4JF0xxqU787ICXw8lEHMdAssuP8uA%2FU8atIDooO1gF2KPwm0NrGT5vntDhKULn9JurNCVcUrzXrYuiSXhwftv6cGyknb2Jj0s3t6b%2Fo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75a12733ef588c54-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
158 B
596 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3159&u=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&pid=VorOHozQI0FdD&cb=0&ws=1600x1200&v=22.10.32118&t=1150&slots=%5B%7B%22sd%22%3A%22ad_bnr_atf_01%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%7D%5D&pj=%7B%22si_section%22%3A%22CNN%2Ftravel%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
37c6a88e79418fdb89807bfa310f1070a3709a865fa09af705f78cf7381a50e9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
WH02XYBX5EQY0QDS6ADM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
158
x-amz-cf-id
uSV_LTEQWqWXnYT9-6-nwlZvxf-6TwxSXQ2KRR7mafgifrRcLw6aSA==
pub
pixel.adsafeprotected.com/services/
733 B
963 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:ad_bnr_atf_01,ss:%5B1.1,1.2,728.90,970.66,970.90,970.250%5D,p:/8663477/CNN/travel/leaf/vls,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=0a5f7dc7-3d3c-49f7-43a9-273474f1299d&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a1f5e94f0b68ff8ca310ca69d05df88c97ac03d0d6cfe6f2bc5553baf72da4dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app11.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
663 B
893 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:video1,s:1.1,p:cnn.com_politics_carousel_t1,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=cef35672-b4ba-764a-31f3-9c3fb4d2b063&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b6cbcad0f790b1c0e3569a0ffe5501ba7083a5721bed84e744eaf648d292435c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app17.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
cd02fb2f31c0dd5036f647c8ee20c586.woff2
verticals-static.cnn.com/travel/assets/ Frame 7AC0
54 KB
55 KB
Font
General
Full URL
https://verticals-static.cnn.com/travel/assets/cd02fb2f31c0dd5036f647c8ee20c586.woff2
Requested by
Host: widgets.tree.com
URL: https://widgets.tree.com/widget/5c4f1e80a581c30001acca92
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151ee9b6cc20cf1ebfc11b980f8be4623e85d439af8ba430629db32ac1310c4f

Request headers

Referer
https://widgets.tree.com/
Origin
https://widgets.tree.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:56 GMT
Last-Modified
Wed, 01 Dec 2021 19:08:41 GMT
Server
AmazonS3
x-amz-request-id
FGJWH5RD9WJ2DS22
ETag
"cd02fb2f31c0dd5036f647c8ee20c586"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=18593278
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55268
x-amz-id-2
PcjSkvQSXxoO6hQCB9DJ0BJTKuOrQGNf8cO5XXugnC+ZzlQ2dRQ4BetwPEwwVsNAU5b7WdWaGeA=
CNNSansW04-Regular.woff
widgets.tree.com/fonts/CNN/ Frame 7AC0
58 KB
59 KB
Font
General
Full URL
https://widgets.tree.com/fonts/CNN/CNNSansW04-Regular.woff
Requested by
Host: widgets.tree.com
URL: https://widgets.tree.com/widget/5c4f1e80a581c30001acca92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.252.222 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b014a4a3aa47ec06076d38e0d79c1e6777df2b6149e7bbdb00dbbd782e6ab2b6

Request headers

Referer
https://widgets.tree.com/widget/5c4f1e80a581c30001acca92
Origin
https://widgets.tree.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Oct 2021 12:39:41 GMT
server
cloudflare
age
6724
etag
W/"1d7ca668bb34dfc"
vary
Accept-Encoding
content-type
application/font-woff
cache-control
public, max-age=14400
cf-ray
75a12733af739e05-EWR
expires
Fri, 14 Oct 2022 18:54:56 GMT
CNNSansW04-Light.woff
widgets.staging.tree.com/fonts/CNN/ Frame 7AC0
0
0

pub
pixel.adsafeprotected.com/services/
721 B
951 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:ad_rect_atf_02,ss:%5B1.2,2.2,300.250,320.320,1.1%5D,p:/8663477/CNN/travel/leaf/vls,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=cef35672-b4ba-764a-31f3-9c3fb4d2b063&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c4f9470a1e9db4dd928801af9afdcb3049ddf6bd4df7a05106fb35fb094d5210

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app04.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
663 B
893 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:video1,s:1.1,p:cnn.com_politics_carousel_t1,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=be69fa82-b74a-df2a-80cf-b01a334fba64&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2881a209222d2489b85ce877c4b7f6b10c9eee495cc91045ceddddb0d92ad488

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app03.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
670 B
900 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:ad_nat_btf_01,ss:%5B1.1,1.2,300.250,1.1%5D,p:/8663477/CNN/travel/leaf/vls,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=be69fa82-b74a-df2a-80cf-b01a334fba64&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ff159559494745a0de09e555b7722975b3d531b19458b7aaeb87d23293a8718f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app13.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
663 B
893 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:video1,s:1.1,p:cnn.com_politics_carousel_t1,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=1d43e07c-5508-769a-0469-14679974350a&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8e3026f71a38ec0c7c535a2e0c3811b14863a01eb5cb922655f755ec2ae2c2bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app22.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
controltag.js.d58f47095e6041e576ee04944cca45da
cdn.krxd.net/ctjs/ Frame CCE0
259 KB
83 KB
Script
General
Full URL
https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/ITb_4eqO.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
725304
age
865912
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
84766
x-served-by
cache-ewr18151-EWR
last-modified
Tue, 04 Oct 2022 09:41:11 GMT
x-timer
S1665759297.624764,VS0,VE0
etag
"d58f47095e6041e576ee04944cca45da"
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Fri, 01 Oct 2032 09:41:10 GMT
get
odb.outbrain.com/utils/
50 KB
15 KB
Script
General
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html&idx=0&rand=89839&key=NANOWDGT01&widgetJSId=AR_15&va=true&et=true&format=html&adblck=false&abwl=false&px=1050&py=1278&vpd=78&cw=300&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000910&sig=ytnWbWuT&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1YNN&ccpaStat=1&aqp=utm_medium%3Demail%26utm_content%3D229722043%26utm_source%3Dhs_email&ogn=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.38.132 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ac8f250891b9f2439ccf1465e993d11271ca6935c7b908565977b7428029b9b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 14 Oct 2022 14:54:56 GMT
content-encoding
gzip
via
1.1 varnish
traffic-path
NYDC1, IAD, USA_EAST1
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
e0e9193bf0c83b1981353fc79094cc5e
content-length
14572
x-served-by
cache-iad-kcgs7200049-IAD
pragma
no-cache
x-timer
S1665759297.727948,VS0,VE64
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
cdb
bidder.criteo.com/
18 B
309 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.15.0&cb=39850448804&lsavail=0
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cnn.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/
302 B
336 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11016&site_id=26792&zone_id=369850&size_id=15&alt_size_ids=10&p_pos=btf&rf=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html&tk_flint=pbjs_lite_v7.15.0&x_source.tid=d1208de4-2415-434e-aebf-97665b1ce482&l_pb_bid_id=205f00d3a21809e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=CNN%2Ftravel%2Fleaf%2Fvls%23rect_btf_01&slots=1&rand=0.4953038508623182
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
115e68dc3bdea7859d137cdefe6937529f04613db5d0ba230ad26c5f9dc9b83c

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cnn.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
302
expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/
24 B
362 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
48201e6162f2f3724d7df1a0d702b3e947ac7f628d999bd911172e04778849f8

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 14 Oct 2022 14:54:56 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
pbjs
htlb.casalemedia.com/openrtb/
37 B
538 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=423258&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2224735e9f764d4d6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A1%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%2C%22tmax%22%3A1150%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22ad_rect_btf_01%22%2C%22divId%22%3A%22ad_rect_btf_01%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222549f6ad1c1be18%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22423258%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22423258%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22CNN%2Ftravel%2Fleaf%2Fvls%23rect_btf_01%22%2C%22tid%22%3A%22d1208de4-2415-434e-aebf-97665b1ce482%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2243be5bfc-2333-45c8-b58e-491325ded701%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-10-14T14%3A54%3A55%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17359a286b63355a4c758a87e382fba8db1702ae5d15fdb215a251ee1201e8e2

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzcNn2fiUH0rU4ZsFNBhMCRgqKS1NXyQNthsucUFL1QHe%2BK7E%2Bpz9STCoQNjHpnrTjtVOrdGazHtq71mzhQBlYpckm2oHC0t4i%2BwdySSv5pzyuZbhoNaS%2BayPnpnRG%2BsHnd7txeI"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75a127346c72c45c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/
37 B
502 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=423258&ac=j&sd=1&r=%7B%22id%22%3A%2224735e9f764d4d6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A1%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%2C%22tmax%22%3A1150%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22ad_rect_btf_01%22%2C%22divId%22%3A%22ad_rect_btf_01%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226c04ca7f5c911b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22423258%22%2C%22tid%22%3A%22d1208de4-2415-434e-aebf-97665b1ce482%22%2C%22gpid%22%3A%22CNN%2Ftravel%2Fleaf%2Fvls%23rect_btf_01%22%7D%2C%22native%22%3A%7B%22request%22%3A%22%7B%5C%22ver%5C%22%3A%5C%221.2%5C%22%2C%5C%22assets%5C%22%3A%5B%7B%5C%22id%5C%22%3A0%2C%5C%22required%5C%22%3A1%2C%5C%22title%5C%22%3A%7B%5C%22len%5C%22%3A80%7D%7D%2C%7B%5C%22id%5C%22%3A1%2C%5C%22required%5C%22%3A1%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A2%7D%7D%2C%7B%5C%22id%5C%22%3A2%2C%5C%22required%5C%22%3A1%2C%5C%22img%5C%22%3A%7B%5C%22type%5C%22%3A3%2C%5C%22wmin%5C%22%3A300%2C%5C%22hmin%5C%22%3A225%2C%5C%22ext%5C%22%3A%7B%5C%22aspectratios%5C%22%3A%5B%5C%224%3A3%5C%22%5D%7D%7D%7D%2C%7B%5C%22id%5C%22%3A3%2C%5C%22required%5C%22%3A1%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A1%7D%7D%2C%7B%5C%22id%5C%22%3A4%2C%5C%22required%5C%22%3A1%2C%5C%22img%5C%22%3A%7B%5C%22type%5C%22%3A1%2C%5C%22wmin%5C%22%3A15%2C%5C%22hmin%5C%22%3A15%2C%5C%22ext%5C%22%3A%7B%5C%22aspectratios%5C%22%3A%5B%5C%221%3A1%5C%22%5D%7D%7D%7D%2C%7B%5C%22id%5C%22%3A5%2C%5C%22required%5C%22%3A0%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A12%7D%7D%5D%2C%5C%22eventtrackers%5C%22%3A%5B%7B%5C%22event%5C%22%3A1%2C%5C%22methods%5C%22%3A%5B1%2C2%5D%7D%5D%2C%5C%22privacy%5C%22%3A1%7D%22%2C%22ver%22%3A%221.2%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2243be5bfc-2333-45c8-b58e-491325ded701%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-10-14T14%3A54%3A55%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17359a286b63355a4c758a87e382fba8db1702ae5d15fdb215a251ee1201e8e2

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnjsG8zM4u3p1t9tyYMOs13Pw0UzKPcHul4JYCSd4fVF0%2BKjFl%2B%2FEr97oEBulcQJK%2BRaDQ4FwlvNU%2BS6Al0jzWSim7T6zpfLx4NHAAyrcA4Ts8vRWeCSATFgEVi6tntgaknRAM6W"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75a127346c77c45c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
158 B
597 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3159&u=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&pid=VorOHozQI0FdD&cb=1&ws=1600x1200&v=22.10.32118&t=1150&slots=%5B%7B%22sd%22%3A%22ad_rect_btf_01%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&pj=%7B%22si_section%22%3A%22CNN%2Ftravel%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a7c5bad558df5549a37722e2c5bfbd969edb237f56a9268cb4413b9a349e0790
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
4SXZ9R505E0FEPNZ8ATC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
158
x-amz-cf-id
WpfQxNE-hYGNyoaUm2PsYTFU4j6iHKrj6HR6rnoQCyH5FJDy8eBF3w==
pub
pixel.adsafeprotected.com/services/
671 B
901 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:ad_rect_btf_01,ss:%5B1.2,300.250,300.251,300.600,300.601,320.320,1.1%5D,p:/8663477/CNN/travel/leaf/vls,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=1d43e07c-5508-769a-0469-14679974350a&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1956586654d1b728b2c0af3cb41f5056075198ff0a6a9f6460295655222b63cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app24.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
663 B
893 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:video1,s:1.1,p:cnn.com_politics_carousel_t1,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=8045c550-5074-0b1e-c3c8-a0fec32bbcb1&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2cf4277fcbc9d7f194f9f004e4c800113581e70b435d3a78bbb11a7c37e3249b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app09.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
702 B
932 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:ad_oop_float_01,ss:%5B1.1,1.2%5D,p:/8663477/CNN/travel/leaf/vls,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=8045c550-5074-0b1e-c3c8-a0fec32bbcb1&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6d6117559ca0b6e4c3d243dee2b44a0fea099fa2cf590396b38f521072dca034

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app20.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
663 B
893 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:video1,s:1.1,p:cnn.com_politics_carousel_t1,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=b3abdbc1-19f3-7559-af1f-42638af554b0&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8b4974c3c560c306bc6c617db2178dbe5ab8f66827c77dc41f48d5d80f81dfbe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app01.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
158 B
594 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3159&u=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&pid=VorOHozQI0FdD&cb=2&ws=1600x1200&v=22.10.32118&t=1150&slots=%5B%7B%22sd%22%3A%22ad_rect_atf_01%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&pj=%7B%22si_section%22%3A%22CNN%2Ftravel%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
d66cf8ddae7555f3f0402b259faea0c57beef67afd0502159434b31f50e2ef82
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
409R92VKKPNC6M8Q6946
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
158
x-amz-cf-id
9hQLYX540cedbMW-FQFS40_g7w3GzZVnrtTKVeRWcjjlfGCU-H-k5w==
pub
pixel.adsafeprotected.com/services/
734 B
964 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:ad_rect_atf_01,ss:%5B1.2,2.2,300.250,300.600,300.850,300.1050%5D,p:/8663477/CNN/travel/leaf/vls,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=b3abdbc1-19f3-7559-af1f-42638af554b0&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dc1095edea697c039f9f72cae9f784dcdf6b77ad061a94904bd1741832722617

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app16.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
663 B
893 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:video1,s:1.1,p:cnn.com_politics_carousel_t1,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=9314418f-af30-5f02-336a-1f00ceca252a&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
354c25b974554ea833c68232be45b9ce82eaafbf12754ea89b319e52d95491fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app02.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
670 B
900 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:ad_bnr_btf_01,ss:%5B1.2,728.90%5D,p:/8663477/CNN/travel/leaf/vls,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=9314418f-af30-5f02-336a-1f00ceca252a&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d90e8db3eeda980bab9952d50d2e8248574cbdc39805e7207a55b8ef9ef49bc5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app26.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
663 B
893 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:video1,s:1.1,p:cnn.com_politics_carousel_t1,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=8b58ae31-0700-2e48-f6ab-3dbec1ce5946&url=https%253A%252F%252Fwww.cnn.com%252Ftravel%252Farticle%252Fcoronavirus-omicron-travel-vaccine-health-wellness%252Findex.html%253Futm_medium%253Demail%2526_hsmi%253D229722043%2526_hsenc%253Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%2526utm_content%253D229722043%2526utm_source%253Dhs_email
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.218.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-218-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9ddae755c64ab288fd0e9b10ab8481d1c1fef8f91edc1b02072292fbf9112636

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx
x-server-name
app05.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
psm_2_prod_full.json
wmff.warnermediacdn.com/
12 KB
13 KB
XHR
General
Full URL
https://wmff.warnermediacdn.com/psm_2_prod_full.json?version=1
Requested by
Host: lightning.cnn.com
URL: https://lightning.cnn.com/cdp/psm/i/web/release/3.1.2/psm.legacy.min.umd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::17db:5d40 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5569fc9ee78b68b9da51891d71bb3b3ad83115c0e7b6760488174dfa23e4b8ac

Request headers

Referer
https://www.cnn.com/
If-None-Match
-1
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

x-amz-version-id
WWwcVHm8AaEIH31zQNmJxAE30_8E4SPz
date
Fri, 14 Oct 2022 14:54:56 GMT
x-amz-request-id
Y4RRFT715NJP72YP
content-length
12554
x-amz-id-2
IbTffxtaRVwA9u69EPkCdrVw2MYD9a3TZ9RGzIeX8qEcTOF+DcKJprnfqyXX3QE5Sw7rk5mEXhKgtjSBX8oXvQ==
pragma
no-cache
last-modified
Wed, 12 Oct 2022 20:53:44 GMT
server
AmazonS3
etag
"75dd0eaf36bb2116e78591f15e20cad7"
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS
content-type
app/json; charset=utf-8
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
ETag
cache-control
max-age=0, no-cache
vary
Origin
accept-ranges
bytes
access-control-allow-headers
Content-Type,If-None-Match
expires
Fri, 14 Oct 2022 14:54:56 GMT
psm_2_prod_full.json
wmff.warnermediacdn.com/ Frame
0
0
Preflight
General
Full URL
https://wmff.warnermediacdn.com/psm_2_prod_full.json?version=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::17db:5d40 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,if-none-match
Access-Control-Request-Method
GET
Origin
https://www.cnn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,If-None-Match
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
ETag
access-control-max-age
86400
cache-control
max-age=0, no-cache
content-length
2
content-type
text/html
date
Fri, 14 Oct 2022 14:54:56 GMT
expires
Fri, 14 Oct 2022 14:54:56 GMT
pragma
no-cache
vary
Origin
hbjson
grid.bidswitch.net/
24 B
362 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9401ab1246b087aa9d65a943a694694b205d89133f5d2fca8149beed5b2fe481

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 14 Oct 2022 14:54:57 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
cdb
bidder.criteo.com/
18 B
308 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.15.0&cb=5916795217&lsavail=0
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Oct 2022 14:54:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cnn.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/
302 B
336 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11016&site_id=26792&zone_id=369850&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html&tk_flint=pbjs_lite_v7.15.0&x_source.tid=3dbcda08-6f9d-40b0-b6bd-55464bc188af&l_pb_bid_id=3526660ff6e49ca&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=CNN%2Ftravel%2Fleaf%2Fvls%23rect_atf_01&slots=1&rand=0.9334096966159755
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bc297048583b3fa85211a4cc5021f54648e0ff6ac8ae99c4f74921d2337457ff

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cnn.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
302
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/
37 B
495 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=423257&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223600e01132a44d2%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A1%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%2C%22tmax%22%3A1150%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22ad_rect_atf_01%22%2C%22divId%22%3A%22ad_rect_atf_01%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223778f746bce2967%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22423257%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22423257%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22CNN%2Ftravel%2Fleaf%2Fvls%23rect_atf_01%22%2C%22tid%22%3A%223dbcda08-6f9d-40b0-b6bd-55464bc188af%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2243be5bfc-2333-45c8-b58e-491325ded701%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-10-14T14%3A54%3A55%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b3ef532c673594756c7fe348f0eddfd345e93b86b04c87b56e2c7c3b1407b8

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iqpLMSw67yOfNpCfkp3FyJyjx8urYInrJchjcoS3cPiSme2mdkIL1JnRYgC6B7nzm2e2OYjFrd4%2FP0Aa5dkOvAcy6C3fMyQ2mG9G44TmkEqK2bQ0aa3hZg6smqotsYCA4DCmQFG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75a127355e9ac45c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/
37 B
506 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=423257&ac=j&sd=1&r=%7B%22id%22%3A%223600e01132a44d2%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A1%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%2C%22tmax%22%3A1150%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22ad_rect_atf_01%22%2C%22divId%22%3A%22ad_rect_atf_01%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223873cec817b3471%22%2C%22ext%22%3A%7B%22siteID%22%3A%22423257%22%2C%22tid%22%3A%223dbcda08-6f9d-40b0-b6bd-55464bc188af%22%2C%22gpid%22%3A%22CNN%2Ftravel%2Fleaf%2Fvls%23rect_atf_01%22%7D%2C%22native%22%3A%7B%22request%22%3A%22%7B%5C%22ver%5C%22%3A%5C%221.2%5C%22%2C%5C%22assets%5C%22%3A%5B%7B%5C%22id%5C%22%3A0%2C%5C%22required%5C%22%3A1%2C%5C%22title%5C%22%3A%7B%5C%22len%5C%22%3A80%7D%7D%2C%7B%5C%22id%5C%22%3A1%2C%5C%22required%5C%22%3A1%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A2%7D%7D%2C%7B%5C%22id%5C%22%3A2%2C%5C%22required%5C%22%3A1%2C%5C%22img%5C%22%3A%7B%5C%22type%5C%22%3A3%2C%5C%22wmin%5C%22%3A300%2C%5C%22hmin%5C%22%3A225%2C%5C%22ext%5C%22%3A%7B%5C%22aspectratios%5C%22%3A%5B%5C%224%3A3%5C%22%5D%7D%7D%7D%2C%7B%5C%22id%5C%22%3A3%2C%5C%22required%5C%22%3A1%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A1%7D%7D%2C%7B%5C%22id%5C%22%3A4%2C%5C%22required%5C%22%3A1%2C%5C%22img%5C%22%3A%7B%5C%22type%5C%22%3A1%2C%5C%22wmin%5C%22%3A15%2C%5C%22hmin%5C%22%3A15%2C%5C%22ext%5C%22%3A%7B%5C%22aspectratios%5C%22%3A%5B%5C%221%3A1%5C%22%5D%7D%7D%7D%2C%7B%5C%22id%5C%22%3A5%2C%5C%22required%5C%22%3A0%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A12%7D%7D%5D%2C%5C%22eventtrackers%5C%22%3A%5B%7B%5C%22event%5C%22%3A1%2C%5C%22methods%5C%22%3A%5B1%2C2%5D%7D%5D%2C%5C%22privacy%5C%22%3A1%7D%22%2C%22ver%22%3A%221.2%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2243be5bfc-2333-45c8-b58e-491325ded701%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-10-14T14%3A54%3A55%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: i.cdn.turner.com
URL: https://i.cdn.turner.com/ads/adfuel/ais/2.1/cnn-ais.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b3ef532c673594756c7fe348f0eddfd345e93b86b04c87b56e2c7c3b1407b8

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FRloHklFpXb%2FWH6cJlqnco%2BAbIUUM8MnIgfvDkMKfCyCCCVhfMKvpxrzohS0Az%2Bggbtc%2B7cZQ5u%2BXRvMnKY5%2F9pevj2rUhUD5vIuFRQvooaXmRrlx0nD3MCV3j1v6HRB2VGmEXd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75a127356ea6c45c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
inbox_ff39b67feb7efb3b74df724f531434eb.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
73 KB
19 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox_ff39b67feb7efb3b74df724f531434eb.br.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0a3207ed6ac144bb58e9ea8a9a44d3e121e1ffb5444e72256017e2d5e7266873

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 16:19:48 GMT
content-encoding
br
age
1895709
x-guploader-uploadid
ADPycduuYFJ1C_S8ErCq6sgzmIgpQs6nAEfwCY5bovmCBsfh7cZWE_sZT93iK8sOjedZ_8VM31NYGFu_WDvvFYbUlAw1JHFc_a9g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19115
last-modified
Thu, 22 Sep 2022 16:19:42 GMT
server
UploadServer
etag
"64072da428f642ac6e49b3f040ae2f9b"
x-goog-generation
1663863582142952
x-goog-hash
crc32c=lXMscA==, md5=ZActpCj2QqxuSbPwQK4vmw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
19115
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 22 Sep 2023 16:19:48 GMT
onsite_594abc2b6ab7a4163a442e0f8acebf61.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
160 KB
34 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_594abc2b6ab7a4163a442e0f8acebf61.br.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ce4f517240bd5934346fb0891d1eda77fb7c4f6f3ca14524023f07c595c0c037

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 16:19:58 GMT
content-encoding
br
age
1895699
x-guploader-uploadid
ADPycdszuIrZFEBzqHZCrZUbHFzRJTNhoADBto7s4WVHmGQpriikoe7XM01kBk1jEcVbMCaQ0d4sN-rx7TmOWjEt59lhjA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34621
last-modified
Thu, 22 Sep 2022 16:19:51 GMT
server
UploadServer
etag
"395f1d51ae9e6c756a05a0ccf843c744"
x-goog-generation
1663863591209163
x-goog-hash
crc32c=yu2Mig==, md5=OV8dUa6ebHVqBaDM+EPHRA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
34621
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 22 Sep 2023 16:19:58 GMT
ads_5eb076e1b5163ef8de5db2b5b9b4fdc2.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
360 KB
67 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads_5eb076e1b5163ef8de5db2b5b9b4fdc2.br.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
563d5a8ab017d2f2de55d481c50625a6da125d4f11ead96bcbba9f8c5ae1388d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 14:29:58 GMT
content-encoding
br
age
865499
x-guploader-uploadid
ADPycdux7BHNukqjQGyNGcYGXWn6n0cIA_5rCBMuGbgNZ6wE--Mtzn2ywd7F6m6DdCB6S7arOQL3QsLSg0Y-7Yg6fxPI_jakgUu-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68693
last-modified
Tue, 04 Oct 2022 14:29:54 GMT
server
UploadServer
etag
"410172359cbe67b2a076f464923729a2"
x-goog-generation
1664893794578007
x-goog-hash
crc32c=hCwkqA==, md5=QQFyNZy+Z7KgdvRkkjcpog==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
68693
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 04 Oct 2023 14:29:58 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.36.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otFlat.json
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 14 Oct 2022 14:54:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
fOX75b8gO1oiJUk/36PurQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2959
x-ms-lease-status
unlocked
last-modified
Tue, 07 Jun 2022 19:28:56 GMT
server
cloudflare
etag
0x8DA48BBF6CB86AA
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
fa44f253-e01e-00b2-1fb7-a5239c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75a127368950d15b-BUF
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.36.0/assets/v2/
59 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/v2/otPcCenter.json
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74420758de35d9e305c4be91525ace39bc3961b99841ab0624834b863b7cd01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 14 Oct 2022 14:54:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ee1LIfkTbcemCp7i24lw6Q==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12974
x-ms-lease-status
unlocked
last-modified
Tue, 07 Jun 2022 19:28:58 GMT
server
cloudflare
etag
0x8DA48BBF82DCA58
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a4238dca-e01e-0171-51b7-a5ec8a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75a127368951d15b-BUF
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.36.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otCommonStyles.css
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 14 Oct 2022 14:54:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
/wtHD+oYY7dZRzCx50GZrQ==
x-ms-lease-status
unlocked
last-modified
Tue, 07 Jun 2022 19:29:11 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
309cb2cc-b01e-0088-01b7-a5603f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
75a127368952d15b-BUF
e9eaedd3-c1da-4334-82f0-d7e3ff883c87
consumer.krxd.net/consent/get/ Frame CCE0
223 B
310 B
Script
General
Full URL
https://consumer.krxd.net/consent/get/e9eaedd3-c1da-4334-82f0-d7e3ff883c87?idt=device&dt=kxcookie&callback=Krux.ns._default.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d1e3239d53066463518868aa1174679fb133cec0c95e9acd50ebd404308db5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
consumer-a021-ash-prod.krxd.net, cache-ewr18123-EWR
date
Fri, 14 Oct 2022 14:54:57 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-timer
S1665759297.099688,VS0,VE13
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
content-length
187
x-cache-hits
0, 0
RC48d931412d394706862ac8fd6d1f7c20-source.min.js
lightning.cnn.com/launch/7be62238e4c3/97fa00444124/3166d84232cb/
47 KB
8 KB
Script
General
Full URL
https://lightning.cnn.com/launch/7be62238e4c3/97fa00444124/3166d84232cb/RC48d931412d394706862ac8fd6d1f7c20-source.min.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d856e1202f7aa63f208d3848bc7b3d1b3352e02d3a689049d0ecb537b8532c45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
content-encoding
gzip
content-length
7540
last-modified
Fri, 12 Aug 2022 17:30:32 GMT
server
AkamaiNetStorage
etag
"527e693e06ae36e6ba1a06e02a99da6b:1660325432.25449"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
*
cache-control
max-age=123
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 14 Oct 2022 14:57:00 GMT
iu3
s.amazon-adsystem.com/ Frame AFCE
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&dcc=t
314 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&dcc=t
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f9a9338d8b09e71b172238a4cff6c2146c3eeb2219a55390e3e5093fc1cd07e0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
314
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 14 Oct 2022 14:54:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
J299GZDVB02AGV134MW7

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 14 Oct 2022 14:54:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
W2BGQZGEBVGD3ZGXP4T4
start.html
lightning.warnermediacdn.com/cdp/psmtk/ Frame 759E
158 B
464 B
Document
General
Full URL
https://lightning.warnermediacdn.com/cdp/psmtk/start.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
89a9bdc41593255b5aceb86e8649998b32e69483a7630171739b9e14283e1b7b

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=230
content-encoding
gzip
content-length
145
content-type
text/html
date
Fri, 14 Oct 2022 14:54:57 GMT
etag
"3a0d945be506a7d723724c30930a6bf4:1626112116.567639"
expires
Fri, 14 Oct 2022 14:58:47 GMT
last-modified
Mon, 12 Jul 2021 17:48:36 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
getcdpid.html
lightning.warnermediacdn.com/cdp/psmtk/ Frame 022B
2 KB
1 KB
Document
General
Full URL
https://lightning.warnermediacdn.com/cdp/psmtk/getcdpid.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0730ae5e6463d13788dd06f595b6bc77f82f0ddf26b16e27803dccfabc2bfc36

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=167
content-encoding
gzip
content-length
798
content-type
text/html
date
Fri, 14 Oct 2022 14:54:57 GMT
etag
"900dc51abdaafc207bb14a076293b648:1611158602.771768"
expires
Fri, 14 Oct 2022 14:57:44 GMT
last-modified
Wed, 20 Jan 2021 16:03:22 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
test.html
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame 5E8D
2 KB
1004 B
Document
General
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=486b77bd-d47b-404e-8979-7206b9b4c94d
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
686
content-type
text/html
date
Fri, 14 Oct 2022 14:54:57 GMT
etag
"1e015194a0e596827cb8971f884eb43c:1665571193.927845"
expires
Fri, 21 Oct 2022 14:54:57 GMT
last-modified
Wed, 12 Oct 2022 10:04:22 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 9D9D
416 B
714 B
Document
General
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-length
416
content-type
text/html
date
Fri, 14 Oct 2022 14:54:57 GMT
etag
"c0311cf15c21ddda054005e92fad3f9e:1665571191.142695"
expires
Fri, 21 Oct 2022 14:54:57 GMT
last-modified
Wed, 12 Oct 2022 10:04:22 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
l
mcdp-nydc1.outbrain.com/
2 B
292 B
Fetch
General
Full URL
https://mcdp-nydc1.outbrain.com/l?token=b48b1fc02b52b293c9083c3081d0e038_185_1665759296757&tm=1077&eT=0&widgetWidth=300&widgetHeight=764&widgetX=1050&widgetY=1278&wRV=2000910&pVis=0&lsd=486b77bd-d47b-404e-8979-7206b9b4c94d&eIdx=&ccpa=1YNN&cheq=0&rtt=540&oo=false&ab=0&wl=0
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 14 Oct 2022 14:54:57 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
22d1d5b7f83079610f1dbd6f1e2ffc4d
Content-Length
28
Content-Type
text/plain; charset=UTF-8
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 2E01
18 KB
6 KB
Document
General
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
270baa991d4c6a92df00e1939f1f7ad1ec718a79ee8e376762baa4764a48de99

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
5843
content-type
text/html
date
Fri, 14 Oct 2022 14:54:57 GMT
etag
"2a7643b553402dee213d6f028f4fff0c:1664788511.382734"
expires
Fri, 21 Oct 2022 14:54:57 GMT
last-modified
Mon, 03 Oct 2022 09:10:09 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
userZapping.js
widgets.outbrain.com/nanoWidget/2000910/module/
26 KB
7 KB
Script
General
Full URL
https://widgets.outbrain.com/nanoWidget/2000910/module/userZapping.js?e=1
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3bc6e9e5e4ddd87dd4fb43f62a60f5dad12ba6c3fd558c15323c49d1b1fbdaef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 10:06:27 GMT
server
AkamaiNetStorage
etag
"b91fef08a1e5f8bfc69af2a0edb868e7:1665571111.760854"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
6964
expires
Fri, 14 Oct 2022 18:54:57 GMT
get
odb.outbrain.com/utils/
55 KB
15 KB
Script
General
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html&idx=1&rand=81278&key=NANOWDGT01&widgetJSId=AR_18&va=true&et=true&format=html&lsd=486b77bd-d47b-404e-8979-7206b9b4c94d&lsdt=1665759297175&t=YjQ4YjFmYzAyYjUyYjI5M2M5MDgzYzMwODFkMGUwMzg=&adblck=false&abwl=false&px=1050&py=2981&vpd=1781&cw=300&activeTab=true&darkMode=false&seid=6c791484-2d5c-c50c-0000-0183d6fdbce6|0|1&ab=0&wl=0&settings=true&recs=true&version=2000910&sig=ytnWbWuT&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1YNN&ccpaStat=1&aqp=utm_medium%3Demail%26utm_content%3D229722043%26utm_source%3Dhs_email&ogn=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.38.132 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
626e5cd337dff6951c9dab516f5c48fdde79c61da0a9c2026b6546f4e3b43213

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 14 Oct 2022 14:54:57 GMT
content-encoding
gzip
via
1.1 varnish
traffic-path
NYDC1, IAD, USA_EAST1
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
e1304715545507b175970a40557d9ef7
content-length
14510
x-served-by
cache-iad-kcgs7200049-IAD
pragma
no-cache
x-timer
S1665759297.239288,VS0,VE260
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
play3_100x100.png
widgets.outbrain.com/images/widgetIcons/
3 KB
3 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/play3_100x100.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
db896db6bc5a61711279462a950f48940e6379ca407040ddf8a455939d38904b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"60f1930108b6cc2fe6d29cb2adbe6b61:1662969059.97083"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2629
expires
Sun, 13 Nov 2022 14:54:57 GMT
eyJpdSI6ImZkNDYwZjMyYTEwNzJlZTY1MDVlYzllOGU2YjdmZTBmZTA5NjU4OWJkODg3ZGU0Mjc1OGVjNTYwYzdkZjA4MGEiLCJ3Ijo0MDAsImgiOjIyNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
24 KB
24 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZkNDYwZjMyYTEwNzJlZTY1MDVlYzllOGU2YjdmZTBmZTA5NjU4OWJkODg3ZGU0Mjc1OGVjNTYwYzdkZjA4MGEiLCJ3Ijo0MDAsImgiOjIyNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
86b539ab73772056b99195dbee86d756bc30f85b1c9365152a4ac0aefcd419e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
last-modified
Thu, 06 Oct 2022 18:47:01 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1785345
access-control-allow-credentials
false
x-traceid
8c83a0bc5578509ef936d6b3cfd7c17a
timing-allow-origin
*, *
content-length
24220
eyJpdSI6IjE0ODJjNTk1MjI5YmI2NTc4YjgxOWVhNWE1MjAyMmIyMDBiOWRmNmU5NDc0ZDczNjY3NDYxNTQxYmI3Y2VkYjIiLCJ3Ijo0MDAsImgiOjIyNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
29 KB
29 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE0ODJjNTk1MjI5YmI2NTc4YjgxOWVhNWE1MjAyMmIyMDBiOWRmNmU5NDc0ZDczNjY3NDYxNTQxYmI3Y2VkYjIiLCJ3Ijo0MDAsImgiOjIyNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bc05fb263db39ac239ae88f3ec71f97d7ea39e62886aaf3a0b197232996cc65e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
last-modified
Thu, 06 Oct 2022 18:45:17 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1785363
access-control-allow-credentials
false
x-traceid
4914c7fc892d959415f5cfe85dcc2b60
timing-allow-origin
*, *
content-length
29886
eyJpdSI6ImZhYzc2MmE4NTdjZjYzMzRhYjVjNDNiNzE2MDg1MjNjNTk0YjgwNjU0Y2ViZTdkZTdjYzIzNjQ3ZTY1NzFjN2EiLCJ3Ijo0MDAsImgiOjIyNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
72 KB
72 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZhYzc2MmE4NTdjZjYzMzRhYjVjNDNiNzE2MDg1MjNjNTk0YjgwNjU0Y2ViZTdkZTdjYzIzNjQ3ZTY1NzFjN2EiLCJ3Ijo0MDAsImgiOjIyNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0084f3025b62635fb1d9fd855c1757260891499abe699746310db9c0006e6f9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
last-modified
Tue, 11 Oct 2022 04:09:32 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2164620
access-control-allow-credentials
false
x-traceid
bfcb56274459007666ff9e1e27861af7
timing-allow-origin
*, *
content-length
73632
eyJpdSI6IjM3YmQxNjNhYzZiODIxNmNlMzcyMzE2YzY2ODQwMTMzMWYxYTY2YmViOWY4YzMzYTE0NjAyYjcyNjMzNDQ3NmMiLCJ3Ijo0MDAsImgiOjIyNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
63 KB
63 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM3YmQxNjNhYzZiODIxNmNlMzcyMzE2YzY2ODQwMTMzMWYxYTY2YmViOWY4YzMzYTE0NjAyYjcyNjMzNDQ3NmMiLCJ3Ijo0MDAsImgiOjIyNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b62e02d1e5006626a7dca0d61b0a130e31235872dba389a04089e3b85406f1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
last-modified
Wed, 12 Oct 2022 14:05:23 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2286558
access-control-allow-credentials
false
x-traceid
d9ec1bd4b67b32937a7157cacbd20592
timing-allow-origin
*, *
content-length
64136
eyJpdSI6ImZmMDM4YTM5Y2I5Y2U3ZDRjMTRmMWRiNjdlYzE4MzI0NTE3ZjQ1N2M0Yzg1NGRmMWJmMWQxZWUzNDE4MWYwMTciLCJ3Ijo0MDAsImgiOjIyNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
58 KB
58 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZmMDM4YTM5Y2I5Y2U3ZDRjMTRmMWRiNjdlYzE4MzI0NTE3ZjQ1N2M0Yzg1NGRmMWJmMWQxZWUzNDE4MWYwMTciLCJ3Ijo0MDAsImgiOjIyNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3d7f4f5a9e515953a51ba871357a26765ef23739e724715ad7b6acbb7874f3f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
last-modified
Fri, 07 Oct 2022 00:09:26 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1804566
access-control-allow-credentials
false
x-traceid
98246dd9d69ab38e8065e43f650f9cfc
timing-allow-origin
*, *
content-length
59290
211b2f2141e3c4e2ddef82016bf521e8.woff2
verticals-static.cnn.com/travel/assets/
45 KB
46 KB
Font
General
Full URL
https://verticals-static.cnn.com/travel/assets/211b2f2141e3c4e2ddef82016bf521e8.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67e8269cd944134ebe49deda2f7b3c76fba0b2b97037c8649d0a411007de23f5

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:57 GMT
Last-Modified
Wed, 01 Dec 2021 19:08:37 GMT
Server
AmazonS3
x-amz-request-id
CTVFSYCF38HBHV1R
ETag
"211b2f2141e3c4e2ddef82016bf521e8"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=18593235
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46464
x-amz-id-2
YpqJyXTmAFOZba5Jcznn2d3U5KaMSlXnpKJBdNitBHM0W8XKvOJltOKYGNxOU8KFQyLuPAvywwGiopM3DyYkZw==
tp2
collector.cdp.cnn.com/com.snowplowanalytics.snowplow/
2 B
314 B
XHR
General
Full URL
https://collector.cdp.cnn.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: z.cdp-dev.cnn.com
URL: https://z.cdp-dev.cnn.com/sp/current/zion-sp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.14.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a80a9201ee101bbc3.awsglobalaccelerator.com
Software
akka-http/10.2.7 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.cnn.com
date
Fri, 14 Oct 2022 14:54:57 GMT
access-control-allow-credentials
true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server
akka-http/10.2.7
content-length
2
content-type
text/plain; charset=UTF-8
putRecord
zion.api.cnn.io/bridge/v1/
133 B
466 B
XHR
General
Full URL
https://zion.api.cnn.io/bridge/v1/putRecord
Requested by
Host: verticals-static.cnn.com
URL: https://verticals-static.cnn.com/travel/assets/0.a854a62bd42e1349f04a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.188.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-188-160.compute-1.amazonaws.com
Software
/
Resource Hash
afc3fd9915b5e2dd938df4b615df0250a440d41dbca3a12467f8b7c57bf3cbef

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
x-amzn-requestid
8d33d7ec-8807-44cf-bbcb-b07013187805
x-amzn-trace-id
Root=1-63497841-1e26fc5a5e39d8072dd68b6c
access-control-allow-methods
POST,GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Z_-6QGn6IAMFscQ=
content-length
133
access-control-allow-headers
X-Graphql-Query-Uuid,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
putRecord
zion.api.cnn.io/bridge/v1/
133 B
466 B
XHR
General
Full URL
https://zion.api.cnn.io/bridge/v1/putRecord
Requested by
Host: verticals-static.cnn.com
URL: https://verticals-static.cnn.com/travel/assets/0.a854a62bd42e1349f04a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.188.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-188-160.compute-1.amazonaws.com
Software
/
Resource Hash
fdde3f4f2137d2449ad365a8ea24c2bc8d49dfbbc909a46d2e1ac23918610209

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
x-amzn-requestid
de91aa64-f319-4b23-81ba-e5f2aaad3406
x-amzn-trace-id
Root=1-63497841-633b469936b5125f18db1243
access-control-allow-methods
POST,GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Z_-6QHt8IAMFstQ=
content-length
133
access-control-allow-headers
X-Graphql-Query-Uuid,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
complete.html
lightning.warnermediacdn.com/cdp/psmtk/ Frame 759E
351 B
649 B
Document
General
Full URL
https://lightning.warnermediacdn.com/cdp/psmtk/complete.html
Requested by
Host: lightning.warnermediacdn.com
URL: https://lightning.warnermediacdn.com/cdp/psmtk/start.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4b33e75cb5f95365ebafb32ccc625f79e7bbc6019bf42a94c866a43110b05348

Request headers

Referer
https://lightning.warnermediacdn.com/cdp/psmtk/start.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=424
content-length
351
content-type
text/html
date
Fri, 14 Oct 2022 14:54:57 GMT
etag
"cf97797c02be2c55a005ec3773c3a00b:1626112122.819184"
expires
Fri, 14 Oct 2022 15:02:01 GMT
last-modified
Mon, 12 Jul 2021 17:48:42 GMT
server
AkamaiNetStorage
tp2
collector.cdp.cnn.com/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://collector.cdp.cnn.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.14.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a80a9201ee101bbc3.awsglobalaccelerator.com
Software
akka-http/10.2.7 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cnn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.cnn.com
access-control-max-age
600
content-length
0
date
Fri, 14 Oct 2022 14:54:57 GMT
server
akka-http/10.2.7
putRecord
zion.api.cnn.io/bridge/v1/ Frame
0
0
Preflight
General
Full URL
https://zion.api.cnn.io/bridge/v1/putRecord
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.188.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-188-160.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cnn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
X-Graphql-Query-Uuid,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 14 Oct 2022 14:54:57 GMT
x-amz-apigw-id
Z_-6QHeRoAMFrxw=
x-amzn-requestid
eb4300ca-ea54-475f-ad59-06aad0dec8bb
putRecord
zion.api.cnn.io/bridge/v1/ Frame
0
0
Preflight
General
Full URL
https://zion.api.cnn.io/bridge/v1/putRecord
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.188.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-188-160.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cnn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
X-Graphql-Query-Uuid,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 14 Oct 2022 14:54:57 GMT
x-amz-apigw-id
Z_-6QFQAoAMFViA=
x-amzn-requestid
d77b39e6-0956-4b24-8bca-9b0558d9ad84
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 9D9D
610 B
907 B
Document
General
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-length
610
content-type
text/html
date
Fri, 14 Oct 2022 14:54:57 GMT
etag
"48053d50141031b1511dbd30f9a31288:1665571191.818857"
expires
Fri, 21 Oct 2022 14:54:57 GMT
last-modified
Wed, 12 Oct 2022 10:04:22 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/
3 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 14 Oct 2022 14:54:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
783
x-ms-lease-status
unlocked
last-modified
Thu, 13 Oct 2022 06:44:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
77d69591-601e-008a-04d3-de62c5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
75a12739c9d7d15b-BUF
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cnn.com
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
308 KB
68 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2660550322140233&correlator=1555942220360849&eid=31070374&output=ldjh&gdfp_req=1&vrg=2022101301&ptt=17&impl=fifs&us_privacy=1YNN&iu_parts=8663477%2CCNN%2Ctravel%2Cleaf%2Cvls&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=200x60%7C300x25%2C970x250%7C970x90%7C970x66%7C728x90%7C1x2%7C1x1%2C320x50%7C1x2%7C1x1%2C300x601%7C300x600%7C300x251%7C300x250%7C1x2%2C1x2%7C1x1%2C300x1050%7C300x850%7C300x600%7C300x250%7C1x2&fluid=0%2C0%2Cheight%2C0%2C0%2C0&ifi=1&adks=437917899%2C2790737673%2C280690836%2C1420987869%2C68583074%2C1731925108&sfv=1-0-38&ists=2&fsapi=false&prev_scp=pos%3Dmod%26id%3D2ae7d2fd-4bd0-11ed-86f0-0a8c0552005d%26vw%3D40%2C50%26grm%3D40%2C50%7Cpos%3Dbnr_atf_01%26amznbid%3D2%26amznp%3D2%26id%3D2b0a9d9f-4bd0-11ed-8703-0e6557286d5b%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%26pub%3D40%26hb_format_criteo%3Dbanner%26hb_source_criteo%3Dclient%26hb_size_criteo%3D970x250%26hb_pb_criteo%3D0.34%26hb_adid_criteo%3D392e5b2b9f1a15a%26hb_bidder_criteo%3Dcriteo%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.34%26hb_adid%3D392e5b2b9f1a15a%26hb_bidder%3Dcriteo%26amzniid%3D%26amznsz%3D0x0%7Cpos%3Dnat_btf_01%26strnativekey%3DXxTZ7GA9tD7kCYrbxhbhnRJy%26id%3D2b13c543-4bd0-11ed-ad97-0a3253e544a7%7Cpos%3Drect_btf_01%26amznbid%3D2%26amznp%3D2%26amzniid%3D%26amznsz%3D0x0%26id%3D2b1db02d-4bd0-11ed-83d1-02b862816393%7Cpos%3Doop_float_01%26id%3D2b221c9a-4bd0-11ed-a464-0e29ce25c4b7%26vw%3D40%26grm%3D40%2C50%7Cpos%3Drect_atf_01%26amznbid%3D2%26amznp%3D2%26amzniid%3D%26amznsz%3D0x0%26id%3D2b28374b-4bd0-11ed-bc07-0a7d2ca1a63d%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%26pub%3D40&eri=1&cust_params=transId%3D16657592946554310869678898%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_66_KW%252CIAS_5112_KW%252CIAS_5238_KW%252CIAS_5939_KW%252CIAS_1199_KW%252CIAS_7832_KW%252CIAS_4232_KW%252CIAS_489_KW%252CIAS_4836_KW%252CIAS_8344_KW%252CIAS_UNSCORED_PG%252CIAS_1071_KW%252CIAS_1467_KW%252CIAS_5445_KW%252CIAS_3895_KW%252CIAS_689_KW%252CIAS_9378_KW%252CIAS_9502_KW%252CIAS_7262_KW%252CIAS_4594_KW%252CIAS_19473_2390_KW%252CIAS_7833_KW%252CIAS_7294_KW%252CIAS_4726_KW%252CIAS_5633_KW%252CIAS_7023_KW%252CIAS_2379_KW%252CIAS_6676_KW%252CIAS_7153_KW%252CIAS_809_KW%252CIAS_1074_KW%26pconid%3D300003%252Cu1o0ny%252C3lfw48%252Ci6pjoz%252C2xvcrl%252Cbixwk5%252C3ll5dh%252C19ydr6%252Czog97d%252Cxzzkew%252Cevkab5%252Cc3zhn6%252Clcnite%252Cc3v12m%252Cmc3kxh%252C44knvr%252Cp5i4c4%252Chp9a9l%252Cxcdf1j%252C626xos%252C6w8hjb%252Cj5234h%252C52ve25%252C3tzrc2%252Cpq1tml%252Co1hvg8%252Ccrnpb5%252Cvnrej0%252Ci94msq%252C1gj4cl%252C13ftvt%252Cio0re3%252Chbi43e%252Cdlk9jf%252Crf5c2q%252Cn0603d%252Cbrcvxg%252C1fayut%252C1mdqu6%252Cufa2a5%252Cgmgpvb%252Cfy0crr%252C5u5i6t%252Cdmtxhl%252C9k1k0v%252Cpwuouc%252C14uhr8%252Cgcjnr8%252Clh44si%252C4ru03b%252C2tka30%252C8b6tey%252Cojps08%252C48g41s%252Cfdwua9%252Cs6anw8%252Cikuqq1%252C32k6sl%252Citq8l3%252Ckldzcy%252Cyyujdp%252Ckrvjsn%252Cw7iuu5%252Cuwv2gv%252Csqw6ty%252C7og788%252Cjobhd5%252Cycl371%252Cksz5zl%252Cgkcm1f%252C792iod%252Cekaxcw%252Cnykkff%252Cw4tily%252Ched9rj%252C6cqig4%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C230006%252C230019%252C230160%252C132200%252C132204%252C132221%252C117700%252C117734%252C121100%26prx_to%3D0%26hbg%3DUS%26cep%3D0%26cdpfl%3Dhhfff-lrfff%26ksg%3D%26wmsegs%3D%26guid%3D6349783d0e03f40a3f9cef001449eaf6%26spec%3Dunlocking_the_world%26protocol%3Dssl%26refdom%3Dother&sc=1&cookie_enabled=1&abxe=1&dt=1665759297615&lmt=1665759297&dlt=1665759293293&idt=3435&adxs=1150%2C315%2C250%2C1050%2C800%2C1050&adys=358%2C0%2C1403%2C2058%2C4209%2C554&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&frm=20&vis=1&psz=0x55%7C1600x-1%7C634x-1%7C300x0%7C1600x0%7C300x0&msz=200x0%7C970x-1%7C0x-1%7C300x0%7C0x0%7C300x0&fws=132%2C132%2C132%2C132%2C128%2C132&ohw=1100%2C1600%2C634%2C1100%2C0%2C1100&ga_vid=1851013386.1665759298&ga_sid=1665759298&ga_hid=1923652337&ga_fc=false&cbidsp=~CvgCCAES0gEKBmNyaXRlbxDWAhrCAQoPMzkyZTViMmI5ZjFhMTVhENiLFRoDVVNEIgloYl9iaWRkZXIiB2hiX2FkaWQiBWhiX3BiIgdoYl9zaXplIgloYl9zb3VyY2UiCWhiX2Zvcm1hdCIQaGJfYmlkZGVyX2NyaXRlbyIOaGJfYWRpZF9jcml0ZW8iDGhiX3BiX2NyaXRlbyIOaGJfc2l6ZV9jcml0ZW8iEGhiX3NvdXJjZV9jcml0ZW8iEGhiX2Zvcm1hdF9jcml0ZW8oAToGCMoHEPoBIAESDQoGdHJ1c3R4ENADIAISDQoGdHJ1c3R4ENADIAISDQoGdHJ1c3R4ENADIAISDgoIYXBwbmV4dXMQAyACEg4KB3J1Ymljb24QvwIgAhIJCgJpeBC4AiACEgkKAml4ELgCIAISCQoCaXgQuAIgAhgCIiRmMzM5YmE1Yi05MTFmLTQwZjAtOTQxYi0wNmIwMmM3ZTAyNDAqBAgDIABKAED-CA..~~CpgBCAESDQoGY3JpdGVvEKUDIAISDgoIYXBwbmV4dXMQACACEg4KB3J1Ymljb24QpQMgAhINCgZ0cnVzdHgQ2QMgAhINCgZ0cnVzdHgQ2QMgAhIJCgJpeBClAyACEgkKAml4EKUDIAIYAiIkZDEyMDhkZTQtMjQxNS00MzRlLWFlYmYtOTc2NjViMWNlNDgyKgQIAyAASgBA_gg.~~CpgBCAESDQoGdHJ1c3R4EJADIAISDQoGdHJ1c3R4EJADIAISDgoIYXBwbmV4dXMQASACEg0KBmNyaXRlbxChAiACEg4KB3J1Ymljb24QgAMgAhIJCgJpeBCfAiACEgkKAml4EJ8CIAIYAiIkM2RiY2RhMDgtNmY5ZC00MGIwLWI2YmQtNTU0NjRiYzE4OGFmKgQIAyAASgBA_gg.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
761d5e2b0ff642e56f1e89996a65563f48605b0993752bf84cc06983b0b94f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70084
x-xss-protection
0
google-lineitem-id
-2,6121155019,5644072975,6121155019,-2,6121155019
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138407334136,138406769406,138407334265,-2,138406824543
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F418
6 KB
4 KB
Document
General
Full URL
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:54:57 GMT
expires
Sat, 14 Oct 2023 14:54:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
resolve
psm.wmcdp.io/v1/
105 B
269 B
XHR
General
Full URL
https://psm.wmcdp.io/v1/resolve
Requested by
Host: lightning.cnn.com
URL: https://lightning.cnn.com/cdp/psm/i/web/release/3.1.2/psm.legacy.min.umd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.41.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aae763f5456d53c1d.awsglobalaccelerator.com
Software
/
Resource Hash
3166ddb18a7c073185864a44a253427c52edb30f5d15b06a399f686eb7340df3

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 14 Oct 2022 14:54:58 GMT
content-type
application/json
content-length
105
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST,GET,OPTIONS
resolve
psm.wmcdp.io/v1/ Frame
0
0
Preflight
General
Full URL
https://psm.wmcdp.io/v1/resolve
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.41.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aae763f5456d53c1d.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cnn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
content-length
0
date
Fri, 14 Oct 2022 14:54:58 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
tp2
collector.cdp.cnn.com/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://collector.cdp.cnn.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.14.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a80a9201ee101bbc3.awsglobalaccelerator.com
Software
akka-http/10.2.7 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cnn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.cnn.com
access-control-max-age
600
content-length
0
date
Fri, 14 Oct 2022 14:54:57 GMT
server
akka-http/10.2.7
tp2
collector.cdp.cnn.com/com.snowplowanalytics.snowplow/
2 B
313 B
XHR
General
Full URL
https://collector.cdp.cnn.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: z.cdp-dev.cnn.com
URL: https://z.cdp-dev.cnn.com/sp/current/zion-sp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.14.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a80a9201ee101bbc3.awsglobalaccelerator.com
Software
akka-http/10.2.7 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.cnn.com
date
Fri, 14 Oct 2022 14:54:57 GMT
access-control-allow-credentials
true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server
akka-http/10.2.7
content-length
2
content-type
text/plain; charset=UTF-8
usermatch.gif
beacon.krxd.net/ Frame CCE0
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=UEl6cXBBdzU
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJbJKOc5jiiBC4kd9D9LVSc&google_cver=1
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJbJKOc5jiiBC4kd9D9LVSc&google_cver=1
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n008-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:54:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1665759298
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJbJKOc5jiiBC4kd9D9LVSc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame CCE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UEl6cXBBdzU
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=UEl6cXBBdzU&google_tc=
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIj_O2admy_QYM3jOTYmg-o&google_cver=1
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIj_O2admy_QYM3jOTYmg-o&google_cver=1
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n026-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:54:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=21 t=1665759298
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEIj_O2admy_QYM3jOTYmg-o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame CCE0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=PIzqpAw5&gdpr=0
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=43be5bfc-2333-45c8-b58e-491325ded701
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=43be5bfc-2333-45c8-b58e-491325ded701
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n025-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:54:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=41 t=1665759297
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=43be5bfc-2333-45c8-b58e-491325ded701
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
227
26357
stags.bluekai.com/site/ Frame CCE0
62 B
416 B
Image
General
Full URL
https://stags.bluekai.com/site/26357?id=PIzqpAw5
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 14 Oct 2022 14:54:58 GMT
content-length
62
content-type
image/gif
p
sb.scorecardresearch.com/ Frame CCE0
43 B
359 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=PIzqpAw5&rn=1665759298
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-33.jfk50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
via
1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
content-length
43
x-amz-cf-id
1PqllG7dnIg8FyQVZQY3CspUAoN1WSzQpQ6MCleIBi43nV8zSFIgKQ==
x-cache
Miss from cloudfront
content-type
image/gif
ibs:dpid=66757&&dpuuid=PIzqpAw5
dpm.demdex.net/ Frame CCE0
42 B
940 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=PIzqpAw5
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.50.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-50-150.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v043-0f1e70222.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bqEEcTRvRac=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9
sync.search.spotxchange.com/audience_sync/ Frame CCE0
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=spotx
  • https://sync.search.spotxchange.com/audience_sync/9?uid=PIzqpAw5
0
506 B
Image
General
Full URL
https://sync.search.spotxchange.com/audience_sync/9?uid=PIzqpAw5
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Server
192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:58 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
324
Connection
keep-alive
Content-Length
0

Redirect headers

location
https://sync.search.spotxchange.com/audience_sync/9?uid=PIzqpAw5
date
Fri, 14 Oct 2022 14:54:57 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a011-ash-prod.krxd.net
NC4WTmcy
sync-tm.everesttech.net/upi/pid/ Frame CCE0
0
0

usermatch.gif
beacon.krxd.net/ Frame CCE0
Redirect Chain
  • https://bea4.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dfreewheel%26partner_uid%3D%23%7Buser.id%7D
  • https://beacon.krxd.net/usermatch.gif?partner=freewheel&partner_uid=e5f69_7154381690738909760
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=freewheel&partner_uid=e5f69_7154381690738909760
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n032-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:54:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=45 t=1665759297
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:57 GMT
Content-Type
text/html
Location
https://beacon.krxd.net/usermatch.gif?partner=freewheel&partner_uid=e5f69_7154381690738909760
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
usermatch.gif
beacon.krxd.net/ Frame CCE0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=7131516223038119427
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?adnxs_uid=7131516223038119427
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n023-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:54:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=22 t=1665759297
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:57 GMT
AN-X-Request-Uuid
af9714f7-ab03-4fa7-99af-c8a88c622250
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://beacon.krxd.net/usermatch.gif?adnxs_uid=7131516223038119427
Connection
keep-alive
X-Proxy-Origin
96.9.246.197; 96.9.246.197; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mapuid
ib.adnxs.com/ Frame CCE0
43 B
959 B
Image
General
Full URL
https://ib.adnxs.com/mapuid?member=1780&user=PIzqpAw5
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:57 GMT
AN-X-Request-Uuid
639f4924-8a8c-4cc9-b7fe-203efd018b49
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
96.9.246.197; 96.9.246.197; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
379708.gif
idsync.rlcdn.com/ Frame CCE0
42 B
450 B
Image
General
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=PIzqpAw5
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
tag.aspx
ml314.com/ Frame CCE0
31 KB
11 KB
Script
General
Full URL
https://ml314.com/tag.aspx?1492022
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:21:09 GMT
content-encoding
br
age
2028
x-guploader-uploadid
ADPycdt5lt_SnzYmldJUHliYjOVXdOS_HHxd0cI8XEtNyrWdV9zCNkLdtc2PZaebsrWVd5Hr3vAnzOjf6GUhJ0GYiCXR9vMpKTPQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11373
last-modified
Tue, 09 Aug 2022 21:49:07 GMT
server
UploadServer
etag
W/"fe36d3317b1b052708eb2260e253aa63"
vary
Accept-Encoding
x-goog-generation
1660081747697868
x-goog-hash
crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type
application/javascript
cache-id
LGA-991dec68
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32025
accept-ranges
none
g.js
aa.agkn.com/adscores/ Frame CCE0
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=neustar
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PIzqpAw5
43 B
655 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PIzqpAw5
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
108.138.106.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-100.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
via
1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P3
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
zrGYJZw5ucgGLFKrbqoXICj-LaFlc36GmrHdEXz6344ptVJ-b1_1bQ==
expires
0

Redirect headers

location
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PIzqpAw5
date
Fri, 14 Oct 2022 14:54:57 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a012-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame CCE0
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212303288&_kdpid=PIzqpAw5
  • https://beacon.krxd.net/usermatch.gif?partner=neustar&partner_uid=M6xIrXdxpsVi0j%2FQfDsomzIwE56upj6cPqmISYjX2i0%3D
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=neustar&partner_uid=M6xIrXdxpsVi0j%2FQfDsomzIwE56upj6cPqmISYjX2i0%3D
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n026-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:54:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1665759298
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:57 GMT
via
1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P3
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://beacon.krxd.net/usermatch.gif?partner=neustar&partner_uid=M6xIrXdxpsVi0j%2FQfDsomzIwE56upj6cPqmISYjX2i0%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
85qZuMpiE657TEmRcXdpQ2-H1r20KjG-KvFgPuUWLsmgEjN6ykWF7w==
expires
0
usermatch.gif
beacon.krxd.net/ Frame CCE0
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=6919&kuid=PIzqpAw5
  • https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1797288116820033575
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1797288116820033575
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n039-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:54:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1665759298
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1797288116820033575
Date
Fri, 14 Oct 2022 14:54:58 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame CCE0
0
480 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
adsct
analytics.twitter.com/i/ Frame CCE0
43 B
394 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=PIzqpAw5&p_id=10623
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
5
date
Fri, 14 Oct 2022 14:54:57 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
50d7cc36074f89dd
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
85984abb8ec9efba620e8f8947a1b190a49beb24e207987c3e368e283f68467b
content-length
43
6
jadserve.postrelease.com/dmp/ Frame CCE0
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=nativo
  • https://jadserve.postrelease.com/dmp/6?vk=PIzqpAw5
43 B
540 B
Image
General
Full URL
https://jadserve.postrelease.com/dmp/6?vk=PIzqpAw5
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
52.23.59.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-59-39.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

location
https://jadserve.postrelease.com/dmp/6?vk=PIzqpAw5
date
Fri, 14 Oct 2022 14:54:58 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
tpid=PIzqpAw5
sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/ Frame CCE0
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9164/TP=KRUX/tpid=PIzqpAw5
  • https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=PIzqpAw5
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=PIzqpAw5
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.2.172
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=PIzqpAw5
cache-control
no-cache
x-server
10.40.10.246
content-length
0
expires
0
usermatch.gif
beacon.krxd.net/ Frame CCE0
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=quantcast
  • https://pixel.quantserve.com/pixel/p-j_f_9hh7_PWUw.gif?idmatch=0&partner_user_id=PIzqpAw5
  • https://beacon.krxd.net/usermatch.gif?gdpr=0&partner=quantcast&partner_uid=FXxMWxR3TFAOdx4AR3pVAxN_T1EOeR4GEX5hYtv1
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?gdpr=0&partner=quantcast&partner_uid=FXxMWxR3TFAOdx4AR3pVAxN_T1EOeR4GEX5hYtv1
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n016-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:54:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1665759298
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://beacon.krxd.net/usermatch.gif?gdpr=0&partner=quantcast&partner_uid=FXxMWxR3TFAOdx4AR3pVAxN_T1EOeR4GEX5hYtv1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
getdata.xgi
r.nexac.com/e/ Frame CCE0
0
0

RC311830114c544363891ad58fd1cd7030-source.min.js
lightning.cnn.com/launch/7be62238e4c3/97fa00444124/3166d84232cb/
6 KB
2 KB
Script
General
Full URL
https://lightning.cnn.com/launch/7be62238e4c3/97fa00444124/3166d84232cb/RC311830114c544363891ad58fd1cd7030-source.min.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e7e7d81167cf94a302519795edb29decd2628958ad2aeb3ddfbf228e1f50fffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
content-encoding
gzip
content-length
1401
last-modified
Fri, 12 Aug 2022 17:30:32 GMT
server
AkamaiNetStorage
etag
"24802121228605e3fafbaa1fffbb2a81:1660325432.522604"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
*
cache-control
max-age=118
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 14 Oct 2022 14:56:55 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Oct 2022 14:54:57 GMT
db_sync
px.ads.linkedin.com/ Frame 2E01
Redirect Chain
  • https://idsync.rlcdn.com/420046.gif?partner_uid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEpLX3c4UW5UZ2ZKdVBZcWJXVHRnUlMzZnNPdzJ6RXZVcEdnRUt4VU10UUlQQ0IxY3FWUFkxcHZuZ0M4THlFZGwQABoNCMHwpZoGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=cf3e43b0172cbbe139e20e3e0316fdd273a4f46f1e805dc8ac50931c1fa5c6fa791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cf3e43b0172cbbe139e20e3e0316fdd273a4f46f1e805dc8ac50931c1fa5c6fa791426b5417dce21&rand=07788227
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cf3e43b0172cbbe139e20e3e0316fdd273a4f46f1e805dc8ac50931c1fa5c6fa791426b5417dce21&rand=07788227&expected_cookie=0ad9ee38-2cdb-4948-aa3f-2544a01ce08f
0
141 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cf3e43b0172cbbe139e20e3e0316fdd273a4f46f1e805dc8ac50931c1fa5c6fa791426b5417dce21&rand=07788227&expected_cookie=0ad9ee38-2cdb-4948-aa3f-2544a01ce08f
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8D0F3ADC6B6F4068A071149657527590 Ref B: NYCEDGE1620 Ref C: 2022-10-14T14:54:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXq/89TqQB6Ig/1H2Ndhg==

Redirect headers

date
Fri, 14 Oct 2022 14:54:58 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E683F28AE3A8434D9E3D198FCBB6E390 Ref B: NYCEDGE1620 Ref C: 2022-10-14T14:54:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=cf3e43b0172cbbe139e20e3e0316fdd273a4f46f1e805dc8ac50931c1fa5c6fa791426b5417dce21&rand=07788227&expected_cookie=0ad9ee38-2cdb-4948-aa3f-2544a01ce08f
x-li-proto
http/2
content-length
0
x-li-uuid
AAXq/89O0VB3W+EtGWLkGQ==
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&s=2&us_privacy=1YNN
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=nn12DaTFKjxqFrRvUj2d&gdpr=0&us_privacy=1YNN
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=nn12DaTFKjxqFrRvUj2d&gdpr=0&us_privacy=1YNN
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:58 GMT
Cache-Control
no-cache
X-TraceId
8a668b82e38583676bc0684459e68477
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:58 GMT
Content-Type
text/html; charset=utf-8
Location
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=nn12DaTFKjxqFrRvUj2d&gdpr=0&us_privacy=1YNN
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
130
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7131516223038119427&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7131516223038119427&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:58 GMT
Cache-Control
no-cache
X-TraceId
5a88f46321fc0e569e9ec96c5d8146c3
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:57 GMT
AN-X-Request-Uuid
0cb629b0-ec70-496f-8f2e-cfb065881a33
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7131516223038119427&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Connection
keep-alive
X-Proxy-Origin
96.9.246.197; 96.9.246.197; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=133726&dpuuid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_pd=1&gdpr_consent=
dpm.demdex.net/ Frame 2E01
42 B
940 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=133726&dpuuid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_pd=1&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.50.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-50-150.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v043-074b0575a.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
XXIB/WK2RZY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
set
sync-jp.im-apps.net/imid/ Frame 2E01
43 B
194 B
Image
General
Full URL
https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.167.60 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-167-60.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 14 Oct 2022 14:54:58 GMT
cache-control
max-age=3000
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
content-length
43
expires
Fri, 14 Oct 2022 15:44:58 GMT
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=43be5bfc-2333-45c8-b58e-491325ded701&gdpr=0&gdpr_consent=
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=43be5bfc-2333-45c8-b58e-491325ded701&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:58 GMT
Cache-Control
no-cache
X-TraceId
bf63be4b6196336449e244f7fc25e306
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=43be5bfc-2333-45c8-b58e-491325ded701&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
241
usermatch.gif
beacon.krxd.net/ Frame 2E01
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n028-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:54:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=40 t=1665759297
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
g.pixel
aa.agkn.com/adscores/ Frame 2E01
43 B
656 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-100.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:57 GMT
via
1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P3
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
51eD6ctKasD-Xk_uXQIE8XL8mpPHQnpFI_VuGw8bbXccsSk8M9F_BA==
expires
0
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=94c3909b-d059-4f0c-acbe-cdd72d108f1f
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=94c3909b-d059-4f0c-acbe-cdd72d108f1f
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:58 GMT
Cache-Control
no-cache
X-TraceId
f04a0cda0f37a1ef592210d314e9fd9f
Content-Length
0

Redirect headers

location
//sync.outbrain.com/cookie-sync?p=mediaforce&uid=94c3909b-d059-4f0c-acbe-cdd72d108f1f
date
Fri, 14 Oct 2022 14:54:58 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&us_privacy=1YNN&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&us_privacy=1YNN&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=outbrain&bsw_custom_parameter=54581ddb-cf4b-4c83-8772-b771adc7cdd3
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=outbrain&bsw_custom_parameter=54581ddb-cf4b-4c83-8772-b771adc7cdd3
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=8a8de51f-330e-4ff5-8dbc-ddce92b6c70c&ssp=outbrain&expires=30&user_group=5&bsw_param=54581ddb-cf4b-4c83-8772-b771adc7cdd3
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
a14e7ffabe1b0ae6e3ed3f903b457b90
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 2E01
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN%26uid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:57 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
333292
expires
Fri, 14 Oct 2022 00:00:00 GMT
sync
sofia.trustx.org/ul_cb/ Frame 2E01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&google_dbm=&google_tc=
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIc0TtEGGdMsfBihZEKd-7s&google_cver=1
  • https://sofia.trustx.org/sync?tp_id=1&tp_uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&ssp_custom_data=
  • https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&ssp_custom_data=
43 B
806 B
Image
General
Full URL
https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&ssp_custom_data=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
6.168.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location
https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&ssp_custom_data=
Date
Fri, 14 Oct 2022 14:54:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1YNN
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7154381707928795275&gdpr=0&gdpr_consent=
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7154381707928795275&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:58 GMT
Cache-Control
no-cache
X-TraceId
e4f9a0d5000f53cb812d0418ea2987c1
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7154381707928795275&gdpr=0&gdpr_consent=
Date
Fri, 14 Oct 2022 14:54:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
ps.eyeota.net/match/bounce/ Frame 2E01
Redirect Chain
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-138-212.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 14 Oct 2022 14:54:58 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?bid=1mpn7m0&uid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Date
Fri, 14 Oct 2022 14:54:58 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
id.geistm.com/m/OB/ Frame 2E01
0
0

cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1YNN
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1YNN&tc=1
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=KiBr5w6Mdp6KaDCbClGH&pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1YNN&tc=1
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=KiBr5w6Mdp6KaDCbClGH&pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1YNN&tc=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
d26a9c4a40911239a5a6572194926819
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=KiBr5w6Mdp6KaDCbClGH&pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1YNN&tc=1
pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT, Fri, 14 Oct 2022 14:54:58 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1YNN
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L98M2PLK-Y-BTOL&gdpr=0&us_privacy=1YNN
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L98M2PLK-Y-BTOL&gdpr=0&us_privacy=1YNN
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:58 GMT
Cache-Control
no-cache
X-TraceId
db8a7f8b3dc9e8eb13d947b98d8f978d
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L98M2PLK-Y-BTOL&gdpr=0&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Expires
0
tpid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame 2E01
49 B
267 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.2.71
content-length
49
expires
0
/
loadus.exelator.com/load/ Frame 2E01
Redirect Chain
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&xl8blockcheck=1
  • https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl{%22attributes%22:%20{},%20%22agreedId%22:%20%22%22}
0
767 B
Image
General
Full URL
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl{%22attributes%22:%20{},%20%22agreedId%22:%20%22%22}
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Fri, 14 Oct 2022 14:54:58 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl{"attributes": {}, "agreedId": ""}
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIP...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
631fc3da064a25e741e3e0b58636516c
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uk%2Fp4PrnohDHg3XFCwZBgb5I547SCzq2ljEs6NBsxKodaECkMCpJibsj5xXCzZeVeY5bTHjnViHgHv%2BD7zJXMt%2F8p4K8K9zm2WUbynq3jHeVoHvdJ0y1sw30EMNqL7xNkBBgZST1Y1vbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
cache-control
no-cache
cf-ray
75a127433f7418fa-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzIzNjdEQ0YtNzRGQy00QUE4LThFNzgtMkQ3MURDREQ1QUMz&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%2...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=C2367DCF-...
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:00 GMT
Cache-Control
no-cache
X-TraceId
78eeb369219530cc1ab2a93f9d913d42
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
date
Fri, 14 Oct 2022 14:54:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN%26obUid%3DJK_w8QnTg...
  • https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YNN%26obUid%3DJK_w...
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1YNN&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&uid=1694e100-7229-4538-a7a7-05db7983f96a
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1YNN&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&uid=1694e100-7229-4538-a7a7-05db7983f96a
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
e943ee72be8ff3ec0027db2ee41c88e1
Content-Length
0

Redirect headers

date
Fri, 14 Oct 2022 14:54:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1YNN&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&uid=1694e100-7229-4538-a7a7-05db7983f96a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1YNN&redir=true
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1YNN&redir=true&verify=true
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-AJky0vdE2uGqV7F8LhdYDTGn8SY.kBZtGuPEZms-~A&gdpr=0&gdpr_consent=
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-AJky0vdE2uGqV7F8LhdYDTGn8SY.kBZtGuPEZms-~A&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
463886d2dd08d62d9e4758692181f9d5
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-AJky0vdE2uGqV7F8LhdYDTGn8SY.kBZtGuPEZms-~A&gdpr=0&gdpr_consent=
date
Fri, 14 Oct 2022 14:54:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8Ly...
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpG...
  • https://cs.emxdgt.com/umcheck?apnxid=7131516223038119427&redirect=https://sync.outbrain.com/cookie-sync?p=emx&uid=$EMXUID&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr...
  • https://sync.outbrain.com/cookie-sync?p=emx&uid=7131516223038119427brt53601665759298707451b6&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=emx&uid=7131516223038119427brt53601665759298707451b6&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
3af23c450045f92515c5d2e665ae47b8
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=emx&uid=7131516223038119427brt53601665759298707451b6&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
date
Fri, 14 Oct 2022 14:54:58 GMT
content-length
0
content-type
text/html
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEK...
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEv...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=a461fc5b-dae0-4755-b69a-465dd6e7c6b9&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_priva...
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=a461fc5b-dae0-4755-b69a-465dd6e7c6b9&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
16e21db006e9b4bc193191ac72379827
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=a461fc5b-dae0-4755-b69a-465dd6e7c6b9&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
access-control-allow-origin
*
date
Fri, 14 Oct 2022 14:54:59 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26gd...
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=240de039&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=smaato&uid=240de039&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
45bd1937ff16b904a2cf2bb78c36ffbc
Content-Length
0

Redirect headers

date
Fri, 14 Oct 2022 14:54:59 GMT
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=smaato&uid=240de039&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ReEaOnHgoQGXjR6uFFkOi7ZrawYufw3s6uLXK_kJmvn6Bo7E0QcLjw==
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DJK_w8QnTgfJuPY...
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=5095224376267906723&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=smart&uid=5095224376267906723&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
72b2df5a36240734cf3ed6e2adf1fa8f
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=smart&uid=5095224376267906723&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
date
Fri, 14 Oct 2022 14:54:59 GMT
content-length
0
c.gif
c.bing.com/ Frame 2E01
42 B
667 B
Image
General
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
last-modified
Thu, 13 Oct 2022 20:05:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B2964104CEDC42C8928B64EC25A35790 Ref B: NYCEDGE1613 Ref C: 2022-10-14T14:54:59Z
etag
"b656771f3fdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB...
  • https://sync.outbrain.com/cookie-sync?p=synacor&uid=34407F43C3FE4EEB80AABDCB94E5E702&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&us_privacy=1YNN
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=synacor&uid=34407F43C3FE4EEB80AABDCB94E5E702&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&us_privacy=1YNN
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
9bb2f51ba918c0a06a651c036a5734e9
Content-Length
0

Redirect headers

date
Fri, 14 Oct 2022 14:54:59 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
location
https://sync.outbrain.com/cookie-sync?p=synacor&uid=34407F43C3FE4EEB80AABDCB94E5E702&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&us_privacy=1YNN
access-control-allow-origin
https://widgets.outbrain.com/
x-varnish
480091778
access-control-allow-credentials
true
content-length
0
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://id.rlcdn.com/711945.gif?cparams=obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
4f2d60d87438b749b2a0a2f700ba7ec4
Content-Length
0

Redirect headers

date
Fri, 14 Oct 2022 14:54:59 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1YNN&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DJK_w8QnTg...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=0&gdpr_consent=&us_privacy=1YNN&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3...
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_...
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=centro&uid=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:00 GMT
Cache-Control
no-cache
X-TraceId
3603e20cd978bf53f1114628588219b0
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.outbrain.com/cookie-sync?p=centro&uid=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&uid=U5OdMFKYnTtImM9rAZWEaFWQnjpIls9tV5F8_G8y
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&uid=U5OdMFKYnTtImM9rAZWEaFWQnjpIls9tV5F8_G8y
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
118aaebc3086d22f0fe047856dfbd32d
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&uid=U5OdMFKYnTtImM9rAZWEaFWQnjpIls9tV5F8_G8y
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%7BuserId%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS...
  • https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid={userId}&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN&ev=1&us_privacy=${us_priv...
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid={userId}&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN&ev=1&us_privacy=${us_privacy}&pid=562709
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Cache-Control
no-cache
X-TraceId
a23f099ce02fb53c4de0ce683d3bd519
Content-Length
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid={userId}&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN&ev=1&us_privacy=${us_privacy}&pid=562709
content-language
en-US
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7b8b47d95b-wrqgr
expires
-1
cookie-sync
sync.outbrain.com/ Frame 2E01
Redirect Chain
  • https://trace.mediago.io/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3DJK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl%26g...
  • https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:00 GMT
Cache-Control
no-cache
X-TraceId
e1030807b799e401e74b2cef08054ca7
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl&gdpr=0&gdpr_consent=&us_privacy=1YNN
date
Fri, 14 Oct 2022 14:54:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209
content-type
text/html; charset=utf-8
jquery-3.5.1.min.js
assets.bounceexchange.com/assets/bounce/
87 KB
30 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:56:05 GMT
content-encoding
gzip
age
1036732
x-guploader-uploadid
ADPycdtX0BD3MYfx7-1u_XrubrAx4msmoNGVFgyPH2ecnLAg0bGm5GyeifIY7KdYuVlS6Nd1oxVb41nQzgM58OyyLEUW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30848
last-modified
Thu, 29 Sep 2022 17:52:53 GMT
server
UploadServer
etag
"78e97aec0fef1dd96fc25419d318cfeb"
vary
Accept-Encoding
x-goog-generation
1664473973127420
x-goog-hash
crc32c=Y8y2bw==, md5=eOl67A/vHdlvwlQZ0xjP6w==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
30848
accept-ranges
bytes
content-type
text/javascript; charset=UTF-8
expires
Mon, 02 Oct 2023 14:56:05 GMT
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame 956F
2 KB
1 KB
Document
General
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
650456
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
gzip
content-length
1055
content-type
text/html; charset=UTF-8
date
Fri, 07 Oct 2022 02:14:01 GMT
etag
"2de40e07a789384bf01558cacec7d826"
expires
Sat, 07 Oct 2023 02:14:01 GMT
last-modified
Thu, 06 Oct 2022 20:12:15 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1665087135347383
x-goog-hash
crc32c=ViyTnQ== md5=LeQOB6eJOEvwFVjKzsfYJg==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
x-guploader-uploadid
ADPycduF0rF0AhvpwXkE7N-v0F1LsVFJFHgPLaZUgUQVzzmh0u256DZS2nWjF6cy655v1K6J4vrhAFcp8DgribD-solJ
graphql
graphql.verticals.api.cnn.io/
56 KB
7 KB
Fetch
General
Full URL
https://graphql.verticals.api.cnn.io/graphql?variables=%7B%22edition%22%3A%22domestic%22%2C%22url%22%3A%22videos%2Fbusiness%2F2022%2F08%2F10%2Fmoderna-ceo-stphane-bancel-vaccine-future-orig-ht.cnn-business%22%7D&extensions={%22persistedQuery%22:{%22version%22:1,%22sha256Hash%22:%22c63d8564edbc79bd61a5cf4c21adbfee532c23b7a8d455e22fb731f63ce22a9d%22}}
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f532b34382ae0d1f4099fddefac3c000bfa0d044e3fda50bc8e6467fd87decfb

Request headers

accept
*/*
Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, MISS
content-length
6729
x-served-by
cache-iad-kcgs7200143-IAD, cache-ewr18177-EWR
x-timer
S1665759298.919695,VS0,VE377
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0, 0
pr
s.amazon-adsystem.com/v3/ Frame 41DC
2 KB
3 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d6bc84371e722005a1cc2f0d2cf5392355b02667188face67dce065343feee20
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2126
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 14 Oct 2022 14:54:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
AERWFHG4T0RYGCMAGH86
js
registry.api.cnn.io/bundles/fave/latest-4.x/
227 KB
78 KB
Script
General
Full URL
https://registry.api.cnn.io/bundles/fave/latest-4.x/js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
868a35dc62791b1969e1675b116e1bd11586851987be72a7e33e41b44ce88d29

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
H7V00FZ74BCZCXZE
age
1932
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
79300
x-amz-id-2
Xf8y+Ay1ndVFrzVud7PqjV0ZxvDaCdgcrILzM2zSHdN8MHiK4WMLfTKJQMoLWOCtW3Vc1qhlj0g=
x-served-by
cache-iad-kiad7000114-IAD, cache-ewr18150-EWR
last-modified
Thu, 13 Oct 2022 22:53:57 GMT
server
AmazonS3
x-timer
S1665759298.976220,VS0,VE0
vary
origin,accept-encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
705, 779
usertiming.min.js
cdnjs.cloudflare.com/ajax/libs/usertiming/0.1.7/
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/usertiming/0.1.7/usertiming.min.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b83161dee76d812081fcb607f48ed273e13719f801237a0d32d1e41012a389
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
138049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1216
last-modified
Mon, 04 May 2020 16:17:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04016-13aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wV7o0gq0ZZdiCsLOw%2BMAcinHNCKnVPNA%2F8dVDObKfzIfbXpmSMTZSV7wGYla5NeOgkbj4UrTC0avGVaSVcEWoqwb07pRCksryIBC0KLBMfxhKVMGvdl29W9Fbp0pJMDNzRg7MnqvWyxwID0RVxjWHuUS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1273c5a66d15b-BUF
expires
Wed, 04 Oct 2023 14:54:57 GMT
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/
2 KB
3 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Sun, 13 Nov 2022 14:54:58 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/
3 KB
3 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 13 Nov 2022 14:54:58 GMT
l
mcdp-nydc1.outbrain.com/
2 B
292 B
Fetch
General
Full URL
https://mcdp-nydc1.outbrain.com/l?token=9cca1e1cb9e58caa374e4e914893b662_185_1665759297474&tm=1911&eT=0&widgetWidth=300&widgetHeight=483&widgetX=1050&widgetY=3376&tpcs=0&wRV=2000910&pVis=1&lsd=486b77bd-d47b-404e-8979-7206b9b4c94d&eIdx=&ccpa=1YNN&rtt=795&oo=false&ab=0&wl=0
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 14 Oct 2022 14:54:58 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
44383ce982751dd23f89387321ff809c
Content-Length
28
Content-Type
text/plain; charset=UTF-8
vidget.js
libs.outbrain.com/vidget/
279 KB
66 KB
Script
General
Full URL
https://libs.outbrain.com/vidget/vidget.js?e=1
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
53fbcbbbe94c8ff9e31d33bdf945f991bd258b2134bd88b55a17ec7cd6db5af0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 11:17:19 GMT
server
AkamaiNetStorage
etag
"6de5c30d0bca2b8583539f5fb066c10b:1664796222.836188"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 14 Oct 2022 18:54:58 GMT
icon-vi.svg
widgets.outbrain.com/images/widgetIcons/
229 B
505 B
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/icon-vi.svg
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c1179965bbbc155a93a33852b756160ec48f09d26d41f96273d14f732fa74c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"91990280dce13a095a0da3a6b2fc6816:1662969041.773759"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
182
expires
Sun, 13 Nov 2022 14:54:58 GMT
BlockBlue.svg
widgets.outbrain.com/images/widgetIcons/
566 B
871 B
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/BlockBlue.svg
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e72f0926b3418896301bda925b636ad884f5bf18f54308383ae77522ca5cd9a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"67fffe0e5c5262bfb3fb57a8d8d69fbf:1662969027.986981"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
566
expires
Sun, 13 Nov 2022 14:54:58 GMT
ChevronRight.svg
widgets.outbrain.com/images/widgetIcons/
524 B
828 B
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f8d6148b07b2251c53a2605a003b1d29babb8154c5abd0bde0f7e8a800f2dfd9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"c1dc41410784b37a37e29a21baf9aa1f:1662969028.698646"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
524
expires
Sun, 13 Nov 2022 14:54:58 GMT
icon-x-white.svg
widgets.outbrain.com/images/widgetIcons/
559 B
863 B
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
06ffd9e17bd41822b9a7b982a8ff486fafa54f7781baacb6ef3507ae7f9b36b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"854eb39a3d94a8ec9977261db0c8acc8:1662969042.351779"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
559
expires
Sun, 13 Nov 2022 14:54:58 GMT
Close.svg
widgets.outbrain.com/images/widgetIcons/
765 B
1 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/Close.svg
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c2c92cde33538b1187bedea3d0b6d5141e4222eba8092476339aa080cee759ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"f740f788e2e26736856f7a3a12457a63:1662969029.343348"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
765
expires
Sun, 13 Nov 2022 14:54:58 GMT
get
odb.outbrain.com/utils/
53 KB
15 KB
Script
General
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html&idx=2&rand=22675&key=NANOWDGT01&widgetJSId=AR_45&va=true&et=true&format=html&lsd=486b77bd-d47b-404e-8979-7206b9b4c94d&lsdt=1665759297175&t=YjQ4YjFmYzAyYjUyYjI5M2M5MDgzYzMwODFkMGUwMzg=&adblck=false&abwl=false&px=1050&py=3898&vpd=2698&cw=300&activeTab=true&darkMode=false&seid=6c791484-2d5c-c50c-0000-0183d6fdbce6|533|1&ab=0&wl=0&settings=true&recs=true&version=2000910&sig=ytnWbWuT&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1YNN&ccpaStat=1&aqp=utm_medium%3Demail%26utm_content%3D229722043%26utm_source%3Dhs_email&ogn=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.38.132 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ace439e1c5b2d75e5937d932c74bad9cdcc17667292db07d70b843a99dec8c67

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
via
1.1 varnish
traffic-path
NYDC1, IAD, USA_EAST1
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
fa80cb8fbaa0915362766abb2e7dd48a
content-length
14792
x-served-by
cache-iad-kcgs7200049-IAD
pragma
no-cache
x-timer
S1665759298.057745,VS0,VE60
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
eyJpdSI6ImRjMzk4MjE1MmYxMDBmZTViM2VjOTQ2YWU4OGQ0NTA1OWZhZTc5NjlmNDI1MWVjMzk1NGY3MzRlOWUyZDhhNTUiLCJ3Ijo0MDAsImgiOjIyNiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
65 KB
65 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRjMzk4MjE1MmYxMDBmZTViM2VjOTQ2YWU4OGQ0NTA1OWZhZTc5NjlmNDI1MWVjMzk1NGY3MzRlOWUyZDhhNTUiLCJ3Ijo0MDAsImgiOjIyNiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0d7ec608ef9c081362c8d518e638f76128e40d8682c03e0675fec77425a88bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
last-modified
Sat, 24 Sep 2022 04:52:19 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1682007
access-control-allow-credentials
false
x-traceid
f412ad977e8b08aaba05bec16f20f6e2
timing-allow-origin
*, *
content-length
66242
eyJpdSI6IjI5NjI0MGNmN2QwZjc2ZTc2ZjI3NjVlNGYyMWUyOWFiN2ZjMjNlY2RkZDFjYmRlMGYxOWUwZTBjNmZkNDBiNTYiLCJ3Ijo0MDAsImgiOjIyNiwiZCI6MS41LCJjaCI6MTc3NDAxNDc4MywiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/
32 KB
33 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI5NjI0MGNmN2QwZjc2ZTc2ZjI3NjVlNGYyMWUyOWFiN2ZjMjNlY2RkZDFjYmRlMGYxOWUwZTBjNmZkNDBiNTYiLCJ3Ijo0MDAsImgiOjIyNiwiZCI6MS41LCJjaCI6MTc3NDAxNDc4MywiY3MiOjAsImYiOjR9.webp
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f993f56ff55ed0cc0d296f2e2c611553d2eba6d71ebd89f97f60908eaac0e4f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
last-modified
Wed, 27 Jul 2022 19:42:51 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1335938
access-control-allow-credentials
false
x-traceid
7ba739ee7e5827aff37bf94bf169e5be
timing-allow-origin
*, *
content-length
33012
eyJpdSI6ImVjNGI1ODA3ODgzNzlkYjAwZWM1MmQ0OGRhODA5MGEwYjU4NzBmZDRhZWE4YzNhZTA2MTRmYzIzNTM2MzNhOWYiLCJ3Ijo0MDAsImgiOjIyNiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
14 KB
15 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVjNGI1ODA3ODgzNzlkYjAwZWM1MmQ0OGRhODA5MGEwYjU4NzBmZDRhZWE4YzNhZTA2MTRmYzIzNTM2MzNhOWYiLCJ3Ijo0MDAsImgiOjIyNiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23d73ca140f265ab3584cbc9df6312d8f99128def40bc2117c5c053d877c1e0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
last-modified
Fri, 01 Jul 2022 14:42:35 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=376092
access-control-allow-credentials
false
x-traceid
e667021cd8db855a694bc554a954d909
timing-allow-origin
*, *
content-length
14628
view
googleads4.g.doubleclick.net/pcs/ Frame 1806
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7ehslvCHfPzKuz-mx-IuUz64lNi5p6IjGElN8VJfkaoAWJSCByBV-totUNrZL7BH_jl3Ag_nePoWl_o2Q3fNfITJrvT3yNGX2f0cIOllD95kqaxXIB8Y4N-QpU6qCktqu6U71RPNEHlFklUsMWMkGESy853ZG7wZiOvjHZrvt25NMmUOShiub2tHIguQZqzSsoowlWUUfM9ijPKEb301o4jRVGvyUDFmiJljoc1d70c8_jPgWzCkcWZZyOxytFXyaI1zSwymRcBoA5rSNev99SOlHtwO2imHeMQxntumxJ9otjy_hWTDMyy2Ic1Js8WoJoGshOzKtvUfJWtc2GH8W4Yi8EBj3s9eu8zjEE8_1MAZbdNSd3zxmig&sai=AMfl-YTj8Me3txe0u5E2AO0eQ2nDdh_oKaGQK8YoHrbduQsTcZt-upygDPo4yazpQrtf3YurNUm2OKZ5iyjBVWwXZ6JAv2pUTJK8nzkbHDgrn75w50fqp-WsCAmeGHouVDDCnAFQzQ&sig=Cg0ArKJSzNYc08_zhtvDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/993073/65715864/ Frame 1806
46 KB
12 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/993073/65715864/skeleton.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
/
Resource Hash
ef9fb965f39111265d183ba9b09e88629ee8c9ac196fdda72cdc3a3bbfa23c7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 1806
106 KB
38 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 21:41:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61986
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Oct 2022 21:41:52 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 1806
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2640
x-xss-protection
0
server
cafe
etag
2603454828624189567
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 19:05:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1806
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 23:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 23:13:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1806
152 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 14:54:58 GMT
container.html
12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4524
6 KB
3 KB
Document
General
Full URL
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:54:57 GMT
expires
Sat, 14 Oct 2023 14:54:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 25A9
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrCQxuxX_UHGXRlRJahTe4_GlTmx5754HquyXu-VEzZ6lcJwdWOFmXoqWqaYzNApQJY0j92oTo0BBE7VDRhVkkUNSGCw-FERDNmQDpHaHUGW7qfhEhXzqatodv8fx9w52J6WPrEAd63tgVdiP-2rFYiAYNMPGK8p6v5H9JfV-tF4_eNHXW0fDeTCtlWVuMcbmoFl4wG4gYDl9ZV-dzHmSmD33To-l6ZUM8iTsBMkRoMkvATwVMNgF888gVoJWa2gv7NH2o5XwrvH6zXkdIegQ8ojaAxjef4FD7QHuFObvIAcW5C0dwgCKwbzUD1lpYQzJ-lPomIPPSJ8MCEkc_8c90wZeHtFQogOiq5JPO-OtNHwVaDUGB81JzBw&sai=AMfl-YQRNTc9UEdYvczgsnD5p_opA9tv5cfRwjXWgDaYlmaKpk4g0xvChU1o01ELjV97nIVTbf25kRKqCyhfVd429_FeoMGc3IyL_oXBclFfPrHF5IMMc_JGzFYcWtRvH39SGMog7g&sig=Cg0ArKJSzOc3XDpU2kFZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/993073/65715865/ Frame 25A9
46 KB
12 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/993073/65715865/skeleton.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
/
Resource Hash
1f513072aed1d6585ccb6fc01b0db68ded7c5937ddc58c5997b34cf68c20b84e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 25A9
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 21:41:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61986
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Oct 2022 21:41:52 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 25A9
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2640
x-xss-protection
0
server
cafe
etag
2603454828624189567
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 19:05:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 25A9
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 23:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 23:13:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 25A9
152 KB
46 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 14:54:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7E61
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-h2eajsHW2_j8jrhdpUNIFpkqyZ148Y3z2KbzSrblVghrCiqvwJAs3TuRdYMvdRGCHA2F1xk3aE6BbC436cOkKJJw25bsBT-Xsej0CAdwO2dXzcWRKXJyaWBfttJ0jT8Jc2iycgFIe-7Ccmb4GQHs5WWtXIdpxrX4Rhw0mmoFrILc2FRtXnLMXcqtApFrla6OxkSFq5UGRt2_J7lrjMTFdCqCw_mkBJKhmgf_UG_s_n4JhMDNnFxT56_gSGZzw_42TzUix0xOdKWc__tbT82ws3cn-3jS3_TRugKmzx5MtMhVw-SwH9gUAoW8VpOrJR0HTCN-CyWp9P9AJUmK6JOtiwGRwvRYC0v0l8XH2h-84RoAdLSr46xF5Q&sai=AMfl-YQiO0dObUWkjbYdOohG357d_tLfmNMoQyu_0nHEhXXfz_Mn-tUH2kecEO_DDOOWX7crldFzNmBjOailCDu8BZhYvu-LxSLlWUMKScSnO5WIV27qawJtHYQ7tq7MVAzyfPAfAg&sig=Cg0ArKJSzNIjOXtg5hPxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/993073/65715865/ Frame 7E61
46 KB
12 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/993073/65715865/skeleton.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
/
Resource Hash
80745628bfdbb2a2d6484c179795e8acbd868ad1265cd2dc18fdd73c1dedd2f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 7E61
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 21:41:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61986
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Oct 2022 21:41:52 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 7E61
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2640
x-xss-protection
0
server
cafe
etag
2603454828624189567
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 19:05:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7E61
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 23:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 23:13:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7E61
152 KB
46 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 14:54:58 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5B50
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2be7007304d4de5039a8583f848d851f30759d225aafc7b57d3905af3be46ee8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75a12740db3618fa-EWR
content-encoding
br
content-type
text/html
date
Fri, 14 Oct 2022 14:54:58 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8G3ZaOgvYj1tfFGi6lWojQWqLHaUuMIEWWaS8lOAEZIHQZVYJyRHyS4ORizIMiSKofShVOqgTp%2FKphADjPbTyu8I1G61fRHfq4EDv5uA%2FiuWf7Lbs9IughZAWhqFGp3ffl%2Fe%2FYBT%2FruaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75a127402fbc9e04-EWR
content-length
0
date
Fri, 14 Oct 2022 14:54:58 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEpiY1BBxjeCS0kUdYQGgdDPWNsCSn8cIC1lGSnsiGQIc8q9A%2B7vUaTRUgYVgmh0mug9nn4lIZ7wIAVWNr%2FXZBvKO%2BREwF9sWbU2RATEs0pu0R5valPxB1%2BjMq9zWpUiD%2FkY0qXaYqUTWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D54A
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=57899
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 14:54:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 15 Oct 2022 06:59:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame FA2F
885 B
743 B
Document
General
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.185.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-185-7.compute-1.amazonaws.com
Software
/
Resource Hash
75676110c4c61bda7bb44a1e6f17d8368b3739537559e5aa8e8bfa353e2e09e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 14 Oct 2022 14:54:58 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame AC33
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.7.104 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-7-104.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 14 Oct 2022 14:54:58 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame D09D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ieDlRaG5wRTJ1THZYeXYzdWVmc3FzTDVZMGdMSkFYMn5B
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ieDlRaG5wRTJ1THZYeXYzdWVmc3FzTDVZMGdMSkFYMn5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 14 Oct 2022 14:54:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9QVR0CBR4RCKQSZG2240

Redirect headers

age
0
content-length
0
date
Fri, 14 Oct 2022 14:54:58 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ieDlRaG5wRTJ1THZYeXYzdWVmc3FzTDVZMGdMSkFYMn5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame D0ED
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOr-_kkCxKiLdZTD1zDwb7sMDfY5Ck2aaUJQVxPQ
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOr-_kkCxKiLdZTD1zDwb7sMDfY5Ck2aaUJQVxPQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 14 Oct 2022 14:54:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
R6Z7YH0HTMFVSHZYRYNH

Redirect headers

date
Fri, 14 Oct 2022 14:54:58 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOr-_kkCxKiLdZTD1zDwb7sMDfY5Ck2aaUJQVxPQ
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ecm3
s.amazon-adsystem.com/ Frame B6F6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=7131516223038119427&ex=appnexus.com
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=7131516223038119427&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 14 Oct 2022 14:54:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1JSBVYGE7AKC23Z8NCYQ

Redirect headers

AN-X-Request-Uuid
f94e2c0e-8344-4645-bd75-5acdf36873cd
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Oct 2022 14:54:58 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=7131516223038119427&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
96.9.246.197; 96.9.246.197; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame B3FA
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1313157157490509546917
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1313157157490509546917
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 14 Oct 2022 14:54:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
7PD625MW9313F7PMS0D8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 14 Oct 2022 14:54:58 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1313157157490509546917
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
reg
receive.wmcdp.io/v1/ Frame
0
0
Preflight
General
Full URL
https://receive.wmcdp.io/v1/reg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.29.249 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9e7aba54de614616.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cnn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
content-length
0
date
Fri, 14 Oct 2022 14:54:58 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
reg
receive.wmcdp.io/v1/
0
165 B
XHR
General
Full URL
https://receive.wmcdp.io/v1/reg
Requested by
Host: lightning.cnn.com
URL: https://lightning.cnn.com/cdp/psm/i/web/release/3.1.2/psm.legacy.min.umd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.29.249 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9e7aba54de614616.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 14 Oct 2022 14:54:58 GMT
cache-control
no-cache, must-revalidate
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST,GET,OPTIONS
putRecord
zion.api.cnn.io/bridge/v1/
133 B
466 B
XHR
General
Full URL
https://zion.api.cnn.io/bridge/v1/putRecord
Requested by
Host: verticals-static.cnn.com
URL: https://verticals-static.cnn.com/travel/assets/0.a854a62bd42e1349f04a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.188.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-188-160.compute-1.amazonaws.com
Software
/
Resource Hash
d28e7b3a596ad8361ab4d58bb00b69645642829cd3260a2d83f564ceaacb8d2a

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
x-amzn-requestid
bfc97719-cdf6-4e19-8f5b-c84714618617
x-amzn-trace-id
Root=1-63497842-69c711337e118bf729605db8
access-control-allow-methods
POST,GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Z_-6bE95oAMFnnA=
content-length
133
access-control-allow-headers
X-Graphql-Query-Uuid,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
putRecord
zion.api.cnn.io/bridge/v1/ Frame
0
0
Preflight
General
Full URL
https://zion.api.cnn.io/bridge/v1/putRecord
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.188.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-188-160.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cnn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
X-Graphql-Query-Uuid,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 14 Oct 2022 14:54:58 GMT
x-amz-apigw-id
Z_-6bFnsoAMFmvQ=
x-amzn-requestid
b59d8e57-c99e-4eca-b68f-4f35983afa82
jsdiagnostic
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:925660&sessionId:8b58ae31-0700-2e48-f6ab-3dbec1ce5946&err:responsetime%3A338%26probability%3A10
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
server
nginx
x-server-name
app09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
publishertag.prebid.js
static.criteo.net/js/ld/
88 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Oct 2022 14:54:58 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4524
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
URL: https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 12 Oct 2023 19:31:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4524
152 KB
46 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
URL: https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 14:54:58 GMT
usync.js
eus.rubiconproject.com/ Frame AC33
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.7.104 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-7-104.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5b2974bacfa07ea37066aafe414ee78e9499e4fbc2e51837b64fc031418cf179

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12437
Connection
keep-alive
Content-Length
9424
Expires
Fri, 14 Oct 2022 18:22:15 GMT
utsync.ashx
ml314.com/ Frame CCE0
270 B
292 B
Script
General
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=748&ct=js&pi=&fp=&clid=&us_privacy=1YNN&cbo=1&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcdn.krxd.net%2Fpartnerjs%2Fxdi%2Fproxy.3d2100fd7107262ecb55ce6847f01fa5.html%23!kxcid%3DITb_4eqO%26kxt%3Dhttps%253A%252F%252Fwww.cnn.com%26kxcl%3Dcdn%26kxp%3D&pv=1665759298433_gprpd6itm&bl=en-us&cb=5017394&return=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Ffp%3DPIzqpAw5%26person_id%3D%5BPersonID%5D%26eid%3D748%26return%3Dhttps%253A%252F%252Fbeacon.krxd.net%252Fusermatch.gif%253Fpartner%253Dmadisonlogic%2526partner_uid%253D%5BPersonID%5D&ht=&d=&dc=&si=1665759298433_gprpd6itm&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.cnn.com%2F&v=2.5.2.2
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?1492022
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
edef143f2ba46d981cd4540961762c64bb8b9ef3f0b40a287573f8b4de14eeff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:57 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270
expires
0
init1.js
cnn.bounceexchange.com/bounce/
102 KB
19 KB
Script
General
Full URL
https://cnn.bounceexchange.com/bounce/init1.js?wklzs=3187&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDZCBWAdhIE4AmSgDjLIBZNgAvEKABkwHcBTAEY5UwfgH1UAEygBmJjwBO-HCAA2cNBgKEuXAB75qezMpj9FyxVGwBDNWtQIA5uLiK1UABbBgABxwAUlkAQUDqADFwiN5YgDokBAQEkABbaOBFWwA3fjVo20U0JDV+aKQQRQwc1EU4HABaNNQkKoQGzJy8huzbJCQnfgavfntgLwaBBwQVIMinKX59OJ9U-NkIzVTxVP4pVDh02QARflTbVHzqQnEvHFTUYOPqWjIXriZZcJu7-mQnvzUEIAOQAjuwGpQEPh8M4uAB1GA4JiEABCgkEAFU6Nl9CEAEoANWBAGFUsdnCQAFoAWWcIX4MGyJCIJDUAGt8TSAJoAFQiITovIAEhBuQBpVIASQACrzLMLdiS1BFxeyQDSAFLAaiydnHTEykARXmYuDi4H4KX6HDAKUNYU4KQ4AAavPxmrgslR8OOdHuAE9CeIpUKIN8tuIKggxDGni9KG9jJ8I8Btqp3Egyic7uIzhc1JhsqgRMAoyAQOzUPwoIEyKjwtQ1H5G8Ewi8fP45iRQuESJE+5FYrwEkkUulqP2Ip1clcp4ViqVBxEKm0anVGs1WhgOllZz0+gMZsNRmpxpM8moZjhu-MEItlqs5xtI7t9oc+yd85dBz97o9JxOBMkw+L5J2uW4cD+JBP2OQEQXBNhIWhWEESRFF0SxHE8SJUlyUpWl6UZZlWQ5Lk+QFIVRQlaU5QVJUVTVDVtV1fVDWNU1zUta1bXtR1nTdD0vR9P1A2DUNeXDcDCEjaNY2AWDgPeFNpMjDNFCzWDc2-K5qHCElG0UVtexeVsyGObAKyrGs6wbF5smMsJ60bCpUj8UoxCkcQRGcBA4BbUzQhgewoP0xs1FsW1vNmdAEHEYspEc4K1FC6gDJeKCb1i8tEAUwKQi4MKMrgQQHl8PY3HvCwcFXPYkpCso0sbHASrKzzxAEWxxgseqUsa9LqBa0rRHa7q-BAJw8r0oKGqKwbWpGirguUPYcGcNQQEEexBEUasYCcZxetSgahrairlBas8cEKfgnCO-rmoW8qvP23JxgOuZppCZLjse4bnvERxzEETRnBWmYjPyn6HuK-72uURxbEEUp1KzT622hubTsWry-CqbJK34PxqrgWxFnurGnva5wK2dYA4BgGAKaa2Gzq8kgKmu9GZr6ym4YqxxcgS-gQGZk6qYqhZUFsewLGAbnvtmln5v5rzBEZSp+G69WHDFv62ckNzRiQLxdjjKGlfF1WdlGBBeC8S5Gq+zHlexgHdlsO2HdKSaRgeKQpFKUZbT11mcfEHbRirFwZl4BWXatg28n4FBYqzGMeot3nXYlrzV2qYsN1DlWDftrqdi6sRFHjy39fDxJoUKrPfrDgHeEqdlOgQHAYEqN9i7d9qEFQZwfCQWwAud2vW-akGRGvGvs8T8OcCDyeMenkuV8yWYB9zyRgHsAM9+t8a-EB1BzBPg39uABfr-Dmc8g6-h+HZNRj+bmGt4Bmrq2QJ2G8l51wBibJwtgH4AyqAGew4hY6Lxbj-eGfRAE80QYPCqYBgCCCsiUEqkD2qFCRi0COyhbDR1cPAghFVRhln7l-PmNVdrqy8vAjyVcB5iAcIUcQ7kuq90UBOKewCZ4VU6t1RQggKbmTrBZXo1cADaiwcCdxAOfMm8USyoGRvwAAurABqRZCg4AUQuFopReG2GcHoqAmQ4D8CMYomAEVnA4AdufKQaQLgIH0XYhx8iTGpAwPwAM4gzElAkH4KxNjoaOJMVBVOGA4G2F2Po2JASFGgBwGkwxGTXLuS1hVHyfk-A5L6nEhRwsQC8IigGA6ZSoIVMjuQg6cD+Bx14RdP4wAGn+OMQooJMxQm2E0F4So+jUSfy4OKLq0twhcGFFrDhLMuAkmBMCCpOBiYDFgeE0ovSKkRSiplEQSSEoHIySc7KFRcr6J4BkraSB2T7QcOIRY7kQABjNj0mwGSpAwEBG8wpKB9EIBAGWMhUgAybP3ogRY1dapSAuf0jBXlxEjEUMixRqLxBjQmjGLF8T97LVfs6dam1tq7UZPUgx5TLn7wunAK6N0nCEoUTi16WsHYuGybSxp9LrZAyEKDcGFg2U4oRtLHRqMVDiv3njEABN2RExJmTGJuT+leEit5febCllir5X07F+8aYgDpgzGAcrrYcxAFzNlclum4oDMTK1BtBb8Cqa68OUsZalCKLy9JKL97qwEVyoQl42V-CkOPc+fCszfKjCMJ5XqAaoCNn0U23SU3tQ9l7R22aKq5vto7X2ZxpCB1fpFH5gbjXW2aRQ+BBavLJ0SQAjOmLDUwutvnBA656hNo6lquhldqoDobvgLgA726KE7lkbuAi3wDuHqPYAMaB1z0GDeAdq9X6lM7QKg2toLoBo1bWg2ogj4DrPhfcwA7b4LwHU-NQL834f23QMaC6q6VBu7dy2wA7oGwMbfun9BsshZgHVgnBlY8GCAHUQwQJD62tOAzWol1taE2yRSBxRoA-AkOkLy6gMoSQAHF5nEZJFEYwERUQABl5kkFI3ZLgZAIDpS4BEIU8zxTikJPM+jDHjD0eFPMtjABleZ9AhNcFkMKJuqyTTzKYMKXkVIxPHHI8YYUwoZNMG5GRijmoZRkGUwZ0TxhKMcaYPiEgmoxMukIMp4U+IHMkHmXQY4FnWNkEIGpqT1AXTzMIDSGUymIA0gE3RoLxgyA0j0sYSg8J7n9KcI4GYeZziXHEL3JA9Q9hsvqK06s4hKh5ikNYtlUrcVqJIYfVx+j8BMHhFJLgTXCTHHmfgEgXAYttaYLyfjxhutcDoF1-T8Ius9cm8NkgdGxuza4JqTZjq8N1asbyogqIyBNOrjAGr+GkC4o241ubYXZt0Zm21kgMo6MVIbuWSs1YT3fsUWCqMG0oKWKimgXYMAsipNsXUI1JiHs028mM3gaBgD7N+T+ph2iKp6vKh2tD7KuERUUDU-hfdxUpy0HFYAzqbGeN2LaFoFS+hoFyNFZw3yp20IxXBnD8Txrd01l5PZX7+X9LhdVRF3k2eqGru4tlajfuoDYHkUJeMVBZv3YsGA7KSoI5YW0uO7CDXpMV+jy8PC+HAAXQcioT2JCgGqZj6xnbBB+G4JgLWtuFG6MwH4eWNh8mIwATllxvytVQCAA
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
cbe5bbee2b9a60052bea16aea3100aa41aaca657ae66af6b0c2a9097fd8fb5ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 14 Oct 2022 14:54:58 GMT
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
65
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
optout_check
beacon.krxd.net/
81 B
240 B
Script
General
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns._default.kxjsonp_optOutCheck
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
15be68e990be0ec60f4cd0baeb01ebfb13e3b0666c9b127e0f6b8d3895cbbb1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n029-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:54:58 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=26 t=1665759298
content-type
text/javascript
get
cdn.krxd.net/userdata/
367 B
509 B
Script
General
Full URL
https://cdn.krxd.net/userdata/get?pub=e9eaedd3-c1da-4334-82f0-d7e3ff883c87&technographics=1&callback=Krux.ns._default.kxjsonp_userdata
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea3f0c72d90e6dfaeaf10473d2e3ab7138a5e16081807bb53bf25c119be435b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
userdata-a009-ash-prod.krxd.net, cache-ewr18151-EWR
age
0
x-timer
S1665759299.869866,VS0,VE12
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
content-length
281
x-cache-hits
0, 0
css
registry.api.cnn.io/bundles/fave/4.15.4/
100 KB
18 KB
Stylesheet
General
Full URL
https://registry.api.cnn.io/bundles/fave/4.15.4/css
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39e25f1f874faaf89cea5a4722d143df1444e2c2fcc653b28366f866b206472c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
QTFGW3FN4G5PYDKE
age
2099
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17563
x-amz-id-2
LJotTpV6udl/jk29RuOjwzMwyjHcHeUsZnkO6R9ajyipIAJ/kgst4utNU/ROobbLpSMUb90ZlMw=
x-served-by
cache-iad-kiad7000112-IAD, cache-ewr18150-EWR
last-modified
Thu, 13 Oct 2022 22:53:57 GMT
server
AmazonS3
x-timer
S1665759299.946495,VS0,VE0
vary
origin,accept-encoding, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
1086, 597
vendor
registry.api.cnn.io/bundles/fave/vendor-8cd0b0d8/
971 KB
275 KB
Script
General
Full URL
https://registry.api.cnn.io/bundles/fave/vendor-8cd0b0d8/vendor
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6938b419ee2325f0617b7873bdd313503a4d3e67f6fba54326c70197429c6cbd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
JRW25PGMJ1WBEY58
age
1347
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
281364
x-amz-id-2
unQlEgmCvXbDOdLX8CzoKqb1banogHhn2Nsbu+niMDGneu2DtEasunP8+2TdPT8RDbZo0h7j450=
x-served-by
cache-iad-kjyo7100071-IAD, cache-ewr18150-EWR
last-modified
Thu, 13 Oct 2022 22:53:58 GMT
server
AmazonS3
x-timer
S1665759299.947295,VS0,VE0
vary
origin,accept-encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
628, 403
app
registry.api.cnn.io/bundles/fave/4.15.4/
23 KB
7 KB
Script
General
Full URL
https://registry.api.cnn.io/bundles/fave/4.15.4/app
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a3b6d8d430b9350c312645161680f1f6c3363e68edfba287500c532d095bbaf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:58 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
D8PA27TTD56E8CRQ
age
2140
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6308
x-amz-id-2
meVdcu5RzN6lycgm7F72Fygvn0B7ay9GbtxiEg3zESU9CWseOC4P06ff/55Uc44NAppM1MEvrF8=
x-served-by
cache-iad-kjyo7100104-IAD, cache-ewr18150-EWR
last-modified
Thu, 13 Oct 2022 22:53:57 GMT
server
AmazonS3
x-timer
S1665759299.948214,VS0,VE0
vary
origin,accept-encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
2, 1143
cnntravel-semibold.woff2
www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/
56 KB
56 KB
Font
General
Full URL
https://www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/cnntravel-semibold.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6b4795935173dd8879c4892909ac59f2be2f6bc3f6f8e8448d3a72dc5dd9ac9
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 14:54:58 GMT
x-servedbyhost
::ffff:127.0.0.1
age
2442801
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
57040
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200025-IAD, cache-ewr18149-EWR
x-timer
S1665759299.975107,VS0,VE0
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
94, 618
cnnsans-regular.woff2
www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/
45 KB
46 KB
Font
General
Full URL
https://www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/cnnsans-regular.woff2
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
67e8269cd944134ebe49deda2f7b3c76fba0b2b97037c8649d0a411007de23f5
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cnn.com/
Origin
https://www.cnn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 14:54:58 GMT
x-servedbyhost
::ffff:127.0.0.1
age
204722
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
46464
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100114-IAD, cache-ewr18149-EWR
x-timer
S1665759299.985557,VS0,VE0
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
8, 13947
aniview.js
player.aniview.com/script/6.1/
28 KB
10 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1400:d:592::2c79 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
756fc7dbf6e4ba97c61ad14913289b7cda96f360cd385aad2e82f8311d708233

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduXutxtLznXIE-kK3TF5UGZZrr2ZRO0Jrv4WGNEp2qfhYzlzAQV0weEIqlLs6LU6ubyfEQbTmie4QKxyWkHatLvJhik40Wt
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9907
last-modified
Thu, 22 Sep 2022 10:35:01 GMT
server
UploadServer
etag
"f0b55e7b963e0c631589cbf691100f44"
vary
Accept-Encoding
x-goog-generation
1663842901839103
x-goog-hash
crc32c=1g9Qig==, md5=8LVee5Y+DGMVicv2kRAPRA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9907
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 14 Oct 2022 14:59:59 GMT
l
mcdp-nydc1.outbrain.com/
2 B
292 B
Fetch
General
Full URL
https://mcdp-nydc1.outbrain.com/l?token=06f72f9c9e370865b510fa6907e8d993_185_1665759298096&tm=2907&eT=0&widgetWidth=300&widgetHeight=764&widgetX=1050&widgetY=3989&wRV=2000910&pVis=0&lsd=486b77bd-d47b-404e-8979-7206b9b4c94d&eIdx=&ccpa=1YNN&rtt=972&oo=false&ab=0&wl=0
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 14 Oct 2022 14:54:59 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
f74b302d83b649681b9c9b2418c1c7e8
Content-Length
28
Content-Type
text/plain; charset=UTF-8
main.19.8.355.js
static.adsafeprotected.com/ Frame 1806
194 KB
60 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.355.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 15:12:43 GMT
x-amz-version-id
Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
690137
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Oct 2022 10:37:53 GMT
server
AmazonS3
etag
W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Tp-0xssjrpro6CrbKJh7yr5DoaR1MePNDvtxL0rJjypELQ0-WXZB3w==
main.19.8.355.js
static.adsafeprotected.com/ Frame 25A9
194 KB
60 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.355.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 15:12:43 GMT
x-amz-version-id
Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
690137
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Oct 2022 10:37:53 GMT
server
AmazonS3
etag
W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Xa9fOpf_qlylNB_op_xSVoI61H9qFC8dBwAUwp6qXNtGxCvNavGBjw==
ecm3
s.amazon-adsystem.com/ Frame FA2F
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=gfdae83e92f758ca0c7b
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2952YJDYSV6XR26XGN62
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/ Frame FA2F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=L98M2PLK-Y-BTOL
43 B
323 B
Image
General
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=L98M2PLK-Y-BTOL
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.73.149.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-149-117.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=L98M2PLK-Y-BTOL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
sync
ads.yieldmo.com/v000/ Frame FA2F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gefbf7dff3412f81e141
  • https://ads.yieldmo.com/v000/sync?tdid=43be5bfc-2333-45c8-b58e-491325ded701
43 B
437 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?tdid=43be5bfc-2333-45c8-b58e-491325ded701
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.73.149.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-149-117.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=43be5bfc-2333-45c8-b58e-491325ded701
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
sync
ads.yieldmo.com/ Frame FA2F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=4YcvVatpQRlHac9ZHs6pq2AJ9sU&gdpr=&gdpr_consent=
43 B
549 B
Image
General
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=4YcvVatpQRlHac9ZHs6pq2AJ9sU&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.73.149.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-149-117.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=4YcvVatpQRlHac9ZHs6pq2AJ9sU&gdpr=&gdpr_consent=
Date
Fri, 14 Oct 2022 14:54:59 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame FA2F
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzYzMzYyODQwNTUwOTY3ZTM0YWY=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/ Frame FA2F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=yieldmo
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_custom_parameter=54581ddb-cf4b-4c83-8772-b771adc7cdd3
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_custom_parameter=54581ddb-cf4b-4c83-8772-b771adc7cdd3
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=284a5727-69e8-48d1-bf38-85bae0bed6ed&user_group=1&ssp=yieldmo&bsw_param=54581ddb-cf4b-4c83-8772-b771adc7cdd3
  • https://ads.yieldmo.com/sync?userid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
43 B
666 B
Image
General
Full URL
https://ads.yieldmo.com/sync?userid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.73.149.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-149-117.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=54581ddb-cf4b-4c83-8772-b771adc7cdd3&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
Date
Fri, 14 Oct 2022 14:55:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
main.19.8.355.js
static.adsafeprotected.com/ Frame 7E61
194 KB
60 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.355.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 15:12:43 GMT
x-amz-version-id
Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
690137
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Oct 2022 10:37:53 GMT
server
AmazonS3
etag
W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
cSFjoH_QztXhBIlp1TEyxwUYOGDskI3vROHh1Alv9H6-se6KxAEDWw==
eyJpdSI6IjdiZGRjYjJlZWFkMTEyMjAwYzlkYmE0MjIxNDYyZDE0ODE3ZmYwMmUzYmE4NWFhY2QxOWFkZjYxYzQ4ZTgxZjkiLCJ3Ijo0MDAsImgiOjIyNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
42 KB
43 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjdiZGRjYjJlZWFkMTEyMjAwYzlkYmE0MjIxNDYyZDE0ODE3ZmYwMmUzYmE4NWFhY2QxOWFkZjYxYzQ4ZTgxZjkiLCJ3Ijo0MDAsImgiOjIyNCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7471826a39b48c644be8b402bcb00d6729e57b632be7585a5f5881e244c3a2fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
last-modified
Thu, 13 Oct 2022 16:08:51 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2380431
access-control-allow-credentials
false
x-traceid
2f0fff44709b40a59de0cc00c7310d95
timing-allow-origin
*, *
content-length
43286
truncated
/ Frame 25A9
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da2e173f3b0247df9b194a1bf4dfcf50966166f84a2000ee9c672a4ad7a66031

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
crum
dsum-sec.casalemedia.com/ Frame 5B50
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0l4QhsVnrOdD2McikNy5AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN6sSaypwucG29ourbiWVU0&google_cver=1
43 B
764 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN6sSaypwucG29ourbiWVU0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN6sSaypwucG29ourbiWVU0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5B50
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PN7TSAW2FN93B6Y2AG0Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5B50
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=43be5bfc-2333-45c8-b58e-491325ded701&expiration=1668351299&gdpr=0&gdpr_consent=
43 B
764 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=43be5bfc-2333-45c8-b58e-491325ded701&expiration=1668351299&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=43be5bfc-2333-45c8-b58e-491325ded701&expiration=1668351299&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 5B50
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP4Ov7M01DaM6gbiU5qXi7s&google_cver=1
43 B
844 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP4Ov7M01DaM6gbiU5qXi7s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQZLwu1iuYJvbB0L9IWgfidSCj3T%2BYRKTLtOFEtAFLIwNPDTpJGHn0lxxUxYbFEA%2FmvxnVg7hQzumbfYFGmRNu3IMSqayatGV1%2Bhbnr2WI5pg6YlQz9j5ARWsHpaCvW8rC%2B6w0E37aY0yw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75a127470e8e18fa-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP4Ov7M01DaM6gbiU5qXi7s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 5B50
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=71cbebbabd661483&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHSY3L4uHSVQN1bxKtAAAAAAA&expiration=1665845699&is_secure=true
43 B
764 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHSY3L4uHSVQN1bxKtAAAAAAA&expiration=1665845699&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHSY3L4uHSVQN1bxKtAAAAAAA&expiration=1665845699&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 5B50
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEDek7GkvEAAB5Vp63uTg&expiration=1666968899
43 B
764 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEDek7GkvEAAB5Vp63uTg&expiration=1666968899
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEDek7GkvEAAB5Vp63uTg&expiration=1666968899
Date
Fri, 14 Oct 2022 14:54:59 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum.casalemedia.com/ Frame 5B50
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=index&bds_param=54581ddb-cf4b-4c83-8772-b771adc7cdd3
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=3b38920b-66f5-482a-9c13-5abb4c44464b&expires=10&ssp=index&bsw_param=54581ddb-cf4b-4c83-8772-b771adc7cdd3
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=54581ddb-cf4b-4c83-8772-b771adc7cdd3
43 B
764 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=54581ddb-cf4b-4c83-8772-b771adc7cdd3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=54581ddb-cf4b-4c83-8772-b771adc7cdd3
Date
Fri, 14 Oct 2022 14:55:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 5B50
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ERG36DACGYHCRAKV3MW8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame 1806
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb673d9ac3876184f89e1ad2b891ac7fc77e1b1cab749f1d581bc786a23a3e77

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7E61
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47d9a20bb477c23070c9ea3874f8a667a38aac2c3e43f15fef14a5b7e2e6667f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 6AE5
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=925660&campId=300x250&pubId=38377837&chanId=70774117&placementId=6121155019&pubCreative=138407334265&pubOrder=3001842219&cb=1754621262&adsafe_par&impId=2b1db02d-4bd0-11ed-83d1-02b862816393&custom=rect_btf_01&custom2=&custom3=&custom4=&custom5=&custom6=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
/
Resource Hash
9c7519212772209334a467e250030576a4552ae96c77477d5c5b3d18b9e9c26c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 15E3
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B
Document
General
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.231.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-231-250.compute-1.amazonaws.com
Software
/
Resource Hash
4d42aa7f0f3bffc68781d8a6553679db4643a3b852c34b4103c10ac4bb59af52

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:54:59 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 14 Oct 2022 14:54:59 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:54:59 GMT
location
/um/cs&eq_cc=1
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7801
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
19239
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 09:34:20 GMT
expires
Sat, 14 Oct 2023 09:34:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
durly.js
c.betrad.com/ Frame 1806
4 KB
2 KB
Script
General
Full URL
https://c.betrad.com/durly.js?;ad_wxh=728x90;coid=675;nid=157707;ecaid=6260004;27487929;3083304;346198417;%eexpi
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.155.4 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-155-4.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f9699b9f521b1c637bb698eab0017f2670dddbc21660ca74bb204a52b34e68b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 20:22:56 GMT
server
AkamaiNetStorage
etag
"5e1b47a064619e731abffc27f0b21f4e:1665087776.418884"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1606
index.html
s0.2mdn.net/sadbundle/5747938229646881587/ Frame 94F6
6 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
035bee8cfc81c767fa26e23b4454fb37152b1fee353ced6335abee5c1c3bd20a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
194699
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2238
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 12 Oct 2022 08:50:00 GMT
expires
Thu, 12 Oct 2023 08:50:00 GMT
last-modified
Wed, 28 Sep 2022 19:04:25 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
v1
p.tvpixel.com/com.snowplowanalytics.iglu/ Frame 1806
43 B
378 B
Image
General
Full URL
https://p.tvpixel.com/com.snowplowanalytics.iglu/v1?schema=iglu:com.dataplusmath/display_impression/jsonschema/1-0-0&aid=citi-d4f85824-1351-4554-91ff-fdb56f962c5c&cb=1193608672&pub_id=3083304&adv_id=6260004&adv_nm=&c_id=27487929&c_nm=&pl_id=346198417&pl_nm=&ad_id=539343382&ad_nm=179349222&width=&height=&u_id=&u_ip=&app_id=&app_nm=&dvc_typ=&dvc_id=&dvc_lat=&us_privacy=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.132.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-132-16.compute-1.amazonaws.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
pixel.gif
tracker.samplicio.us/tracker/52e7c673-4aab-4635-8cd7-1daf64fd61c6/ Frame 1806
35 B
390 B
Image
General
Full URL
https://tracker.samplicio.us/tracker/52e7c673-4aab-4635-8cd7-1daf64fd61c6/pixel.gif?sid=3083304&pid=346198417&crid=179349222&device_id=0&c1=27487929&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=1193608672
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.51.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-51-150.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Strict-Transport-Security
max-age=604800
Server
nginx/1.20.0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
p
sb.scorecardresearch.com/ Frame 1806
43 B
358 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=3&c2=34402982&c3=27487929&c4=179349222&c5=346198417&c11=3083304&c13=728x90&c16=dcm&cj=1&rn=1193608672&gdpr=&ax_fwd=1&gdpr_consent=&ax_ty=d&c6=11472
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-33.jfk50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
via
1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
content-length
43
x-amz-cf-id
nlEWOmAEo8x_RObzhaZ2t9r3GRa-vBBSiC9fMDaJk_J0XDVc-f8Z6g==
x-cache
Miss from cloudfront
content-type
image/gif
t.png
imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/ Frame 1806
Redirect Chain
  • https://imtwjwoasak.com/trk?CNTRY=USA&SID=2500016607&TFID=10801&CMP_ID=140764&PUB_ID=N458401.8535CNNNETWORK&CTE=179349222&PLC_ID=346198417&RND_NUM=1193608672
  • https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
68 B
435 B
Image
General
Full URL
https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Server
3.5.2.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:00 GMT
Last-Modified
Tue, 13 Sep 2022 08:55:12 GMT
Server
AmazonS3
x-amz-request-id
3CS2HF69B80HXF6X
ETag
"8e31b8b47c618ed73e5b31011d1de037"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
gj5QD6ICPZL3nbq6Rgi7msY8tFfAugr6QwcTBLEmxeKXlBhn6UMVFfX+XDMc0hLsB/nHdZogKxZMB6LWsmPnqQ==

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
via
1.1 6e24e95f882f20707346a032d1fa2948.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
LambdaGeneratedResponse from cloudfront
location
https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
x-amz-cf-id
yPtf5eNArOLeT1N7o1KoCUhq0vEQfjuSgp6MD4f6R6MCcaKKBXpWxA==
jload
pixel.adsafeprotected.com/ Frame 94F4
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=925660&campId=728x90&pubId=38377837&chanId=70774117&placementId=6121155019&pubCreative=138407334136&pubOrder=3001842219&cb=868407317&adsafe_par&impId=2b0a9d9f-4bd0-11ed-8703-0e6557286d5b&custom=bnr_atf_01&custom2=&custom3=&custom4=&custom5=&custom6=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
/
Resource Hash
4e3ab7fba3ccc0f8b7b02215ab32cb22b3611ab233dbb94ce32d1fcce91fd387

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9E58
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
19239
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 09:34:20 GMT
expires
Sat, 14 Oct 2023 09:34:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
durly.js
c.betrad.com/ Frame 25A9
4 KB
2 KB
Script
General
Full URL
https://c.betrad.com/durly.js?;ad_wxh=300x250;coid=675;nid=157707;ecaid=6260004;27487929;3083304;346198420;%eexpi
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.155.4 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-155-4.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f9699b9f521b1c637bb698eab0017f2670dddbc21660ca74bb204a52b34e68b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 20:22:56 GMT
server
AkamaiNetStorage
etag
"5e1b47a064619e731abffc27f0b21f4e:1665087776.418884"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1606
index.html
s0.2mdn.net/sadbundle/1628148154522689122/ Frame 531D
6 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1793b1f7c6c22f4d15cd33627e691aa697b3abaf8367f90e429d82a3797f4f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
253688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2210
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 16:26:51 GMT
expires
Wed, 11 Oct 2023 16:26:51 GMT
last-modified
Wed, 28 Sep 2022 18:57:38 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
pixel.gif
tracker.samplicio.us/tracker/52e7c673-4aab-4635-8cd7-1daf64fd61c6/ Frame 25A9
35 B
390 B
Image
General
Full URL
https://tracker.samplicio.us/tracker/52e7c673-4aab-4635-8cd7-1daf64fd61c6/pixel.gif?sid=3083304&pid=346198420&crid=179347275&device_id=0&c1=27487929&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=3216548757
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.51.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-51-150.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Strict-Transport-Security
max-age=604800
Server
nginx/1.20.0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
v1
p.tvpixel.com/com.snowplowanalytics.iglu/ Frame 25A9
43 B
378 B
Image
General
Full URL
https://p.tvpixel.com/com.snowplowanalytics.iglu/v1?schema=iglu:com.dataplusmath/display_impression/jsonschema/1-0-0&aid=citi-d4f85824-1351-4554-91ff-fdb56f962c5c&cb=3216548757&pub_id=3083304&adv_id=6260004&adv_nm=&c_id=27487929&c_nm=&pl_id=346198420&pl_nm=&ad_id=539134353&ad_nm=179347275&width=&height=&u_id=&u_ip=&app_id=&app_nm=&dvc_typ=&dvc_id=&dvc_lat=&us_privacy=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.132.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-132-16.compute-1.amazonaws.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
p
sb.scorecardresearch.com/ Frame 25A9
43 B
358 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=3&c2=34402982&c3=27487929&c4=179347275&c5=346198420&c11=3083304&c13=300x250&c16=dcm&cj=1&rn=3216548757&gdpr=&ax_fwd=1&gdpr_consent=&ax_ty=d&c6=11472
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-33.jfk50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
via
1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
content-length
43
x-amz-cf-id
rMpk2-IPdWRvw6Q_nLbaq-aDsZ6GckWvhRKv8mL1Xn3Hu64hCYyoPw==
x-cache
Miss from cloudfront
content-type
image/gif
t.png
imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/ Frame 25A9
Redirect Chain
  • https://imtwjwoasak.com/trk?CNTRY=USA&SID=2500016607&TFID=10801&CMP_ID=140764&PUB_ID=N458401.8535CNNNETWORK&CTE=179347275&PLC_ID=346198420&RND_NUM=3216548757
  • https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
68 B
435 B
Image
General
Full URL
https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Server
3.5.2.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:00 GMT
Last-Modified
Tue, 13 Sep 2022 08:55:12 GMT
Server
AmazonS3
x-amz-request-id
3CSFGKCEKJX1MCBK
ETag
"8e31b8b47c618ed73e5b31011d1de037"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
V1OiRr6AKcQNTjthtL1j36GbxvXcQLquMfI9p565PsqVxVl/3wBHPBkHXSD0izFlhtbu43xoxLZhxT4G3K+m+Q==

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
via
1.1 6e24e95f882f20707346a032d1fa2948.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
LambdaGeneratedResponse from cloudfront
location
https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
x-amz-cf-id
B0KZlAW3-ayBb18QenXUgxr25pTiCXU04SD71XNCjKPyEoe6thal6Q==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0182
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
19239
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 09:34:20 GMT
expires
Sat, 14 Oct 2023 09:34:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
durly.js
c.betrad.com/ Frame 7E61
4 KB
2 KB
Script
General
Full URL
https://c.betrad.com/durly.js?;ad_wxh=300x250;coid=675;nid=157707;ecaid=6260004;27487929;3083304;346198420;%eexpi
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.155.4 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-155-4.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f9699b9f521b1c637bb698eab0017f2670dddbc21660ca74bb204a52b34e68b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 20:22:56 GMT
server
AkamaiNetStorage
etag
"5e1b47a064619e731abffc27f0b21f4e:1665087776.418884"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1606
index.html
s0.2mdn.net/sadbundle/3320540508672487973/ Frame 9904
6 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e08b46087a100a23157c9426007e2f8d0872494db84f7ccebdad5c063eeb30c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
253663
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2214
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 16:27:16 GMT
expires
Wed, 11 Oct 2023 16:27:16 GMT
last-modified
Wed, 28 Sep 2022 19:04:18 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
pixel.gif
tracker.samplicio.us/tracker/52e7c673-4aab-4635-8cd7-1daf64fd61c6/ Frame 7E61
35 B
390 B
Image
General
Full URL
https://tracker.samplicio.us/tracker/52e7c673-4aab-4635-8cd7-1daf64fd61c6/pixel.gif?sid=3083304&pid=346198420&crid=178874260&device_id=0&c1=27487929&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=2235500178
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.51.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-51-150.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:54:59 GMT
Strict-Transport-Security
max-age=604800
Server
nginx/1.20.0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
v1
p.tvpixel.com/com.snowplowanalytics.iglu/ Frame 7E61
43 B
379 B
Image
General
Full URL
https://p.tvpixel.com/com.snowplowanalytics.iglu/v1?schema=iglu:com.dataplusmath/display_impression/jsonschema/1-0-0&aid=citi-d4f85824-1351-4554-91ff-fdb56f962c5c&cb=2235500178&pub_id=3083304&adv_id=6260004&adv_nm=&c_id=27487929&c_nm=&pl_id=346198420&pl_nm=&ad_id=539134353&ad_nm=178874260&width=&height=&u_id=&u_ip=&app_id=&app_nm=&dvc_typ=&dvc_id=&dvc_lat=&us_privacy=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.132.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-132-16.compute-1.amazonaws.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
p
sb.scorecardresearch.com/ Frame 7E61
43 B
358 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=3&c2=34402982&c3=27487929&c4=178874260&c5=346198420&c11=3083304&c13=300x250&c16=dcm&cj=1&rn=2235500178&gdpr=&ax_fwd=1&gdpr_consent=&ax_ty=d&c6=11472
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-33.jfk50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
via
1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
content-length
43
x-amz-cf-id
VQgHBBX0N5TcbA55hzDmUjsiUIv02yiLZ7Ede179FoAQJm4UjuD9Aw==
x-cache
Miss from cloudfront
content-type
image/gif
t.png
imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/ Frame 7E61
Redirect Chain
  • https://imtwjwoasak.com/trk?CNTRY=USA&SID=2500016607&TFID=10801&CMP_ID=140764&PUB_ID=N458401.8535CNNNETWORK&CTE=178874260&PLC_ID=346198420&RND_NUM=2235500178
  • https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
68 B
435 B
Image
General
Full URL
https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Server
3.5.2.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:00 GMT
Last-Modified
Tue, 13 Sep 2022 08:55:12 GMT
Server
AmazonS3
x-amz-request-id
3CS6AD9D83BF4VNG
ETag
"8e31b8b47c618ed73e5b31011d1de037"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
hBwP5SlvmkugbLYfVKzOWd1m6v1m8aXFoxGHW/VMMdt6YcRrjK2IGLzwzVUQLemsJsLan+JSz+Cqg34ZzSKKeg==

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
via
1.1 6e24e95f882f20707346a032d1fa2948.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
LambdaGeneratedResponse from cloudfront
location
https://imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com/t.png
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
x-amz-cf-id
DGfIT7F-u-BnP8SmAEhkaYBX0TYDTvbAv5oHa2_e5Rz8nsq8oyQvNQ==
jload
pixel.adsafeprotected.com/ Frame 1E45
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=925660&campId=300x250&pubId=38377837&chanId=70774117&placementId=6121155019&pubCreative=138406824543&pubOrder=3001842219&cb=674126636&adsafe_par&impId=2b28374b-4bd0-11ed-bc07-0a7d2ca1a63d&custom=rect_atf_01&custom2=&custom3=&custom4=&custom5=&custom6=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
/
Resource Hash
6c825fd295562e37e1119a7f1dc29b2a16fe046177ae16c498c9d73a0fa66020

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D54A
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85062971&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c647ca6ed0f4ae7df127061508bc51ae3a871362144bf252e8f46a9f0b7d6aa6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 14 Oct 2022 14:54:58 GMT
content-length
1582
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 4524
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY0njq9WKOZ8seN9ozA5UfH5ozul6X7IlEOkXDoMT2FI7bR4yqOKmziDleob3P6C8pGKcRo13IukihJ2bFLlVgL9JMcdfNh6CQOAuvCiYbfDEULIJFrd3gGye8ViMwaHfKOl6-EyVAE9sRaYQptzqPYaPdHOeePDdpeoR2d0GOxkgKRDB8bIz_ErpCUmcmRz0YekhllA2--bm-etEunVPD1Wm2m3GfuFy2MNoulGqDHcpYwUGThcNJvN6b_IadZZuQG-wxZVvTb3KLpcDoTnHI3UP7xjm0Nnq1ddj0CBVNHOTJO9PePqq0cYlOKRa1l7gw4TiTZ429WXCo35OGMmKTLaRJeIQ&sai=AMfl-YR-ymim7tvQKHZ0cUxeLBnnS_mv2sC4ePn4hEs2lak2qGcwrypmC_k_NJuoPrBfxoxV76_V3pQ7GSKxu5udl-Up_nBwpP4FO2InIzHijZy5hlsStlC1HoZbNRIhNLknkM7B8g&sig=Cg0ArKJSzFoDcvR4TbC3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
15639715351364909288
tpc.googlesyndication.com/simgad/ Frame 4524
95 KB
95 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15639715351364909288?
Requested by
Host: 12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
URL: https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2561d2cc5ba7c8144002da79ebe88606c7a95586331319b06062064db952606
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 17:11:43 GMT
x-content-type-options
nosniff
age
596596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97238
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 17:09:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Oct 2023 17:11:43 GMT
cnntravel-semibold.woff2
www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/ Frame 4524
56 KB
56 KB
Font
General
Full URL
https://www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/cnntravel-semibold.woff2
Requested by
Host: 12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
URL: https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6b4795935173dd8879c4892909ac59f2be2f6bc3f6f8e8448d3a72dc5dd9ac9
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
Origin
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 14:54:59 GMT
x-servedbyhost
::ffff:127.0.0.1
age
2442802
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
57040
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200025-IAD, cache-ewr18149-EWR
x-timer
S1665759300.557462,VS0,VE0
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
94, 619
cnnsans-regular.woff2
www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/ Frame 4524
45 KB
46 KB
Font
General
Full URL
https://www.i.cdn.cnn.com/.a/fonts/cnn/3.9.0/cnnsans-regular.woff2
Requested by
Host: 12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
URL: https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
67e8269cd944134ebe49deda2f7b3c76fba0b2b97037c8649d0a411007de23f5
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
Origin
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com:* https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* https://www.google.com https://news.google.com https://www.google.co.uk https://amp-cnn-com.cdn.ampproject.org courageousstudio.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 14:54:59 GMT
x-servedbyhost
::ffff:127.0.0.1
age
204722
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
46464
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100114-IAD, cache-ewr18149-EWR
x-timer
S1665759300.558278,VS0,VE0
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
8, 13948
usermatch.gif
beacon.krxd.net/ Frame CCE0
Redirect Chain
  • https://ml314.com/csync.ashx?fp=PIzqpAw5&person_id=3630748696449122349&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3630748696449122349
  • https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3630748696449122349
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3630748696449122349
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n019-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:54:59 GMT
cache-control
private, no-cache, no-store
x-request-time
D=63 t=1665759299
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 14 Oct 2022 14:54:58 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3630748696449122349
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
expires
Sat, 15 Oct 2022 10:54:59 GMT
fbevents.js
connect.facebook.net/en_US/
101 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Oct 2022 14:54:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26852
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
RkY5ikdQxeAsHeZKPdYyI0AbqdgnykXwovva08B9FRhGU7qWRc/6k3P9zxTPTvY9TYBB9azz0vdT9E3VEZ3NXQ==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/986255830/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986255830/?value=0&guid=ON&script=0
  • https://www.google.com/pagead/1p-user-list/986255830/?value=0&guid=ON&script=0&is_vtc=1&random=2812036844
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/986255830/?value=0&guid=ON&script=0&is_vtc=1&random=2812036844
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-user-list/986255830/?value=0&guid=ON&script=0&is_vtc=1&random=2812036844
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/
43 B
376 B
Image
General
Full URL
https://t.co/i/adsct?txn_id=l4umf&p_id=Twitter
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
4
date
Fri, 14 Oct 2022 14:54:59 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
52659aa1c2e5a9bc
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
1d263416d76c7f606b3a6a40354a1b38b72c5f9aec8f541647a8febb70235c8d
content-length
43
adsct
analytics.twitter.com/i/
43 B
113 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?txn_id=l4umf&p_id=Twitter
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
5
date
Fri, 14 Oct 2022 14:54:59 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
78eb8cd878dc0967
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
85984abb8ec9efba620e8f8947a1b190a49beb24e207987c3e368e283f68467b
content-length
43
/
www.google.com/pagead/1p-user-list/925133270/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/925133270/?value=1.00&currency_code=USD&label=IEQNCNXH9GcQ1tORuQM&guid=ON&script=0
  • https://www.google.com/pagead/1p-user-list/925133270/?value=1.00&currency_code=USD&label=IEQNCNXH9GcQ1tORuQM&guid=ON&script=0&is_vtc=1&random=2671572946
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/925133270/?value=1.00&currency_code=USD&label=IEQNCNXH9GcQ1tORuQM&guid=ON&script=0&is_vtc=1&random=2671572946
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-user-list/925133270/?value=1.00&currency_code=USD&label=IEQNCNXH9GcQ1tORuQM&guid=ON&script=0&is_vtc=1&random=2671572946
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getdata.xgi
r.nexac.com/e/
0
0

/
d.agkn.com/pixel/10751/
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212296238&tid=PIzqpAw5
  • https://d.agkn.com/pixel/10751/?che=1665759299673&ip=96.9.246.197
43 B
582 B
Image
General
Full URL
https://d.agkn.com/pixel/10751/?che=1665759299673&ip=96.9.246.197
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
2600:9000:2514:e400:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
via
1.1 14b9e21ac67dd643dc9e782cb20c49a2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
V5WD6yrbG3Yuf1pLM6kN4n1hfMkNfVUGiTYp0VJR7hG3waX_ftkrjw==
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
via
1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P3
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://d.agkn.com/pixel/10751/?che=1665759299673&ip=96.9.246.197
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
sXcqOgJHU9ZNCc5eEEFJrpDP2UOYWBzkStiDUn1XyvGPRGf9hxZh4A==
expires
0
da2e6c890e6e3636
s.amazon-adsystem.com/x/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://s.amazon-adsystem.com/x/da2e6c890e6e3636
  • https://s.amazon-adsystem.com/x/da2e6c890e6e3636
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/x/da2e6c890e6e3636
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:59 GMT
AN-X-Request-Uuid
80be83d6-47a6-4617-a151-c15a5a26b364
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://s.amazon-adsystem.com/x/da2e6c890e6e3636
Connection
keep-alive
X-Proxy-Origin
96.9.246.197; 96.9.246.197; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame AC33
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L98M2PLK-Y-BTOL
  • https://s.amazon-adsystem.com/ecm3?id=L98M2PLK-Y-BTOL&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=L98M2PLK-Y-BTOL&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NGCQQCM98CBPP759BQ2R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=L98M2PLK-Y-BTOL&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
style.css
s0.2mdn.net/sadbundle/5747938229646881587/ Frame 94F6
4 KB
1 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/5747938229646881587/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b029a89ae0a6fc5cd5a6be5e63e38570a134f01f91adce7a358e97df12b719be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254122
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1502
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:19:37 GMT
sfa7jox.css
use.typekit.net/ Frame 94F6
6 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/sfa7jox.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:749a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ed4f3ec92437599d1dee247e7aa8e01e70a9af6a57fdd24a984b2696e0a1fd45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 14 Oct 2022 14:54:59 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
883
head.load.min.js
cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/ Frame 94F6
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3290115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1704
last-modified
Mon, 04 May 2020 16:10:30 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e76-11fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vx%2BiUv7BcPI0NiZ0b%2FV0Y2pPVt2voCGRjFNnG%2BJKHvkiCxsRYlOCUGiSiIGjH%2Fq6dAT8o3VJIAOWqjthOpglnx9fY3R4a2J8ZclTda6RFrnnpTSuZMpNLnk%2BoF6qEcHb6p9ffUr6gXDF0xzeUSy0KTjd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a127475bc1d15b-BUF
expires
Wed, 04 Oct 2023 14:54:59 GMT
img_pause.svg
s0.2mdn.net/sadbundle/5747938229646881587/ Frame 94F6
704 B
383 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5747938229646881587/img_pause.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96e24ccde861fd8eecd9e66127838a292b06b43c265ce3cebfd98262b2b7b1a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254123
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
354
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:19:37 GMT
style.css
s0.2mdn.net/sadbundle/1628148154522689122/ Frame 531D
4 KB
1 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/1628148154522689122/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cabe05b7228f5abca71e49d0342c1d5d6e2d2a04e789e23148db033f367b9a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253688
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1501
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 18:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:26:51 GMT
sfa7jox.css
use.typekit.net/ Frame 531D
6 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/sfa7jox.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:749a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ed4f3ec92437599d1dee247e7aa8e01e70a9af6a57fdd24a984b2696e0a1fd45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 14 Oct 2022 14:54:59 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
883
head.load.min.js
cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/ Frame 531D
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3290115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1704
last-modified
Mon, 04 May 2020 16:10:30 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e76-11fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhoVqapzbo%2B4yiQPD864ekCvjvpsHVDknGL6SjZ6P%2B%2FC6mrihG7rAEyjixE1W%2FADxHduPAB4pXiTWwW24rJ4TZWRCk1cn7yX8l%2BS3pRxtMJHxSs%2F0iFmKswDj84PWvIMs%2FxPU25B2K848sCWtQMDbA9R"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a127475bc4d15b-BUF
expires
Wed, 04 Oct 2023 14:54:59 GMT
img_pause.svg
s0.2mdn.net/sadbundle/1628148154522689122/ Frame 531D
704 B
383 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/1628148154522689122/img_pause.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96e24ccde861fd8eecd9e66127838a292b06b43c265ce3cebfd98262b2b7b1a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
354
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 18:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:26:51 GMT
style.css
s0.2mdn.net/sadbundle/3320540508672487973/ Frame 9904
4 KB
1 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/3320540508672487973/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1afd9d0b0088c707945d3eed4a229a81f70a10cd0e3ae6a8d60ae93aff463d25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253663
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1498
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:27:16 GMT
sfa7jox.css
use.typekit.net/ Frame 9904
6 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/sfa7jox.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:749a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ed4f3ec92437599d1dee247e7aa8e01e70a9af6a57fdd24a984b2696e0a1fd45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 14 Oct 2022 14:54:59 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
883
head.load.min.js
cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/ Frame 9904
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3290115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1704
last-modified
Mon, 04 May 2020 16:10:30 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e76-11fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0%2FBTCQzVVJ2Iof6CKAKzrJlg19pQu%2Fx%2Fi5bL0A2poGWT7KfyoZn39K0Qhu%2FSn%2BCytGIXsB8kzVSD%2Bgrg5JnAMCT2KC77BqExI4AZtVFjGxYK95e%2FncPClX0m%2BBLmyJqzN3SjeivkmOEBlVm5P1bXZ21"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a127478bcad15b-BUF
expires
Wed, 04 Oct 2023 14:54:59 GMT
img_pause.svg
s0.2mdn.net/sadbundle/3320540508672487973/ Frame 9904
704 B
383 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3320540508672487973/img_pause.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96e24ccde861fd8eecd9e66127838a292b06b43c265ce3cebfd98262b2b7b1a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253664
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
354
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:27:16 GMT
truncated
/ Frame 4524
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b9f4f1f70b663a6f9c20adbfc3fe2feb4aa33d8ea89ecc196d1b617043f6c36

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
AVmanager.js
player.aniview.com/script/6.1/ Frame 7848
390 KB
111 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1400:d:592::2c79 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
dba6cd6ea8cd4b220a20275c440ac8b66e7f96c21bf5b220d7805524bc5da486

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:54:59 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduZ8_IKhfK3T24yeRL2KQNWDcSHWbdktEzipQB-D76kIyuCVcmzQE6SI-XHT7QPECotWdczabbYLH9P4VUKloB4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
112390
last-modified
Thu, 22 Sep 2022 10:35:01 GMT
server
UploadServer
etag
"338e56b1f4ce4f7715f277f4b2749547"
vary
Accept-Encoding
x-goog-generation
1663842901832027
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=61SVsA==, md5=M45WsfTOT3cV8nf0snSVRw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
112390
accept-ranges
bytes
expires
Fri, 14 Oct 2022 14:59:59 GMT
crum
dsum-sec.casalemedia.com/ Frame 15E3
43 B
764 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=9a98636e-dc9a-473d-8ea3-fbc518fd5fe5&expiration=1673708099
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:54:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0
skeleton.js
static.adsafeprotected.com/ Frame 1806
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/993073/65715864/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_med...
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 10:04:46 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
3732615
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
PySfru_H_NwwfEEdeAgmfYvmHjZ88SrcQJNr_mJc3hH3w5wHOL-vlg==

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:54:59 GMT
server
nginx
x-server-name
app05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame A274
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 19:25:35 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
2057365
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
LrgriNxTCWQNCISqhtnn8zo1x3UcCsBTchcgx_b1oVjt9EHyvCM-RA==
skeleton.js
static.adsafeprotected.com/ Frame 25A9
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/993073/65715865/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_med...
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 10:04:46 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
3732615
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
H8J2Ea7Ed55TGBzaPVzu1IvrArKIo45hfC3KpzU0lTKUWkHObqHa7Q==

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
server
nginx
x-server-name
app21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame EAD4
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 19:25:35 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
2057365
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
rlrYiUDoLCR6cOlj-Hau5sJo0QGNTscYA86z5lnc1PMKIEPXZ1Vnxw==
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 55F3
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=57897
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 14:55:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 15 Oct 2022 06:59:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
contextual
contextual-analytics.wunderkind.co/api/
1 KB
2 KB
XHR
General
Full URL
https://contextual-analytics.wunderkind.co/api/contextual?url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html&website_id=340
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
2c2e2c663fc9520d0d357da4e8b8ea4e786cd12aa552aabe2e792a38781e0748

Request headers

Accept
*/*
Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://www.cnn.com
date
Fri, 14 Oct 2022 14:55:00 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1524
content-type
application/json
creatives-base-styles.96663738.min.css
assets.bounceexchange.com/tag/css/
37 KB
6 KB
Stylesheet
General
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.96663738.min.css
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ad1e6142ee4942d81f5db672be8ecbe0a3252751e92ee31d1167426fcb3b3f9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 02:19:36 GMT
content-encoding
gzip
age
650124
x-guploader-uploadid
ADPycdtZ8YIMva7I3STC9Hon3j4h0ECHLraDLTLl7w4EZMMAGsCBGS7qIA2tF1c7FFcXGOyKBN4800WHrePUtNh1VEtl
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6010
last-modified
Mon, 07 Feb 2022 14:51:25 GMT
server
UploadServer
etag
"b02b20e16378200891ef95dfe357cd77"
vary
Accept-Encoding
x-goog-generation
1644245485313408
x-goog-hash
crc32c=0SBkxg==, md5=sCsg4WN4IAiR75Xf41fNdw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
6010
accept-ranges
bytes
content-type
text/css
expires
Sat, 07 Oct 2023 02:19:36 GMT
visit
events.bouncex.net/track.gif/
42 B
106 B
Image
General
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLppVRZGemp1AE5GSUlStgBlFAAzFCQQJ3pXd1UAMlAIGCQEeuR+pBxu8ChoCj4eNFN0BFgkUhw0yEhTYWo24xpi2l26ASPGeMxME+yD2khUYARSK6bIEHjLK-iCTMwUUCR4AFpsi8vv8bj97v9gCh4vEeAh-mkEChSJA0v8BPdSJgEGBNnseLwELpGKssg8tnJaLBIFkAPo5XggWBZXZyAAiCCyKDIB1UtLSYCyLQpbOo1FKLjFzHUcl5-MQmHirLZpmoxhEAEdIER-qVMJU0MxOPUwOpVAobDYAKoADmAumMACUAGoiYJZNloegALTwaGMA2A9EkqnopAijrwAE0xLRjDaxD4AIpRuxZACSAAUxEgkD4csFSLQ7Ek8AApSDUOQRNlWzMEWhiK2wOwiSTp3RgSDp-4+MC8MAADTEjrLsEUnDZNsFAE9nbT0wmk7zqXSPtgsJBlWKJVKZSuabSwARFvFcm02QLaZzuaQxr1oP1j6RqSACJhdDgQ8xmPeJk+CBfZ53xnL8dF-HoJnieBIGyKFmhQGxLDAHBKBcbRqEJMAIlg0xaRQXhaUgpDcmoeQdjFRpSEQGgyOoUIxSeF5LFpOYMFo8jaJuWBSJCWj6goNAwDSEA8P4LkeA4uQKOobjePo2isnfBAZ3wpBnleBBWPmKSZKomixT4sVEHiYDMFpb4cl0-jkQMuiGNkghNjI6SbOo+SHI+LILAQSAEEIiA0EwWBTGsyjbI82jQEJAhWIoGcZjC6h9MisUbH6FAIhmCyECEVin03JKUo4hSxSU7FVJQak0k+JKFBnNg7BQZ4qB0HxfL8pAjOYYIRBEEqHLAUwEhAZE1I0t5DNc8L3IG2iKC7I8cQgd8iJAXgioiubjOWt9zI+WBsCS1hDNK6gbGhCJ6jIUhaUJCwCBnHIjqmmTtsw+pVTu3yEi3V7aMwAhIFpDLeAa07BtgGwhTWfzaUOwkkDAD5+g2-6ZrsozqDAKGYb8wiMWaxEuvR5Ktoh2icehqB8dpVEEFMAgeD+ly9PJ+zKdxmm4cafp-LANBSAIC7SHSkABkS0niop4yudhwin1gFEwCaBBJKl9msapvGeZAO5URmZzOIx1Lsbl2nwkGGxqTQPnsRJ1m3Mxs7te5hX7lGkjj1PHFNtmmWzep+X8oIYACCiYakdgAjeOmsn-Y5sU0hQMAj3NuHsSESxYYd434+dyGg9ptACAIAdIFgep6j9gvOaLuH6A+FWjbj6XE+odc-OwOmZ2GmvTdd4PwjuaKEAIfv3sH2mCVG5FkEgFu2YTrX08ImwBk+XzEXX8gJ4DrBeHiFA8IsaFOU3Wl4kRRI9-bqe4ZAbykSv56WbztuV-rwichQTABBEyajsTaT1XvSJEf8AFq2wIiIUvBeCWCRF2W+n8dZrwyllTAQVcqLydgPUB9xfp7TPBuXOrdNYu1ASjd8PwQB-BwcAgO98CbJ2BlyHO9D854K-pfM40hkEUO4QIT4OFUCYDAPUT4DJ+GF1QRZEAaBVhH1ChrZeAjZHWwgNiXE0i66yLAAg5RQDOEgO4V2J8HCP5qLdrSKAyJwZGMsTI6xjM8KW1jkvWustuHXUgFoix5CnHBzBHcW6GIEARFIPY9+ATdHWORuLRU7jcEmNkVfHgrUHExK8bIzIM4xqZ38aowJtNUBnh0dk6xAArSANhS4RFeFDcpgdZFNEQi8Wk6UkQYLQDlIQTSmHXmamAtGmSilcQIKYdp60OHUEzMEGIbBZnBH2DoWgCggg6HoDEbQzAXBJgYswWgCZGp2GdGwdZGzmDrJ8GwPZNQ2ClBtJcuQPgTo9UbGwdQfhvS3LZAstqPhLnqCjPMxZZZMwuE+SCm5OglkHPUI6egZZbmDk8DoL5joUX0DYDaNkMLdkuFUGIH5OhSjUEHGwVQeBMyfKTHgc5AQKU6BcHgOizBSicBOu3Hg4RsTXgkrdCR0FEAjOiWMsU8Bsri1pJ8a8vB2IqM8dQT2dMJntMgOgDhkh1CcGXDobVzo2RSHoMwJlzBtViDOfqk1NopDAs4Mao0xqAi2utcwZFjCL64XVZqpKIYFCQoDulcRqrJnxDpr60mkh6ABBpdagIDrrWZg2e3U4+06ni0KUqwGl8haIG0otZ4OR6ioCsqTOS70020hLkeGqAhniQEAXnExyNmjr0IgU7OnV+l+XIE0OKzUJFIBZIqgehDVqQF7kksU4kcQaXetCZ4dwlpoFfv00BhN6ZIBsP0xmYjN6ESYppJpCNkDIwPUePdx4kYiUMWKpVEyi0gCIPcVSpgCovVGZjFwbI-wwA+OHcWqF0JRWsiBn9WN6jADftJEMoYXD0DJY8rG0VdJwfoAhpDNpSjSHUC4aoZ0UDj1eidBypA71x1WOsPE009hXCOAIE4ZwLgjr2ME+4jx1LMXPHQKh3xfgAiBPEEE7HSCQmhLCbECIkQojRBicgfirgEiJCSGk5I2hUkPAyJkrH2Q3h5FsagfIBRCm3OKSU6LZSGeMwqJUIpVTqi1DqPUBojQmjNBaa0doHQujdB6L0vp-SBmDKGcMkYYxxgTMmVMGZsy5nzAgQsxZSwVirDWOsDYmwtjbB2LsPY+wDmHKOccChJzTiyHOBcS4DxrnfF3P6F4dwWelFZ4oqhVxHhPEgMpIorz6fJO3FOulSNRVMMANDWNRVx1FWdUhb0A7xGg2h1Q8HEPildYNdaul-iSCxmgYTuk8NYxHazEbM6tukxcJKK7ZQXDMFUK4Zg9AzSSBtIG9upAluvXQ5h9bWM0jhtXNp5k-WJtnSPt5bkQUcEgbFJIOQMoXtgYwsAcbJGsafZg8YH7a3kMQbOvDxHLhXWO1h9QVHw2MdfdZjjrDaEjUE48D+dQmh-pk4p+js6mPlurbp-jhy0bmA2g8FZ0nKO0enap1j2nf3+e0WjSGFwr3kdRQl+RM71BuffZWxh3Htq5dw7ezaG0VQVdig55Lrn1PyIy7x0aiDP7OjwGQPMbA0B0qCEQCMdImQchO6967mAdwkZ7S-PdwoxQygVCqP7l3GA3en0gEOrIOAVD8D6fq38zvUDx5gISUAZ5J3DRwFhHCEzOjCtgjkJA0Bk7nswMH-GOBfwYAINAA62AkAzg+ISHAVoaidFb+3k8nfu9lwQHIPvNRjCD7HsPw6NwZyWQQH3zAUB-K1A1X5MAs+2-9DQKHkQUZd+PgQAf98y+cAiFymwKMwiT+wknTgBQlcqIEBP4zLsyIe8r+1bCh-dWcI2AP+V+M+Skvev4GINgvQasvAOACOEE4wzwcBtu2GuG+GnQ+eLwsBOAV21AN2Eo92j2z2qgr2LgnQbECAoAuU60X4nQiAGoPEiStBv4rwCSawj8c6KA3kX4Ouv2pQAhwuFe4Qm4x8esZ6oeGqaAcgmBVB2BJe9BXWZ4OAUBnQgeOA2eQAA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/
42 B
106 B
Image
General
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdAMYB2brA9gLb26oQUCOnohUuGC3QR6LLqi5shMVMkIBaXlMVsNAoSI1QQLFjDYQN2CCHS5sG+CPSXCJWhYAmEAB5M8HlFSGmRcHgB9HggvGGQ+UgARCB4QGFEqADYI7EIeGDJEqioATgB2YoAGABZSamzciDYWQuAqcgA5AEdcAC8NErYARiGwSoB1ADNCasyAIQAjBYBVAA4oX3IAJQA1DoBhHkSwAFYALQBZMHIISagTocyT9ABrLYuATQAVGnJVr4AEgBFD4AaR4AEkAApfVCoAHRfboGigl5cC4AKVwVFIL0SyyhXBoX2WyFBHSGEN8hFwEI0AMIXkIAA0vlsMchSHNxolVnkAJ47CIQ-5A+phSLyNi4Jq4QrFcpVWri8IRQhcNAsWRJXIRFJpdAAMlAkFgCEQLHUuF4JlQMBACxkhEwxDKc2oVB8hBe1uAERAXgisEIMEdsmKZEoxUmdkI4ao1H2HvEkmkEAiJvjkY9AmQWaoSej6HAhGwMD9Xl4aTYHuzxVz+cLVB4Sgg-P9EikMgz4CzFA9MfQcdrBY9cZYkiUEWU0Vr-ejscbOa4HgT86og+HEdHxXkPGAMhlgZDYDYyGAc6jG8XI6bsB8XAzxf5FjAl4HN+3TYWqFsL1f04IIQGa-nG0rvguQ5LsULaWO2IBhNgCgQVQcz8tQlSgiAkggBhAIQPgECoImGH7B0HS3mOwAQOYdgdqmMgoZu0FUMWNJqhA7gwFO95MZ+CY7lQcZcVO8jIOBEbrpUlHFAspgvJM6ToBEPgHlw-LRBJa5XjJnqTG0KkETRcqSVebBcLgES-gG6FfmOyALPkhGBuJPioIQ8i-l4fFQbphAOU5R4RM42E2MRpkfr5dnFP5jkwM5EQOBAwBcBYJnaZFW4CU2sWBTEEQxr+MSEGA6BcHJ6A-nAilsG+EWQVlJExQF8VBaByD2IQ4gQBYPmNYJuWtflinCA4r6rnW15Rdl9lxQl6AwJMEALGEYBFZY4UZQ1LGDQlv4LQ6ToaqgWoTeuzF+S1CXAIoUBcC8yVEf5AZ9leF3RVQ2AgMBu1BZY8CEIeMqbZN70zc1c1BWAXBcEyuDIJMkx9TtV1BSc8hdWdb38U1VBSjK0qJfy1HI5dkP5Qtwj3hAXCkx9v35d49p2ERuBY5lKPk4GCy3AoBE2Dz6AZFtU39U2TReCwIB+gepgpLKEQsDYLAvHT4NCajjP7rYSuaeloM4wNmuBtEIBsPAZaMfVouc3lJu2Obls9dKNj5F4XgyLYNJq7jDPc9Z-61f97PbWTdt6jIE7cc0spET7Rtc4rChKCoaghzbYdDYGFvYVE2HA+nYO+8biscEM0nW0XCfh-ACg+oIbCEJMCjRN5leGzlJdsDAYB4FLF7t9NxeJytIZuIXHezeHgMQMl8ed4nNKgRPQ-V1nETxXYtki1XC-hylfoLUt89T+vim4OPJ8Q+HBjCMpzgQC86Dbwbq97+vHlwDHV8a4nSsWLhQeYtT57XUnRYOP8-ZWTlpAkuAArXACwYYvGkA5WBidxAOikBEH8f4AIQKAbbdethLKtx-r6bBMAmQoSoFCfYABxDCtD9h0CoJUGgcwAAyGETj0PdGwsoQJCzsP+BhUEoIdgYS4dwthXCAQYUEQAZQwiUVYMjKikABBXSoLCvgYWqACL4ZwFGJEYWwgEAJ1HVA+AwphGIoRlH0TY+RbDmHCOqFsE4GIFHMkyPogEWwfEnAwqsRILjKhlDKJkIxKiqDMgwpkC4UJ9FAguFIzh8SBEXAEpUEo4wK7qwsAtSwepUjpAKlwS0cY2470nsUdQAE4ARAUHqLwkAf72gWIlLgwBsG4BLChIY1RxhijYUMnYiQMJDBOJUTJlQhlfEkWMmZqwpnWPGFMmZGzlmcNWcsyo3j6YKwoSwRKAzraPDmI4j6P4m7dN6ac-pYB07TM4cknZ2z5knChDI9W7A2BJ3unAFewDijmUVmVOMPZ2KSGiJMQQs5rYNl0v8iI0M1RIXgJIXAVsRZkw8naHmgZg5AzjoQvyMohbiCfNhZuqA+DkqOVHKcuBiavQ9JWaINIpC6VMJIYQHEwB63QTXEhYUFiQJSo3PmgYUxdnZaHD6rknqeXyoQKV6p3JlgHrUt+HoemwpgL0EQ7YbqcVlD7MoiRjS9jNEgeQQLOJGogJgNhpBMg2tNHAe1ZslBSDsDgfARA6ysIYMwf53AGU0FviIMQnY0xyGTsoWAactD5BYLofQgg77GFMOYSw1hbD2EcM4IWl9PBsB8P4QIRpMx2sQGbJWChEDN1cogaZjwyhDFWJgSonroDeobc0JCqAW0akre21YZRVirCGCUTAQxDQth8L2w0zgFghhlFQzApBqh9uDPFbdjwnhlBOCUUoqwSjl2qGUEohofCwC1NuyJVBInVHKJUTIpAyiVBOLMbtZR+12qPYaOMXQ8wxxA9IL++AYBcv6fuBdmQT1ntIJUdDtRDTQdlNLGAwh3LR0wE80g96B1akwF4UDx1yPrsNL2aUmB1BESAA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
8
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
ssp.behave.com/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=bouncex
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=bouncex
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2da24d39-36ac-4537-8e1e-fa5cf644c790&ssp=bouncex
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3
43 B
372 B
Image
General
Full URL
https://ssp.behave.com/sync?tp_id=2&tp_uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//ssp.behave.com/sync?tp_id=2&tp_uid=54581ddb-cf4b-4c83-8772-b771adc7cdd3
Date
Fri, 14 Oct 2022 14:55:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
article_view
events.bouncex.net/track.gif/
42 B
174 B
Image
General
Full URL
https://events.bouncex.net/track.gif/article_view?wklz=IYJwLglgxgNgpgLkmeBeA6gC2GApAJgAYBhAewDcIATAWgEYBOAwgBxDimAFdJSA7AM7MBmUlxhVmLOKRbxmYYAGs4zAGakQzCHzBwQfHBH7AYCkMHJwzAZgBiAMlCRYiLiBipMYMCyE2AQQI7YIB3cIA6KD4+KNIAW2CwCyszfDtnaHl0qE0TShAuARoE6BB+GmTLaxpyYCgoHTgaTDhTMEwaUOsYPjgBIXSdKjgADwjveJgncCzECHjgAHM4Lx8-XEDg4KgqWOj9hJ2YvtG8dKpgRPTgAbgwQbt8fDpCOneANheAVgB2GkI+BouXKhgKRRK8TKFSqqVq9UafRabRgHS6PT6AxoAi40hAlTaAjgEQAViwljMXPAECwuAAjS56VBEZ70Qj0fAAFVemwC+F+vPw3wAWpS5ggRgIoCAICxeHxUAAZW7nQjdOBKAjEBStZgAVQAysxiHBdPpBoQNFoiAARCBE26qIhkXTlNKEYB8SREAAK7CsumMfGYnr4Yj4UDg3sIEFVoTEEmYYeYMH4K2thDpTsIix0ih0OiWIeYuS4roAnjQ6ZXSxXzNV3cAqJQBJpy8xSGpjRRqPQmEQZQIlBFmABJQR6JsdrtEW5EgaFnXZ+Cpafdyi0RjaPhqDjy7fMNpQTAl8PJdv4bVEDrZ4g2q9qiAwd0sUgCVVhlz9Dt8GAXtWtMG16tOwIagUQfShMwdQyp6DwdhmpA3hmAixlwRj8BaHQ4Mw8biNGx6eis2jwdeKTWMw7C5PE8SmoyQYCBEYquAg3AdJoqAAEL-gA0kYwDMAAEvcejWg+xAAHIScx1IqOW8YgFQAioLg3ycQQ+CwhRzxahpWA4c6Pabv2rBUWxDHCKI+FSDIcjZooKjqJo26iYY8qmPWq72MwzA0MaUkaapNoyYgRJQPKqBadMmQsTARHoSsqCmiFCBxe+8SkFQzKAkCrwctyhC8jY3y8oQAAcooZSMqCEA43R0qhejUKgNgACy1S2sbNXQHwfH83wMPgDBlQwrytb8DAOCMlCRs1vy-PyvytQwvyEB8Nird8rUfHQZW-A4LDLHAlBwKE3UOESACOXCmrNWX4A4sAQKaPgLP0ijxCwqA9X1vwDTYhCAwwtVPS9wAsBAVggKh-CRcsNhTcd0CrFQF1iCAkaoPVTgrLoqBFPoQA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
topplayer
registry.api.cnn.io/bundles/fave/topplayer-f1aa0f04/
3 MB
996 KB
Script
General
Full URL
https://registry.api.cnn.io/bundles/fave/topplayer-f1aa0f04/topplayer
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f304f45550671582b688cf783331149146bbff148259b7afc87ff1356bdaa145

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
4NMANTF5RVEX3TV4
age
1875
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1019512
x-amz-id-2
PWUIjEi+lthUspviSnFzR0c3AY5gqK1RjczMhYr0UD6zXTKANI7OS4D069dfg4i4sRuEiK2uSJU=
x-served-by
cache-iad-kcgs7200136-IAD, cache-ewr18150-EWR
last-modified
Thu, 13 Oct 2022 22:53:58 GMT
server
AmazonS3
x-timer
S1665759300.165495,VS0,VE0
vary
origin,accept-encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
8, 879
topinstance
registry.api.cnn.io/bundles/fave/topinstance-c92e9f68/
226 KB
48 KB
Script
General
Full URL
https://registry.api.cnn.io/bundles/fave/topinstance-c92e9f68/topinstance
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecf3291968bb9be3ad2ab69d29aef2e02f2ea9b0cde0e1af953038ac6d87f25a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
FRGW90RFXM7X98Y0
age
2041
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
48199
x-amz-id-2
ALBAuUG2yoTigN4ltMKhlH3as7YZPvk4fbYj0Hp0ilmawBj2q5Q6fPmWVZg8ux0c9lgE10r+FvAe8klleH+9uw==
x-served-by
cache-iad-kjyo7100161-IAD, cache-ewr18150-EWR
last-modified
Thu, 13 Oct 2022 22:53:58 GMT
server
AmazonS3
x-timer
S1665759300.165667,VS0,VE0
vary
origin,accept-encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
1631, 731
skeleton.js
static.adsafeprotected.com/ Frame 7E61
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/993073/65715865/skeleton.js?adsafe_url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_med...
  • https://static.adsafeprotected.com/skeleton.js
17 B
462 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 10:04:46 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
3732615
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
coeGl9fSC8lcv4_uNFyjaU7ShYZsc62Gm43F0Fuju7o2cZBov8fl2Q==

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
server
nginx
x-server-name
app16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame D487
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 19:25:35 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
2057366
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
8uzoABuXW4kI_AUxOvo3fD939k_cL_EHtvYx3GTFv8jtlM1w0gJh7g==
setuid
px.ads.linkedin.com/ Frame AC33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L98M2PLK-Y-BTOL
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L98M2PLK-Y-BTOL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F3BCD8A2EA84489D9EADA76322537BEB Ref B: NYCEDGE1620 Ref C: 2022-10-14T14:55:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXq/89j7jzQjWZ62q2UcQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L98M2PLK-Y-BTOL
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame AC33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk4TTJQTEstWS1CVE9M
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk4TTJQTEstWS1CVE9M
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.80.2 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk4TTJQTEstWS1CVE9M
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AC33
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=43be5bfc-2333-45c8-b58e-491325ded701&gdpr=0&gdpr_consent=&expires=30
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=43be5bfc-2333-45c8-b58e-491325ded701&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=43be5bfc-2333-45c8-b58e-491325ded701&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
s.amazon-adsystem.com/ Frame AC33
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iRxwYbCKRdGE4XOmWk8h5A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iRxwYbCKRdGE4XOmWk8h5A
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iRxwYbCKRdGE4XOmWk8h5A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DDFNEFV5CB65WPHAC7F3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iRxwYbCKRdGE4XOmWk8h5A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c3b5432477546c086cd062707f625a76
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AC33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ymGo4LWacyL0b7QpxEAdbg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5625274655601947985
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5625274655601947985
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 14 Oct 2022 14:55:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5625274655601947985
content-length
0
tap.php
pixel.rubiconproject.com/ Frame AC33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKy4gaTUlEfdC5BcA9r8_6E&google_cver=1
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKy4gaTUlEfdC5BcA9r8_6E&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKy4gaTUlEfdC5BcA9r8_6E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame AC33
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
88GZVT4X89EVJWE2PZ39
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AC33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDcyMjU3NmNmNTZjMTg1YTVjNWFhYThkODY5OTY2NTg4MTJlMzU3YQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDcyMjU3NmNmNTZjMTg1YTVjNWFhYThkODY5OTY2NTg4MTJlMzU3YQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.80.2 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDcyMjU3NmNmNTZjMTg1YTVjNWFhYThkODY5OTY2NTg4MTJlMzU3YQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
p.css
p.typekit.net/ Frame 94F6
5 B
195 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=sfa7jox&ht=tk&f=31141.31142.31143.31144.31145.31146.31147.31148&a=73710875&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/sfa7jox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74c1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Fri, 14 Oct 2022 14:55:00 GMT
last-modified
Sat, 02 Oct 2021 08:25:28 GMT
server
nginx
etag
"61581778-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
p.css
p.typekit.net/ Frame 531D
5 B
195 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=sfa7jox&ht=tk&f=31141.31142.31143.31144.31145.31146.31147.31148&a=73710875&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/sfa7jox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74c1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Fri, 14 Oct 2022 14:55:00 GMT
last-modified
Sat, 02 Oct 2021 08:25:28 GMT
server
nginx
etag
"61581778-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
p.css
p.typekit.net/ Frame 9904
5 B
195 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=sfa7jox&ht=tk&f=31141.31142.31143.31144.31145.31146.31147.31148&a=73710875&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/sfa7jox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74c1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Fri, 14 Oct 2022 14:55:00 GMT
last-modified
Sat, 02 Oct 2021 08:25:28 GMT
server
nginx
etag
"61581778-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
jload
pixel.adsafeprotected.com/ Frame B6B5
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=925660&campId=0x0&pubId=100473157&chanId=70774117&placementId=5644072975&pubCreative=138406769406&pubOrder=2684215891&cb=1022928613&adsafe_par&impId=2b13c543-4bd0-11ed-ad97-0a3253e544a7&custom=nat_btf_01&custom2=&custom3=&custom4=&custom5=&custom6=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
/
Resource Hash
77790612c417a0e893fdaf8fb5997054ec60486ea298dc6c8e90fe0611fe7101

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4524
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLbZpcOvnZnVsdJQx1VDBxKyPE3CBs0QqapTYcEe5IGOxyek4nSdRCvGkEsmhhoQug0ni05Gd62aGKWUsxYFyYvMhcAfRGLPXncpKEe3RFHjOTr7RQ5jT8wK3LJdQAhASMyUym6tsQaoHozBSfy8gud0rPBfx6ryrX2jRHeCae6SSnYGQauuDcGjpJjW0miuM6U_UycAKZfYLty6jxpjohWtR4ryirTpWHa2HEXFBPJl7SKdFRTMn-NlmQdKJyrdOUmp7q3DLExuykmTO_J5XiJCkjz5GKW8Bl6QDaX-gjDmRTIGVK8w4bAL8J3HE8KVeF4UWWch-IwZg&sai=AMfl-YSaSdFf0to5eNHp2BW9fNtnhcerhXCrV2roqJPnJxPCkqZC_vNPcINvnlEZriB8F8lbftWWrjHZrT1aaxeQW7qh_ypZUmKfR-ziS019Q48HozIRJ8wsgfXGVo0lrICXVoCgVw&sig=Cg0ArKJSzHQTx48H0CzPEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 14 Oct 2022 14:55:00 GMT
pixel.gif
beacon.krxd.net/
0
337 B
Image
General
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=user_data_timeout&confid=ITb_4eqO&_kpid=e9eaedd3-c1da-4334-82f0-d7e3ff883c87&_kcp_s=CNN&_kcp_d=www.cnn.com&_knifr=20&_kua_kx_tz=0&geo_country=us&geo_region=oh&geo_dma=547&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&_kua_turner_guid=6349783d0e03f40a3f9cef001449eaf6&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=us&_kua_kx_geo_region=oh&_kua_kx_geo_dma=547&_kpa_cnn_site=cnn&_kpa_cnn_rollup=travel&_kpa_cnn_section=leaf&_kpa_cnn_subsection=vls&_kpa_cnn_spec=unlocking_the_world&_kpa_keywords=travel%2C%20What%20Covid-19%20precautions%20should%20people%20take%20for%20international%20travel%3F%20%20-%20CNN&_kpa_cnn.com_url_path_1=travel&_kpa_cnn.com_url_path_2=article&_kpa_cnn.com_url_path_3=coronavirus-omicron-travel-vaccine-health-wellness&_kpa_cnn.com_meta_keywords=travel%2C%20What%20Covid-19%20precautions%20should%20people%20take%20for%20international%20travel%3F%20%20-%20CNN&_kpa_utm_source=hs_email&_kpa_utm_medium=email&_kpa_utm_content=229722043&_kpa_cep_brsf=15LP%2C15LW%2C15PL&_kpa_cep_iabt=14WQ%2C14VD%2C150X%2C14TV%2C1508%2C14YW%2C150W%2C15L8%2C150J&_kpa_cep_sent=16B7&_kpa_cep_tags=2PCG%2C2PCF%2CFBL%2C5GB%2C7QC%2CF8T%2CKKV%2CBLL%2CBLH%2C7QS%2C98L%2C3H0%2CCFT%2C4HTZ%2C7DG%2CHHL%2C4YCG%2C2JP7%2C4YCH%2C2PCC%2C4R5J%2C7X6%2C4HR%2C7X5%2C8DH%2C776TZ%2C92X%2C6MP%2C4QM%2CBLX%2C7M2%2C9W0&t_navigation_type=0&t_dns=17&t_tcp=56&t_http_request=-1&t_http_response=32&t_content_ready=1296&t_window_load=0&t_redirect=0&interchange_ran=true&userdata_was_requested=true&userdata_did_respond=true&store_user_after=xvuufv6ob&_kurl_=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html&userdata_user=PIzqpAw5%2Cxvuufv6ob&sview=1&kplt1=33132&kplt2=23409&kplt3=23410&kplt4=23412&kplt5=23428&kplt6=23438&kplt7=23445&kplt8=23464&kplt9=23474&kplt10=23477&kplt15=23511&kplt16=23548&kplt17=23645&kplt18=26137&kplt19=26604&kplt20=32631&kplt21=32696&kplt23=33127&kplt24=35550&kplt25=37225&kplt26=38371&kplt27=40507&kplt28=41872&kplt29=42101&kplt30=46110&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2Fe9eaedd3-c1da-4334-82f0-d7e3ff883c87%2C662%2Chttps%3A%2F%2Fbeacon.krxd.net%2Fcookie2json%2C554%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C1116%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C1116
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.27.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-27-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n015-ash-prod.krxd.net
date
Fri, 14 Oct 2022 14:55:00 GMT
cache-control
private, no-cache, no-store
x-request-time
D=62 t=1665759300
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 07E5
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.7.104 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-7-104.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 14 Oct 2022 14:55:00 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 9BB2
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
59010
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75a1274bc8501971-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 14:55:00 GMT
expires
Fri, 14 Oct 2022 18:55:00 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 13EF
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
59010
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75a1274bc8531971-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 14:55:00 GMT
expires
Fri, 14 Oct 2022 18:55:00 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 7234
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
59010
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75a1274bc8561971-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 14:55:00 GMT
expires
Fri, 14 Oct 2022 18:55:00 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
main.19.8.355.js
static.adsafeprotected.com/ Frame 6AE5
194 KB
60 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.355.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 15:12:43 GMT
x-amz-version-id
Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
690138
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Oct 2022 10:37:53 GMT
server
AmazonS3
etag
W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ZeINMLlxI0TyIb9mdCgDKgFCYZ4-1V9MoYRwh2hFFwb7v44_cZtM3Q==
main.19.8.355.js
static.adsafeprotected.com/ Frame 94F4
194 KB
60 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.355.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 15:12:43 GMT
x-amz-version-id
Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
690138
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Oct 2022 10:37:53 GMT
server
AmazonS3
etag
W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
P8CiYEvmkxUXkFhwHx5qsuOwZQ4bArKdIlkWQ8CuRHtKB4LiMACv5A==
ba.js
c.evidon.com/geo/ Frame 1806
41 KB
12 KB
Script
General
Full URL
https://c.evidon.com/geo/ba.js?r221006
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1c21ca40115a1dca13f19f9502eb5d432a4a83447bd5232424809f6c8145b9a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 20:22:19 GMT
server
AkamaiNetStorage
etag
"414a7fd221d8372655f8f0d6d31a2501:1665087738.9868"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12424
4.gif
c.evidon.com/a/ Frame 1806
43 B
335 B
Image
General
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/gif
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
4.gif
c.evidon.com/a/ Frame 25A9
43 B
335 B
Image
General
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: c.betrad.com
URL: https://c.betrad.com/durly.js?;ad_wxh=300x250;coid=675;nid=157707;ecaid=6260004;27487929;3083304;346198420;%eexpi
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/gif
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
ba.js
c.evidon.com/geo/ Frame 25A9
41 KB
12 KB
Script
General
Full URL
https://c.evidon.com/geo/ba.js?r221006
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1c21ca40115a1dca13f19f9502eb5d432a4a83447bd5232424809f6c8145b9a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 20:22:19 GMT
server
AkamaiNetStorage
etag
"414a7fd221d8372655f8f0d6d31a2501:1665087738.9868"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12424
4.gif
c.evidon.com/a/ Frame 7E61
43 B
335 B
Image
General
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: c.betrad.com
URL: https://c.betrad.com/durly.js?;ad_wxh=300x250;coid=675;nid=157707;ecaid=6260004;27487929;3083304;346198420;%eexpi
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/gif
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
ba.js
c.evidon.com/geo/ Frame 7E61
41 KB
12 KB
Script
General
Full URL
https://c.evidon.com/geo/ba.js?r221006
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1c21ca40115a1dca13f19f9502eb5d432a4a83447bd5232424809f6c8145b9a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 20:22:19 GMT
server
AkamaiNetStorage
etag
"414a7fd221d8372655f8f0d6d31a2501:1665087738.9868"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12424
main.19.8.355.js
static.adsafeprotected.com/ Frame 1E45
194 KB
60 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.355.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 15:12:43 GMT
x-amz-version-id
Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
690138
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Oct 2022 10:37:53 GMT
server
AmazonS3
etag
W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
3qKVKXRVVEsKUvecAUY4FoCAiru1fvxcxiRFE0q5jQ7XH_I5MzJPqw==
dt
dt.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=f670ba03-9ae8-af2b-b358-264aba3dbb08&tv=%7Bc:r1VDOc,pingTime:-2,time:1477,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:69,bdZ:191,beA:906,beZ:908,mfA:1722,cmA:1724,inA:1725,inZ:1731,prA:1731,prZ:1742,si:1751,poA:1753,poZ:1775,cmZ:1775,mfZ:1775,loA:2168,loZ:2174,ltA:2381,ltZ:2381,mdA:910,mdZ:966%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1YNN%7D,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:844%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1477,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:844,wc:0.0.1600.1200,ac:436.0.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B655~100%5D,as:%5B655~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.993073-65715864%7C1e1%7C1e2%7C1e3%7C1f%7C1g.993073-65715865%7C1g1%7C1g2%7C1g3%7C1h.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i,idMap:1e*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:846,slid:%5Bgoogle_ads_iframe_/8663477/CNN/travel/leaf/vls_0,google_ads_iframe_/8663477/CNN/travel/leaf/vls_0__container__,ad_bnr_atf_01,mount%5D,sinceFw:627,readyFired:true%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=243d9f67-53d7-b892-5bdf-49966da6ec14&tv=%7Bc:r1VDOs,pingTime:-2,time:1485,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:35,bdZ:70,beA:767,beZ:768,mfA:1632,cmA:1633,inA:1633,inZ:1635,prA:1635,prZ:1642,si:1645,poA:1646,poZ:1663,cmZ:1663,mfZ:1663,loA:2038,loZ:2040,ltA:2252,ltZ:2252,mdA:773,mdZ:833%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1YNN%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:878%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1485,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:878,wc:0.0.1600.1200,ac:1050.2542.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B619~0%5D,as:%5B619~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e.993073-65715864%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g*.993073-65715865%7C1g1%7C1g2%7C1g3%7C1h.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i,idMap:1g*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:879,slid:%5Bgoogle_ads_iframe_/8663477/CNN/travel/leaf/vls_2,google_ads_iframe_/8663477/CNN/travel/leaf/vls_2__container__,ad_rect_btf_01,mount%5D,sinceFw:605,readyFired:true%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
match
c1.adform.net/serving/cookie/ Frame 0C21
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 14 Oct 2022 14:55:00 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 14 Oct 2022 14:55:00 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2889
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0l4RAAAAanUSgAT&gdpr=0&gdpr_consent=&_test=Y0l4RAAAAanUSgAT
1 B
317 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0l4RAAAAanUSgAT&gdpr=0&gdpr_consent=&_test=Y0l4RAAAAanUSgAT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:55:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 14 Oct 2022 14:55:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0l4RAAAAanUSgAT&gdpr=0&gdpr_consent=&_test=Y0l4RAAAAanUSgAT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-ewr18177-EWR
x-timer
S1665759301.663304,VS0,VE0
dcm
s.amazon-adsystem.com/ Frame D0EF
43 B
855 B
Document
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 14 Oct 2022 14:55:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
S00CF6DEASPB63G079HA
ecm3
s.amazon-adsystem.com/ Frame 0D13
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 14 Oct 2022 14:55:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
2SHDBNKPVF75PQ7R6S7C
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D54A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wjZ9z3T8SqiOeC1x3N1aww%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=57897
accept-ranges
bytes
content-length
5549
expires
Sat, 15 Oct 2022 06:59:57 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
396846.gif
idsync.rlcdn.com/ Frame D54A
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f343b761-c080-4ea4-9bb1-d785f8a35f99
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f343b761-c080-4ea4-9bb1-d785f8a35f99
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 14 Oct 2022 14:55:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f343b761-c080-4ea4-9bb1-d785f8a35f99
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame D54A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97f46349-7844-4300-86cf-3c860e6e57c7
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97f46349-7844-4300-86cf-3c860e6e57c7
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 14 Oct 2022 14:55:00 GMT
Server
MT3 4539 98cc2da master ord-pixel-x7 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97f46349-7844-4300-86cf-3c860e6e57c7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 14 Oct 2022 14:54:59 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D54A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPs5tkJK4AOA7oMXyaLWlTQ&google_cver=1
42 B
318 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPs5tkJK4AOA7oMXyaLWlTQ&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPs5tkJK4AOA7oMXyaLWlTQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D54A
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:878D02C6705744198FB20951038F4088
0
0
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:878D02C6705744198FB20951038F4088
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date
Fri, 14 Oct 2022 14:55:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:878D02C6705744198FB20951038F4088
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 13 Oct 2022 14:55:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D54A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2810044332467077412&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2810044332467077412&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:55:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2810044332467077412&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame D54A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=43be5bfc-2333-45c8-b58e-491325ded701
42 B
378 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=43be5bfc-2333-45c8-b58e-491325ded701
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_n-inmobi_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:54:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=43be5bfc-2333-45c8-b58e-491325ded701
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
313
ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
pagead2.googlesyndication.com/bg/ Frame 7801
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:55:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15800
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:55:16 GMT
eligible
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=K4RwvAjAZAzgpgcwLZwHYBcD6BLAJjMKAYwEMkAHE7BVPSAZgBYmA2aGAe2ACci4wARl1R8AHlBII06MACsYUJB1z8ADFADucATGzo4dJuoBu2XejoQWLAKwB2GwE4ATI4AcjiKsZ3HUFaZ8dHZ2ziGMjnaqLPRRNoxsbnZQlFKmcBqWsHAgwGhBuGD0xAA22NIWKDDoZOSQ1vZO9Kqq9s6l5Rgk5NjGcNy6HKhgNQjFAdh8YLhAA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=K4RwvAjAZAzgpgcwLZwHYBcD6BLAJjMKAYwEMkAHE7BVPSAZgBYmB2ADlgHtgAnIuMACNuqfgA8oJBGnRgAVjChJOuAQAYoAdziCY2dHDpMNAN2x70dCADZrAVhZ2AnACYnbJxDWMWTqKrN+OhYWFxDGJxY1a3oou0ZrCDYWKEppMzhNK1g4EGA0INwwRmIAG2wZSxQYdDJySFsHZ3o1NQd6MoqMEnJsEzgePU5UMFqEDoDsfjBcIA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=K4RwvAjAZAzgpgcwLZwHYBcD6BLAJjMKAYwEMkAHE7BVPSAZgDYAGZgFjdgHtgAnIuGABGPVAIAeUEgjTowAKxhQkXXIOZQA7nCExs6OHXpsNAN2x70dCI0YBWAOx2AnACZnADmcR2D51DVzAToHB1dQtmcHZkZ6aLs2RggPByhKGXM4TWtYOBBgNGDcMDtiABtsWSsUGHQyckhbRxd6VkdOIgrZEnJsUzhePS5UMDqEegC4IMFcIA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
c0471808583709142fad19339cb10c54.svg
assets.bounceexchange.com/assets/uploads/clients/340/creatives/
5 KB
5 KB
Image
General
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/340/creatives/c0471808583709142fad19339cb10c54.svg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8433f645be5af5d9a0fc33d7ad90e7f9dbfa48dd6ee0b487d3d59d2f70ecc7d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 05:51:29 GMT
age
551011
x-guploader-uploadid
ADPycdteVd8fGwKEqnNvmB8gDPbWlhoCR1RvDZhKYEzuOXevFeO6ty-zJ4n_dEpVORc0-7zUkd0gJkPdD92schkcNQAC2Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5373
last-modified
Thu, 25 Jun 2020 19:27:45 GMT
server
UploadServer
etag
"c0471808583709142fad19339cb10c54"
x-goog-generation
1593113265804475
x-goog-hash
crc32c=ffh7wQ==, md5=wEcYCFg3CRQvrRkznLEMVA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
5373
accept-ranges
bytes
content-type
image/svg+xml
expires
Sun, 08 Oct 2023 05:51:29 GMT
37aa3e760b166d50ce97eddd93a368b7.png
assets.bounceexchange.com/assets/uploads/clients/340/creatives/
6 KB
6 KB
Image
General
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/340/creatives/37aa3e760b166d50ce97eddd93a368b7.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
99303911c8be04851e65f0fb033d9f803a9ec89876d9ecb00c2e878a9b37324b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 00:42:04 GMT
age
1692776
x-guploader-uploadid
ADPycds3k0-zLkJYEIzHUxFbWzX_dQuFbLEy4doZu2Shz9pMx9HwuXyjY2o1FjLChK8hzYIRrRwmAF5lEsBlWYiaDkNVBy9pyoi1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6302
last-modified
Fri, 03 Dec 2021 16:42:59 GMT
server
UploadServer
etag
"37aa3e760b166d50ce97eddd93a368b7"
x-goog-generation
1638549779746574
x-goog-hash
crc32c=WQ5iTQ==, md5=N6o+dgsWbVDOl+3dk6Notw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
6302
accept-ranges
bytes
content-type
image/png
expires
Mon, 25 Sep 2023 00:42:04 GMT
usync.js
eus.rubiconproject.com/ Frame 07E5
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.7.104 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-7-104.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5b2974bacfa07ea37066aafe414ee78e9499e4fbc2e51837b64fc031418cf179

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12435
Connection
keep-alive
Content-Length
9424
Expires
Fri, 14 Oct 2022 18:22:15 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=e8ee9ae9-ec03-cd9d-df06-cd88d46a4021&tv=%7Bc:r1VDPP,pingTime:-2,time:1532,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:36,bdZ:74,beA:753,beZ:755,mfA:1815,cmA:1815,inA:1815,inZ:1817,prA:1817,prZ:1827,si:1830,poA:1831,poZ:1849,cmZ:1849,mfZ:1849,loA:2110,loZ:2113,ltA:2286,ltZ:2286,mdA:757,mdZ:800%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1YNN%7D,gca2:false%7D,clog:%5B%7Bpiv:65,vs:pp,r:,w:300,h:250,t:1076%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:0,pp:1532,pm:0%7D,slEvents:%5B%7Bsl:pp,t:1076,wc:0.0.1600.1200,ac:1050.1038.300.250,am:sp,cc:0.0.300.250,piv:65,obst:0,th:0,reas:,bkn:%7Bpiv:%5B471~50%5D,as:%5B471~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e.993073-65715864%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g.993073-65715865%7C1g1%7C1g2%7C1g3%7C1g4%7C1h*.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k,idMap:1h*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1076,slid:%5Bgoogle_ads_iframe_/8663477/CNN/travel/leaf/vls_4,google_ads_iframe_/8663477/CNN/travel/leaf/vls_4__container__,ad_rect_atf_01,mount%5D,sinceFw:454,readyFired:true%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
server
nginx
x-server-name
dt27.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
pagead2.googlesyndication.com/bg/ Frame 9E58
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:55:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15800
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:55:16 GMT
731697573629176
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/731697573629176?v=2.9.84&r=stable
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
75437f99e78fc61503bee51ddec73ed638680878a47d0edf5fb593be21f87fc4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Oct 2022 14:55:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86288
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
fpzj0khEDXBUFOrFxh53pxck5EsTHL7XsRZOM/LCGQFP+JmTaSOZekRKk4tq0ej8Wu3iQHxqd5FoKFkvRVIQnw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
pagead2.googlesyndication.com/bg/ Frame 0182
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:55:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15800
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:55:16 GMT
track
track1.aniview.com/
0
71 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.cnn.com&sn=185&cd1=AR_18&cd2=no_abtest&cd3=6990990&cd4=sidebar&cd5=11743-84256-%2C12287-0-&ic=0&tgt=0&app=&wi=300&he=168&test=&d36=6.2.56&apppkg=&fv=3&proto=https&clsid=ecd22194-100f-487c-8ec9-d791cc434e01&rando=42&pid=58a5addb28a0612d3529bc5e&cid=5bb9e3c5073ef431390091da&stagid=&stplid=&e=inventory&vi=0&cb=1665759300747
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.209.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-209-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
340
dfp.bouncex.net/pub/
5 B
110 B
XHR
General
Full URL
https://dfp.bouncex.net/pub/340?li=6121155019|5644072975
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
d9b631e93557f39f97520cdb582d0228f9418850461f56b00810834241f279f5

Request headers

Accept
*/*
Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:00 GMT
via
1.1 google
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.cnn.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5
reloadCampaigns.js
cnn.bounceexchange.com/bounce/
102 KB
19 KB
Script
General
Full URL
https://cnn.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=3992&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDZCBWAdhIE4BmABlrMoA5NgAvEKWzAdwFMARjlTA+AfVQATKNQAs3AE58cIADZw0GAoXoAPfACZ6mJTD4KlCqNgCGq1agQBzMXAWqoAC2DAADjgBSagBBAIMAMTDwnhiAOiQEBHiQAFso4AUbADc+VSibBTQkVT4opBAFDGzUBTgcAFpU1CRKhHqM7Nz6rJskJEc+es8+O2BPev57BGVAiMdJPl1Y7xS86nCNFLEUvklUODTqABE+FJtUPINCMU8cFNQgo4MDSjJn2llqMOvbvmRH3wGYIAOQAjux6pQEPh8E5aAB1GA4WSEABCAgEAFUmFldMEAEoANWBAGEUkcnCQAFoAWScwT4MCyJCIJFUAGt8TSAJoAFXCwSYvIAEhBuQBpFIASQACryLMKdiTVOFxeyQDSAFLAAzUdlHTEykDhXmYuDi4H4KW6HDAKX1YU4SQ4AAavPxmrg1FR8KOTDuAE9CWIpUKIN9NmJyghRDHHs9Xu9PhHgFsVG4kKVjrcxKdzqpMFlUMJgFGQCB2ag+FAAmRUWEDKpfA2gqFnt4-LMSCEwiQIr2IjEePFEsk0gY++EOjlLpOCkUSgPwuVWtVag0mi0MO1MjPur1+tMhiNVGMJrlVNMcF25ggFksVrP1pGdnsDr3jnmLgOfncHhPjgTN4jGTCcrhuHA-iQD8jkBEFwTYSFoVhBEkRRdEsRxPEiVJclKVpelGWZVkOS5PkBSFUUJWlOUFSVFU1Q1bVdX1Q1jVNc1LWtW17UdZ03Q9L0fT9QNg1DXlwzAwhI2jWNgBgoCky+KTI3TBRMxgnMv0uAwwhJBsFBbHtnhbAx9OeYsxCcEAxEg690AQIzghgOxIL0htLKcXxbJmBynJc1Q3LII5sHLStq1retniyJzIobcoUl8EpREkWzUCcBA4GbEyQgCtyzIbVQbFtHz7IwMQi0kJyiFIChKBeJhKHwD5GHc547OEcrykQeScuCfA2oMHA4AEe4fF2Vw73MHAV12fzXNKAr2pGsaUrEfgbDGcx5sCxbzKGlaRDWrbfBARxet03KFsG4bRqOiaXKUXYcCcVQQAEOwBAUKsYEcJwdvy-bbtWialGG08cAKPhHABvaG2B+7Ut+nIxj+2ZLuc66loOu7xtShwzAEDQnCe6ZDL6vK4eW3G1qUBwbAEEo1MzdHW0pm7DrxsRfEqLIKz4XxprgGwFlhjmaYm6yQGdYA4BgGAxexhGuZIcpIdZq7dvFkH8dQHJKr4EBFaBzm1vmVAbDscxgA1zGtaV02JoERkKj4LbnfsY34cd1LUESkYkE8HY4wprGTYl1KdhsBAeE8C5Fox9mHYj7YRhjuOSnO4Z7kkSQShGW0vepnWxC+kZK2caYeFtpPw5L3I+BQBzMxjbbQ-tuvEbLVci3XIucZL2PNu2TbRAUGuw+9lOEmhWh++VtaeAqdkOgQHAYAqV9559sQEHS7wkBsbLE8n4uu6J4Qrwnjup5LnB8+PtnT4HrvbTB6-AdvruRDsANt5T063kCYJyfjfM+XNfrACvv-Eu05cjrT4Hwdkqg-7t0-uAtaM0qzIBAZrdBL8uaB0cDYGBXdKgBjsLvPg1dSFc0yBpNBVMCFrTAMAAQYVigjVoWtAoDNmilyUDYCuLgq4fyYQvCaIxSxb0YeLGa31napVEclMesVnhJ10krUQ9gCjcyKsADeChxwYwbBo7WXcNpbQUAIMWwVBpMguq2Gq5AqANUGpVaqxAXH1WYE1FqlBBo2CNn1Oe2MmxqIMB2fwH42yTiXEOEcSQEpLjgbOCI85miLjAsuCoVRe51EaPcLcbRUn7j6AMY8oxxiTEvDMJc8xFjLFTE+DYqZU5vnHN2E4ZxvxSQgvcBSLxgIfGUn2X8UEYJwTBBCKEMI4SImRGiDE2JcQEmJGSCk1I6QMiZCyUgpEeT8kFCKMUkpZTygUIqPgypVTqi1DqPUBojQmjNBaK0No7QOidK6d0npvS+n9CkIMIYww-hkhgOSgzEwgVGVcVSIAMyLS6VpHpOlAm21CftLIvgYp9QGtjKqfUGyEs0ftcmJiTKUv2kgLIjiQjOLqm4pWUgnIkEGk4FoTlZBkEGsY1smLiUsqJc8MgbxRWyFeLQQg1AyC0BICifATAeVUsKrSzxtVXHMEGp4JArhUyvn2DsVF1VBqH0SucDKts4rPHwHIOQhB8UmLrA2LIuKMb4v2qoNVeKvGMq1XY7GtrPjcqYLFZ10U3VOMGl6ul-VfWatDQG-atqdAfFkGGqKBhXUmrCd6918afGJqOINfAJBaBMGoNKjNLrI0hAFc8GN6rvFuKTQ2UtRAyCKurRGpy9bGx5qcQWltxbA1KqYEwfAASiXhqzbW4IfbG0+o1YW2sxa7HBULAUHAABtBYOAV4gG8iLCqxZUCMz4AAXVgAtTd49t0ZOKOIXwNgnCXqgBkOAfBb07pgEVJwOA47eUkKkc4CAr0fq-T0O9KQMB8ADGIB9JRuYvrfZTb927IJN3KggGwOwr1oagzu0AOB8M3sI9uhKSU3YTWEBlLKpHdroYNjZJKNgAx-QY5BdDZchF-SodXbmYM-jAE45Brd26YPTHgzYDQngKhXtRKg2g4pNoWzCLQYUbtVFLVoCSYEwJ0M4EFv0ShiHUNkfE0VEqHUHInskFehlCa-HcsoIZ3yXUEUxgc9x3o7Jfr2DEAsJKIAAzBxE9YcjkgYCAkC9RlAV6EAgFLIIyQAZDM70QAsces17PXsY+RiRqVLHDAUKJ9LKcTpnS83lrjBWd6PUQc6V671PrfUZBxmrYm72FbEGDOAEMoaODK3VlOyM3Zx2cCRzr5WS7AKJsAEmiCybDfEz1umFtz3M2UCt7rO8eYgD5uyAWQsRbmfy+JzwxVbI72UVp8wO2d09aljLOWMAHsYZ3qrEA6t3uyWE2IYAAZBbvZ6w4fWUhDYg53ubS2JRChTYI6tneztDHjcEBed7fxJCH28qxzMYWozDCQOyKHKc-aC16EHYTpOS5R3TvHGnXc6ex3jlnU4Ug86IOKuFxHu2U48eEaIxnXMG5YZwa3Ur02RslxXHkmodRheL0u9I0e01FcTRns1dXRXl6r3XpvXY2vd772ADjo3F8BjXiN-fRBvhrcZBmEbn+KCjeALEMAo3kCr5G9SQgpBLupdI5TlgqCZ3atB5lxNmwRvyGUKF4HvnJd6Fh6649nerD2EVk4QII3vCBD8IF3x+PvO08pyke097oBfD8KkFNgwMoSQAHF1P15JJEIw4RUQABl1MkEb1FBgEBzK0HCEKdT4pxSEnU93nvRhu-CnU2QCAABldTzBZ+0GoMKUJumTTqdkMKXkVJF9HGb0YYUwoN+yG5E3lvmoZTKo+DfhfRhW-D9kPiEgmpF8ukIPv4U+IP+bKRgTARwL+DAZAhAR+a+BgLo6mhANIMo++EANI0+XecBRgZANImitAlA8I3A5GjgDg0wuYqKYgG8SAdQhuCeO6dQfGVYYgFQuYkgr672G2AOh6-CwAL6U2+Asg8IkktAfBhII6QhZaGBQhsgvIU+Rgpa5a6mfB3I8IChZayhshJAXeoa6htAmobmMYHB1euq3B-6DmaIZA3G48MABhXBPBDmGhSB6hXeahYhMoXe6GM8ZYFYVYCOFmd6iWUYb0kEyGJUaAOwMAmQeG76tQqeFGiQVkNkAGIAPAaAwAJQV65W8iZ6E0t240kuJeGG2iRUCgeim0hiKQIOjcmgCAAOQOb6wGOwtozQ6GvQaAOQPkTgYWRuxW5gOeNBGGp0a8rsqUZm72mW00OWtkAxKg48gG72h6oRqAbAuQ8GPMyg1O025QXh4goANkRRr602AgvgXAmAbsRx26F6mAvgNs1glG9MOC5Bf61gUWvg5xUADqBgMIJAZak6mAzxrxJAhAsg8gbwrwJAhYl21gOKUgBAJgp4tRUAZwmUdgsJOGOwUAjgIgJwogYuQAA
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3746513cc9c297dcf9c128f3028b602175145361d5512c68108a03210d6618a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 14 Oct 2022 14:55:00 GMT
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
75
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
reloadcampaigns
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHmJgGsyyAPqxRFNDjQMQvHqwDMAQQUAzKGBzy+vAMILqJNHEajUGXYtUKSwQtYMawUDDgAWaMTHLosCspqfPaOgTyGfIgQWCAAnuLAJmYgFm5Otnya2k4RCjpwJjGiWEgZwTzZOuGRPGQ4gZmVWtV6eXxw5MiMJCAwojLYhMiNFVW5tVICEBaucWhYGKMaLRMKdKBQggsYJSAA7jgWoDpYJMtZqzUK0bEJUIQkHhDAFzyccbwADADSUCZQb4ACRAJF6r3aX30ADlodc+DhkCA4LQwIlkow3uN4TxXKQBkwZMUpm8AIwANnJAFZ2FSAJw8OkADjppK+ABZ2HScTocESsKJOoQzmScXQoHBBOo0GA0QJuhA4ogQCK9E0cTB1MgeKIBL1Cm8sBASKJNjBPm1ajhCHREGgwX1RMKBMAcJ1QDAsVdLfkbXaHf19iB-h4QBCbGNvYp2jxrbb7b1+k8QMgIAtzmrIzkeX6E47NKA+jgMJBxWANmgQNLFl7sz6EbmA6amIQwCQcNQQAta61o1bG4nRNKKKCvIsGpmVnW+77402wGh1CA6I8MIXYuGglPe84G3PB6AF-RGDgIIRgHAmD21nv-YPkMAIBQIIIU2HrbBytubzwPFAjnGd6OrEhw9OC145vujoYBAEAwKQhDqOoEH1rGA6OlSnQdhOEbfjinRnCqJokHESIoTOt55v0C4jlMIAQORu5oVB-QLDAtBaGG7aMTGgFUaIdBVi8o7LuAYA8bUKrwFAYjdBKIDKmcgqhpKEmzkBrEoMGcAeIpGa4Zc05MXxTbKlAWD7F4mKToZO68eh-RmRZVldmcoZ2jAMCMMGpBqZRTYbMG2yLCBOFbrZP4mYO4DIkUWCXoRm5NNiqFRY67oxFAUgOGFyVRsZDmiJZ-yiIg-zgrlWZ2f2LGClgWBsn5zEaUVLzCMA5k4OoLzKp6NnNEZ9m1VgmAeCQCAjP1KUUc1-ErjIsR8k1aX9Dg3mTQZA3Vep-GkCclV4alhX2loFqbdNBW1amYgLkuy2FdKJCLQdEWQS19hZeARUgCAghgGd4VbZFhVupW8Vfq9R21TpCyAlN+VDS1j5xFoeyHPdtUdZeGMtQAViQdCwYIZg2jj-HUPQpgCZswW7KFZNNsGJq9U1IhU2g8FvDwAAK+gAOLfDz+gAGLfMLnAADLfFSfPcDwXzsAAipEXzC0yAAq3w-D8ABq3yS1L8uS0C3xKwAyt8zKG18ShAl83wi5r8vskC6sAFqmwAIgL8tAkC1vsgAmvzgsAFLc+w3xB-oJvy0LKvsgASlSoemwAGuSUdAon6dUt8TKe7HCvsOS7uWzwaffOSACy3NR4r1f6xLlfy+w1fRl8dIAOr26hCwLrEogKegaLdUQOh9edCO1MQOyiJWogvEPMBWE1tB0KIbNwJvbgvTwpLsl3ivfAfOueyfVJfC3XwH+revy6Sl9MifQddxfXxvw-VIS8-X9fKnqUiKbwgMgKmJBd5knJJwSOqENhdWAaA7e4D3Bkm-nXL+EtP43ypNzQ2M04D1UFETSse8LoxiNIKSAOg0j4hMMqdQHVlRvFCD+AhAoYIDGePsEwJBrKbUgm6Gggl+ihTAmGZavRZTUFmP8bqwBEDLVimgYoJEyL9V8MqUgpgcQShMCOAkGA9IM0HEGEMYY6DLVTLgYS-RjCmD4YDMhM8sAujdDYgYVjTyui8BtRx08FAgLoWgAAXuABID4mBEUYuwT2AAyQ80BpIoHQNgfApRlTMAWPaT2oIlExHieARJCBkmYFwHgVRIBmBlSwIQLQsTogCGYF8WJQY6AyF6BzZgSh2TNKkO0zpFJqS0gZMyVkHIuSxIEFIS8nT2DsB4HM9kdJ2BfHJEoFZVJ2TklJEydgsTLAgCkAcAZsSdAAEdHDg06eSWJZgwZgjQJo8BKBmCDJpPSJQXwvhMk7rchcREZJoBHK6ZRWBmDIKUJMw5phKkwFOWeC8lTWmxPSGcZgxAwxAA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:00 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
truncated
/
331 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
740 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
384 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
782 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
395 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
449 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
480 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
577 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
observe.aniview.com/api/adserver/tag/
24 KB
5 KB
XHR
General
Full URL
https://observe.aniview.com/api/adserver/tag/?AV_SUBID=185&AV_CDIM1=AR_18&AV_UID=9cca1e1cb9e58caa374e4e914893b662&AV_CDIM2=no_abtest&AV_CDIM3=6990990&AV_CDIM4=sidebar&AV_CCPA=1YNN&AV_CDIM5=11743-84256-%2C12287-0-&AV_SCHAIN=1.0%2C1!outbrain.com%2C0048938c4af9641f2e04565be89ece5954%2C1%2C%2C%2C&AV_SECURED=1&AV_DNTCHECK=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&AV_CHANNELID=5bb9e3c5073ef431390091da&tgt=0&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.cnn.com&AV_DADPOS=3&d36=6.2.56&responsive=1&sver=2&avtoken=300746&omv=1.0.1&clsid=ecd22194-100f-487c-8ec9-d791cc434e01&rando=42&AV_WIDTH=300&AV_HEIGHT=168&AV_CCPA=1YNN&AV_DNT=0&cb=1665759300915&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.142.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-142-223.compute-1.amazonaws.com
Software
/
Resource Hash
ab2bffcdcab8d3e3089d5cce03970e3e8e3f098be7b846c62c78d773353acf66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 03 Oct 2022 01:08:21 GMT
main.19.8.355.js
static.adsafeprotected.com/ Frame B6B5
194 KB
60 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.355.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 15:12:43 GMT
x-amz-version-id
Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
690138
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Oct 2022 10:37:53 GMT
server
AmazonS3
etag
W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
75YGQe2OePiJ-jl5ylrj4q4olAn1rroezz4_qhphktaLcLzXsV9MpA==
img_logo.svg
s0.2mdn.net/sadbundle/5747938229646881587/ Frame 94F6
1 KB
601 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5747938229646881587/img_logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5747938229646881587/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81772a6dc0845a5249d42fc51bdb1e22d7dcee50773b789b0d3ae18df689af7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5747938229646881587/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254122
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
572
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:19:38 GMT
l
use.typekit.net/af/630ec8/00000000000000003b9ae7f8/27/ Frame 94F6
19 KB
20 KB
Font
General
Full URL
https://use.typekit.net/af/630ec8/00000000000000003b9ae7f8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/sfa7jox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:749a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fad5aa3c80c045f57dfee78896d5d24c800cd550f009346e66a0dc9e1f41ff4e

Request headers

Referer
https://use.typekit.net/sfa7jox.css
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
server
nginx
etag
"db5e7f791427a2b305c5515f9678a0fdff37c0d8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19748
img_logo.svg
s0.2mdn.net/sadbundle/1628148154522689122/ Frame 531D
1 KB
601 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/1628148154522689122/img_logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1628148154522689122/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81772a6dc0845a5249d42fc51bdb1e22d7dcee50773b789b0d3ae18df689af7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1628148154522689122/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
572
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 18:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:26:51 GMT
l
use.typekit.net/af/630ec8/00000000000000003b9ae7f8/27/ Frame 531D
19 KB
20 KB
Font
General
Full URL
https://use.typekit.net/af/630ec8/00000000000000003b9ae7f8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/sfa7jox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:749a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fad5aa3c80c045f57dfee78896d5d24c800cd550f009346e66a0dc9e1f41ff4e

Request headers

Referer
https://use.typekit.net/sfa7jox.css
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
server
nginx
etag
"db5e7f791427a2b305c5515f9678a0fdff37c0d8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19748
img_logo.svg
s0.2mdn.net/sadbundle/3320540508672487973/ Frame 9904
1 KB
601 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3320540508672487973/img_logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3320540508672487973/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81772a6dc0845a5249d42fc51bdb1e22d7dcee50773b789b0d3ae18df689af7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3320540508672487973/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253663
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
572
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:27:17 GMT
l
use.typekit.net/af/630ec8/00000000000000003b9ae7f8/27/ Frame 9904
19 KB
20 KB
Font
General
Full URL
https://use.typekit.net/af/630ec8/00000000000000003b9ae7f8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/sfa7jox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:749a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fad5aa3c80c045f57dfee78896d5d24c800cd550f009346e66a0dc9e1f41ff4e

Request headers

Referer
https://use.typekit.net/sfa7jox.css
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
server
nginx
etag
"db5e7f791427a2b305c5515f9678a0fdff37c0d8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19748
eligible
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=K4RwvAjAZAzgpgcwLZwHYBcD6BLAJjMKAYwEMkAHE7BVPSADgHZ76IBOWAe2ACci4wAI26p+ADygkEadGABWMKEk64BABigB3OIJjZ0cOgGYALBoBu2PejoQAbHYCsjR2wBMbemwhqTjDqqW-HSMjG6hJmyManZG0Y4mdhBMUJTSlnCatrBwIMBowbhgjMQANtgyNigw6GTkkA7OrkZqamztZRUYJOTY5nA8epyoYLUIRlCB2PxguEA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:01 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 4C9D
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 19:25:35 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
2057367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
4Cc430FdGD4iSd5udxOjk7wLm5ze4aR6QJfzhVtRk4i_FOP_m0e2Ig==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=925660&campId=300x250&pubId=38377837&chanId=70774117&placementId=6121155019&pubCreative=138407334265&pubOrder=3001842219&cb=1754621262&adsafe_par&impId=2b1db02d-4bd0-11ed-83d1-02b862816393&custom=rect_btf_01&custom2=&custom3=&custom4=&custom5=&custom6=&adsafe_url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.cnn.com%2F&adsafe_type=f&adsafe_jsinfo=,id:f5561ade-312b-b7be-c30a-8769cdcba2a9,c:r1VDWo,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-f68d76959-7f9jb,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1050.2542.300.250,am:i,cc:1050.2542.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:626,mot:0,app:0,maw:0,fm:tkfygy7+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1g*.925660%7C1g1%7C1g2%7C1g3%7C1g4%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1g*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:645,oid:2cb7b163-4bd0-11ed-a37c-562702f17d93,v:19.8.355,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:01 GMT
server
nginx
x-server-name
app13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 4FE0
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 19:25:35 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
2057367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ftv8KgCuI-WqDxevTQciu155oolDqegtuP8vJvP3zqHfCnMyPs9qQQ==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=925660&campId=728x90&pubId=38377837&chanId=70774117&placementId=6121155019&pubCreative=138407334136&pubOrder=3001842219&cb=868407317&adsafe_par&impId=2b0a9d9f-4bd0-11ed-8703-0e6557286d5b&custom=bnr_atf_01&custom2=&custom3=&custom4=&custom5=&custom6=&adsafe_url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.cnn.com%2F&adsafe_type=f&adsafe_jsinfo=,id:d25c515c-3798-54f7-918f-86af5bf09764,c:r1VDXf,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-f68d76959-8np4t,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.0.728.90,am:i,cc:436.0.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:605,mot:0,app:0,maw:0,fm:tkfygzh+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.925660%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:627,oid:2cc2388c-4bd0-11ed-8da4-5eb1e71d9cf6,v:19.8.355,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:01 GMT
server
nginx
x-server-name
app09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sapient_main.js
s0.2mdn.net/sadbundle/5747938229646881587/ Frame 94F6
2 KB
803 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/5747938229646881587/sapient_main.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ecf37bdb3030ca4681f82d24a04d4488a70e72e7e55600700e1b8562c28f07c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254123
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
774
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:19:38 GMT
sapient_main.js
s0.2mdn.net/sadbundle/1628148154522689122/ Frame 531D
2 KB
842 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/1628148154522689122/sapient_main.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3753e0ae94e8312904d6797d4599bb860fe9217c5ff64a731a1839a0390eae30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253690
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
813
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 18:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:26:51 GMT
sapient_main.js
s0.2mdn.net/sadbundle/3320540508672487973/ Frame 9904
2 KB
811 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/3320540508672487973/sapient_main.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f304bc76902d340b811b13ce202524584f3b8ae5983f1dd1a0a984fbf5aee91f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253664
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
782
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:27:17 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame FAE3
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 19:25:35 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
2057367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
w-3E1LQlrp9_nI-C7oA63_6tbat8pxdpXeuBrkyp20ZVcVXNYnLSMQ==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=925660&campId=300x250&pubId=38377837&chanId=70774117&placementId=6121155019&pubCreative=138406824543&pubOrder=3001842219&cb=674126636&adsafe_par&impId=2b28374b-4bd0-11ed-bc07-0a7d2ca1a63d&custom=rect_atf_01&custom2=&custom3=&custom4=&custom5=&custom6=&adsafe_url=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.cnn.com%2F&adsafe_type=f&adsafe_jsinfo=,id:99a20ad0-4c83-0776-f418-755c57621d91,c:r1VDZa,sl:partialViewPlus,em:true,fr:true,thd:1,mn:jsserver-primary-f68d76959-xqvm4,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1050.1038.300.250,am:i,cc:1050.1038.300.250,piv:65,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:682,mot:0,app:0,maw:0,fm:tkfygzT+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h*.925660%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:708,oid:2ccc71de-4bd0-11ed-b7a5-72fa5b174959,v:19.8.355,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:01 GMT
server
nginx
x-server-name
app10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
157707.js
c.evidon.com/a/n/675/ Frame 1806
2 KB
939 B
Script
General
Full URL
https://c.evidon.com/a/n/675/157707.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ee743cff1dd1f61fc4a3d5d15834f2878e2e1c10b499d5beff9f005b9ed06b70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
content-encoding
gzip
last-modified
Fri, 25 Mar 2022 16:36:36 GMT
server
AkamaiNetStorage
etag
"b209b79c323e8b1b40ad189071f851f2:1648226196.64215"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
*
content-length
644
157707.js
c.evidon.com/a/n/675/ Frame 25A9
2 KB
939 B
Script
General
Full URL
https://c.evidon.com/a/n/675/157707.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ee743cff1dd1f61fc4a3d5d15834f2878e2e1c10b499d5beff9f005b9ed06b70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
content-encoding
gzip
last-modified
Fri, 25 Mar 2022 16:36:36 GMT
server
AkamaiNetStorage
etag
"b209b79c323e8b1b40ad189071f851f2:1648226196.64215"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
*
content-length
644
usermatch
ssum-sec.casalemedia.com/ Frame 6063
1 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e8b23f1553b146025c1fa74fa8cef93438b9ae57bdda32ce31ef990d487f77

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75a12751194018fa-EWR
content-encoding
br
content-type
text/html
date
Fri, 14 Oct 2022 14:55:01 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPzyrWW7XWC1DzD4d2QG3PD3NpYgav%2BC5p2E8xx4filZ0iq3kvROBPVEr%2B51qk3sDqhAGFpB6HhkcijwVZmIIGhbuuOu0VlQs0w%2FFOk646uYPHIJosyKd4A6kSIZuwomczkZ6FfVZoEyyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
157707.js
c.evidon.com/a/n/675/ Frame 7E61
2 KB
939 B
Script
General
Full URL
https://c.evidon.com/a/n/675/157707.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ee743cff1dd1f61fc4a3d5d15834f2878e2e1c10b499d5beff9f005b9ed06b70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
content-encoding
gzip
last-modified
Fri, 25 Mar 2022 16:36:36 GMT
server
AkamaiNetStorage
etag
"b209b79c323e8b1b40ad189071f851f2:1648226196.64215"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
*
content-length
644
usermatch
ssum-sec.casalemedia.com/ Frame 4C16
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f51704c0fc3b79c10bea3396cb18a0f7ebfcd6adef114874f94b023822adf9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75a12751194d18fa-EWR
content-encoding
br
content-type
text/html
date
Fri, 14 Oct 2022 14:55:01 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uR3AeTnE0rHpfoa4%2BiADKXOxNfr%2BwKH%2B%2FgIfWt5psaFbiyPkLTZXXIBGZyYeF0%2BGFGXkLp0VUbYsP7iHcSfK7a7nfJs9n9aHEYjqfEcCwBFbL%2F%2BrJTsmAEumB4NkbgYtUSw5DLOJ%2B1ifhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 84C6
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad24989464f627acf1138c804935dd252c62a1a44e2704016c91c195882ac58

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75a12751499b18fa-EWR
content-encoding
br
content-type
text/html
date
Fri, 14 Oct 2022 14:55:01 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHPNOcas9vmBEmFoN1ePTLr%2F7NIz2%2FvMn66MYEUWCkEcQXBUfmvh6t2mou%2BbGJjIV2qXh41C0CzxaOqa0aMqndlYba4JErvqa%2FQmztFEMMeNV0DxC31k58siu8IPIRZ%2FtBf8w6VXs62kxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=243d9f67-53d7-b892-5bdf-49966da6ec14&tv=%7Bc:r1VE1M,pingTime:-2.1,time:2311,type:a,im:%7Bimprf:%7Bttecl:2630,ecd:442,tsecr:577%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:878%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:2311,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:878,wc:0.0.1600.1200,ac:1050.2542.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1444~0%5D,as:%5B1444~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:627,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e.993073-65715864%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g*.993073-65715865%7C1g1%7C1g2%7C1g3%7C1h.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i,idMap:1g.f5561ade-312b-b7be-c30a-8769cdcba2a9.341_925660%7C1g*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:879,slid:%5Bgoogle_ads_iframe_/8663477/CNN/travel/leaf/vls_2,google_ads_iframe_/8663477/CNN/travel/leaf/vls_2__container__,ad_rect_btf_01,mount%5D,sinceFw:605,readyFired:true,sis:1899%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:01 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
www.facebook.com/tr/
0
204 B
Image
General
Full URL
https://www.facebook.com/tr/?id=731697573629176&ev=PageView&dl=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&rl=&if=false&ts=1665759301424&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665759301421.1304673834&it=1665759300687&coo=false&rqm=GET
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 14 Oct 2022 14:55:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=d25c515c-3798-54f7-918f-86af5bf09764&tv=%7Bc:r1VE2O,pingTime:0,time:971,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:626%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:971,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:626,wc:0.0.1600.1200,ac:436.0.728.90,am:i,cc:436.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B365~100%5D,as:%5B365~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tkfygy7+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.925660%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1g.925660%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:627%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:01 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=f670ba03-9ae8-af2b-b358-264aba3dbb08&tv=%7Bc:r1VE2Z,pingTime:-2.1,time:2394,type:a,im:%7Bimprf:%7Bttecl:2737,ecd:455,tsecr:598%7D%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:844%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:2394,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:844,wc:0.0.1600.1200,ac:436.0.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1572~100%5D,as:%5B1572~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:643,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.993073-65715864%7C1e1%7C1e2%7C1e3%7C1f%7C1g.993073-65715865%7C1g1%7C1g2%7C1g3%7C1h.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i,idMap:1e.d25c515c-3798-54f7-918f-86af5bf09764.365_925660%7C1e*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:846,slid:%5Bgoogle_ads_iframe_/8663477/CNN/travel/leaf/vls_0,google_ads_iframe_/8663477/CNN/travel/leaf/vls_0__container__,ad_bnr_atf_01,mount%5D,sinceFw:627,readyFired:true,sis:1900%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:01 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160065/3904/ Frame 7848
209 KB
65 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160065/3904/pwt.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ce5c73724b1c90b9b70b3528a5e7b25f41676fbac89de38946c80a04bb4ae6a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
content-encoding
gzip
last-modified
Wed, 01 Jun 2022 16:50:40 GMT
server
Apache
etag
"1461a66-344ba-5e065b0747caa"
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=47527
accept-ranges
bytes
content-length
65508
expires
Sat, 15 Oct 2022 04:07:08 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 44C5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=0&gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-AJky0vdE2uGqV7F8LhdYDTGn8SY.kBZtGuPEZms-~A&gdpr=0&gdpr_consent=
0
38 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-AJky0vdE2uGqV7F8LhdYDTGn8SY.kBZtGuPEZms-~A&gdpr=0&gdpr_consent=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.14.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-14-246.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Fri, 14 Oct 2022 14:55:01 GMT

Redirect headers

age
0
content-length
0
date
Fri, 14 Oct 2022 14:55:01 GMT
location
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-AJky0vdE2uGqV7F8LhdYDTGn8SY.kBZtGuPEZms-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cookiesyncendpoint
sync.aniview.com/ Frame 962B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1665759301012-976147915756-007734-012-001359%26bid...
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1665759301012-976147915756-007734-012-001359%26biddername%3D200%26key%3D%5B...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6216615425
  • https://sync.1rx.io/usersync/tradedesk/43be5bfc-2333-45c8-b58e-491325ded701
  • https://sync.targeting.unrulymedia.com/csync/RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1665759301012-976147915756-007734-012-001...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1665759301012-976147915756-007734-012-001359&biddername=200&key=RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005
0
37 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1665759301012-976147915756-007734-012-001359&biddername=200&key=RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.14.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-14-246.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Fri, 14 Oct 2022 14:55:01 GMT

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Fri, 14 Oct 2022 14:55:01 GMT
ETag
RX75cf0fb009ec407bbb4e2c0b1aec98db005
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1665759301012-976147915756-007734-012-001359&biddername=200&key=RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
ac
www3.smartadserver.com/ Frame 7848
16 B
320 B
Script
General
Full URL
https://www3.smartadserver.com/ac?pgid=1365850&insid=10098792&tmstp=9231798592&out=js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:01 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
application/javascript; charset=UTF-8
cache-control
no-cache,no-store
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7848
174 KB
55 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1400:d:592::2c79 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvG_S3DoLPGhaSqBeCR4c-Trr3fHwOe4BE1dL5K7x7KJPEirUjV7ZobgTyxDLT6wWC0JidJFGs8giYk0pxnUvLo2xljKeOW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
55752
last-modified
Thu, 22 Sep 2022 10:35:02 GMT
server
UploadServer
etag
"1795de334800689d8e696cd76eb42c2c"
vary
Accept-Encoding
x-goog-generation
1663842902451355
x-goog-hash
crc32c=mLxcag==, md5=F5XeM0gAaJ2OaWzXbrQsLA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
55752
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 14 Oct 2022 15:00:01 GMT
avpb7.12.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7848
70 KB
24 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a0.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1400:d:592::2c79 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvypcJg5Of6ltAjmXrKrMV78SSpr2SD98_pqpWOzBn1OyMEHoDANDBG-FUXY_OFtl9uBzeLPGcNuOP2nEuLCKUvcQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23786
last-modified
Thu, 22 Sep 2022 10:35:02 GMT
server
UploadServer
etag
"b45baf218cc998a9875aeed985913ffc"
vary
Accept-Encoding
x-goog-generation
1663842902483554
x-goog-hash
crc32c=FyjiGw==, md5=tFuvIYzJmKmHWu7ZhZE//A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
23786
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 14 Oct 2022 15:00:01 GMT
avpb7.12.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7848
62 KB
21 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1400:d:592::2c79 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvW_5eFrKAozhxti9GMhJ58VGTU5L719pfHCQbCvXvmXQlUEns2hV8gJfildOkUGexmESzMfFmvTsYzB_p9slIL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20450
last-modified
Thu, 22 Sep 2022 10:35:02 GMT
server
UploadServer
etag
"1b4766e0324b00513af07d0731e996b7"
vary
Accept-Encoding
x-goog-generation
1663842902531685
x-goog-hash
crc32c=VcLHxw==, md5=G0dm4DJLAFE68H0HMemWtw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20450
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 14 Oct 2022 15:00:01 GMT
avpb7.12.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7848
64 KB
20 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a2.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1400:d:592::2c79 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
80e7aefdd09a701b2862f1f26113eef8d612f7b56ff9a26930898d47364c9a74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvlVrzHeQN1xSkQs_PfPoM18CbEA2S8GV-Ww-o0-rOiAeQbxgc_oZzyoQIOn3SMwZyA1TXIzXebeTVO9FhXpfFcTeeRwi3Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20304
last-modified
Thu, 22 Sep 2022 10:35:02 GMT
server
UploadServer
etag
"782e6b35c06b70341718307b3d3eb363"
vary
Accept-Encoding
x-goog-generation
1663842902549248
x-goog-hash
crc32c=9H2wzA==, md5=eC5rNcBrcDQXGDB7PT6zYw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20304
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 14 Oct 2022 15:00:01 GMT
15596591
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
Fetch
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/15596591?_fw_gdpr=0&_fw_gdpr_consent=&_fw_us_privacy=1YNN&schain=1.0,1!outbrain.com,0048938c4af9641f2e04565be89ece5954,1,,,!aniview.com,58a5addb28a0612d3529bc5e,1,,,&withOMSDK=true&cbb=5759301464
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
6e3918e850a4b73069afd766372fe3487b473f487bbd9c3b9fb5c84876972bfd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:01 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.cnn.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1665759301472091-117
sync
x.bidswitch.net/
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=1665759301012-976147915756-007734-012-001359&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookiesyncendpoint
sync.aniview.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1665759301012-976147915756-007734-012-001359%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1665759301012-976147915756-007734-012-001359&biddername=24&pid=59c9148628a0612da3689288&key=54581ddb-cf4b-4c83-8772-b771adc7cdd3
0
37 B
Image
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1665759301012-976147915756-007734-012-001359&biddername=24&pid=59c9148628a0612da3689288&key=54581ddb-cf4b-4c83-8772-b771adc7cdd3
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
52.86.14.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-14-246.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-length
0

Redirect headers

Location
https://sync.aniview.com/cookiesyncendpoint?auid=1665759301012-976147915756-007734-012-001359&biddername=24&pid=59c9148628a0612da3689288&key=54581ddb-cf4b-4c83-8772-b771adc7cdd3
Date
Fri, 14 Oct 2022 14:55:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzdiNGMwYmI5NjNiZWZiZWY5NWU5ODc3NGRjYzI2Yg==&gdpr=0&gdpr_consent=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzdiNGMwYmI5NjNiZWZiZWY5NWU5ODc3NGRjYzI2Yg==&gdpr=0&gdpr_consent=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Server
142.250.80.2 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:01 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzdiNGMwYmI5NjNiZWZiZWY5NWU5ODc3NGRjYzI2Yg==&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1665759301506017-70
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545
  • https://s.amazon-adsystem.com/ecm3?id=c7b4c0bb963befbef95e98774dcc26b&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=c7b4c0bb963befbef95e98774dcc26b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9X38CX9EQYZDE8Q4AQ4H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:01 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=c7b4c0bb963befbef95e98774dcc26b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1665759301521046-129
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=www.cnn.com&rs=www.cnn.com&sid=55667&t=1665759301&cip=96.9.246.197&sn=185&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=300&he=168&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&aafaid=&proto=https&uid=1665759301012-976147915756-007734-012-001359&cha=0.7&stagid=&stplid=&d35=&d36=6.2.56&cb=21083150230&d39=&d65=&apppkg=&cd3=6990990&cd4=sidebar&cd5=11743-84256-%2C12287-0-&cd1=AR_18&cd2=no_abtest&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=168&nid=58a5addb28a0612d3529bc5e&ncid=5bb9e3c5073ef431390091da&e=request&cb=1665759301471&asid=5ee61625ab721112cd16d8d9%2C61bb50180b841f796b70670e%2C623b55f3dd19e606c31584b6%2C5eba9cc72b571079596c5145%2C623f50764169117a4e6e7118%2C5e0e08b828a06149b55ba9ca%2C62aad82ea591ef6e360193f8%2C62a05f181be31753eb182994%2C61470d0c6ab42a0a3d77b996&ofpr=3.5%2C3.5%2C4.5%2C3.5%2C3.5%2C4%2C4%2C3.5%2C3.5&fpo=%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.209.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-209-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=www.cnn.com&rs=www.cnn.com&sid=55667&t=1665759301&cip=96.9.246.197&sn=185&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=300&he=168&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&aafaid=&proto=https&uid=1665759301012-976147915756-007734-012-001359&cha=0.7&stagid=&stplid=&d35=&d36=6.2.56&cb=21083150230&d39=&d65=&apppkg=&cd3=6990990&cd4=sidebar&cd5=11743-84256-%2C12287-0-&cd1=AR_18&cd2=no_abtest&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=168&&copid=58a5addb28a0612d3529bc5e&nid=59c9148628a0612da3689288&cocid=5bb9e3c5073ef431390091da&ncid=616d760ca5e4006b3c0c82b6&coasid=616d76a0b1e605487e33ff4d&e=request&cb=1665759301471&asid=616d5bef70ccad21f5285278%2C621c7e0c8047b625a05d186e&ofpr=2.75%2C&fpo=%2C
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.209.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-209-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=f670ba03-9ae8-af2b-b358-264aba3dbb08&tv=%7Bc:r1VE4c,pingTime:1,time:2469,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:844%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:2469,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:844,wc:0.0.1600.1200,ac:436.0.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1647~100%5D,as:%5B1647~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:643,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.993073-65715864%7C1e1%7C1e2%7C1e3%7C1f%7C1g.993073-65715865%7C1g1%7C1g2%7C1g3%7C1h.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i,idMap:1e.d25c515c-3798-54f7-918f-86af5bf09764.365_925660%7C1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:846,sis:1900%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:01 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=f670ba03-9ae8-af2b-b358-264aba3dbb08&tv=%7Bc:r1VE4d,pingTime:1,time:2470,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:844%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:2470,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:844,wc:0.0.1600.1200,ac:436.0.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1649~100%5D,as:%5B1649~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:643,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.993073-65715864%7C1e1%7C1e2%7C1e3%7C1f%7C1g.993073-65715865%7C1g1%7C1g2%7C1g3%7C1h.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i,idMap:1e.d25c515c-3798-54f7-918f-86af5bf09764.365_925660%7C1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:846,sis:1900%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:01 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=f670ba03-9ae8-af2b-b358-264aba3dbb08&tv=%7Bc:r1VE4e,pingTime:1,time:2471,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:844%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:2471,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:844,wc:0.0.1600.1200,ac:436.0.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1649~100%5D,as:%5B1649~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:643,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.993073-65715864%7C1e1%7C1e2%7C1e3%7C1f%7C1g.993073-65715865%7C1g1%7C1g2%7C1g3%7C1h.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i,idMap:1e.d25c515c-3798-54f7-918f-86af5bf09764.365_925660%7C1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:846,sis:1900,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:01 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
zionV2
registry.api.cnn.io/bundles/fave/zionV2-1859890d/
127 KB
21 KB
Script
General
Full URL
https://registry.api.cnn.io/bundles/fave/zionV2-1859890d/zionV2
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5831918f8b066574a88e6f574e3b59cf121b69969dd7e1441f2604ce61ea72d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:02 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
Z1M7496DK4EFR8WH
age
1136
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
20743
x-amz-id-2
eHTvJMBx1vTQEVO+kMkdPtZs1WYoyFgdgJZtLyA6972dkEedtpaxsi+0uO6KqRvEf7GbS7++bpg=
x-served-by
cache-iad-kjyo7100033-IAD, cache-ewr18150-EWR
last-modified
Thu, 13 Oct 2022 22:53:58 GMT
server
AmazonS3
x-timer
S1665759303.731798,VS0,VE0
vary
origin,accept-encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
224, 4
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=e8ee9ae9-ec03-cd9d-df06-cd88d46a4021&tv=%7Bc:r1VEpG,pingTime:-2.1,time:3755,type:a,im:%7Bimprf:%7Bttecl:2631,ecd:308,tsecr:528%7D%7D,clog:%5B%7Bpiv:65,vs:pp,r:,w:300,h:250,t:1076%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:0,pp:3756,pm:0%7D,slEvents:%5B%7Bsl:pp,t:1076,wc:0.0.1600.1200,ac:1050.1038.300.250,am:sp,cc:0.0.300.250,piv:65,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2694~50%5D,as:%5B2694~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:543,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e.993073-65715864%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g.993073-65715865%7C1g1%7C1g2%7C1g3%7C1g4%7C1h*.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k,idMap:1h.99a20ad0-4c83-0776-f418-755c57621d91.1654_925660%7C1h*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1076,slid:%5Bgoogle_ads_iframe_/8663477/CNN/travel/leaf/vls_4,google_ads_iframe_/8663477/CNN/travel/leaf/vls_4__container__,ad_rect_atf_01,mount%5D,sinceFw:454,readyFired:true,sis:1913%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:02 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 6063
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7131516223038119427&us_privacy=1YNN
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7131516223038119427&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:02 GMT
AN-X-Request-Uuid
53169659-bd57-4afc-be6c-5e557c2bd7f2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7131516223038119427&us_privacy=1YNN
Connection
keep-alive
X-Proxy-Origin
96.9.246.197; 96.9.246.197; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6063
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB?gdpr_consent=&us_privacy=1YNN&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:89a8:874b:1d82:df0e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6063
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB&gdpr_consent=&us_privacy=1YNN&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:89a8:874b:1d82:df0e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
date
Fri, 14 Oct 2022 14:55:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 6063
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2810044332467077412
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2810044332467077412
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2810044332467077412
pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
113
match.deepintent.com/usersync/ Frame 6063
0
222 B
Image
General
Full URL
https://match.deepintent.com/usersync/113?us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 14 Oct 2022 14:55:02 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum-sec.casalemedia.com/ Frame 6063
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1YNN&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=nn12DaTFKjxqFrRvUj2d&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD23TOGEZEI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=nn12DaTFKjxqFrRvUj2d&us_privacy=1YNN
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=nn12DaTFKjxqFrRvUj2d&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:04 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=nn12DaTFKjxqFrRvUj2d&us_privacy=1YNN
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
135
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6063
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif?us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=d33adbdc-c6a0-45bf-8979-97e8a3cdb74c&expiration=1697295303
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=d33adbdc-c6a0-45bf-8979-97e8a3cdb74c&expiration=1697295303
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=d33adbdc-c6a0-45bf-8979-97e8a3cdb74c&expiration=1697295303
Date
Fri, 14 Oct 2022 14:55:03 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 6063
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1797288116820033575
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1797288116820033575
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1797288116820033575
Date
Fri, 14 Oct 2022 14:55:03 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6063
43 B
102 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y0l4QhsVnrOdD2McikNy5AAA%26026=&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
59276
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75a1275e68fd8c7d-EWR
content-length
43
expires
Sat, 15 Oct 2022 14:55:03 GMT
rum
dsum-sec.casalemedia.com/ Frame 4C16
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0l4RAAAAanUSgAT&us_privacy=1YNN
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0l4RAAAAanUSgAT&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-ewr18177-EWR
pragma
no-cache
date
Fri, 14 Oct 2022 14:55:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1665759303.953564,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0l4RAAAAanUSgAT&us_privacy=1YNN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 4C16
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97f46349-7844-4300-86cf-3c860e6e57c7
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97f46349-7844-4300-86cf-3c860e6e57c7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 14 Oct 2022 14:55:02 GMT
Server
MT3 4539 98cc2da master ord-pixel-x48 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97f46349-7844-4300-86cf-3c860e6e57c7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 14 Oct 2022 14:55:01 GMT
rum
dsum-sec.casalemedia.com/ Frame 4C16
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dQfVo3QM1ahuDIf4JwHM-3ME1qluAof-cQVBdUuf
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dQfVo3QM1ahuDIf4JwHM-3ME1qluAof-cQVBdUuf
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dQfVo3QM1ahuDIf4JwHM-3ME1qluAof-cQVBdUuf
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
r.casalemedia.com/ Frame 4C16
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&us_privacy=1YNN
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&gdpr=0&gdpr_consent=
43 B
765 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&gdpr=0&gdpr_consent=
date
Fri, 14 Oct 2022 14:55:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
crum
dsum-sec.casalemedia.com/ Frame 4C16
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3163447472039705408&expiration=1666968903
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3163447472039705408&expiration=1666968903
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3163447472039705408&expiration=1666968903
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 4C16
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&us_privacy=1YNN
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=2f2ac954-4bd0-11ed-869d-8bd57caea974
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=2f2ac954-4bd0-11ed-869d-8bd57caea974
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:04 GMT
server
Cowboy
Content-Type
image/gif
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=2f2ac954-4bd0-11ed-869d-8bd57caea974
Access-Control-Allow-Origin
*
P3P
CP="NOI OTC OTP OUR NOR"
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
X-RealServer-NX
lga-delivery-7
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
dcm
s.amazon-adsystem.com/ Frame 4C16
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1YNN&gdpr=&gdpr_consent=&id=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FXA7W91J9ZZSN24K64DE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 4C16
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e&us_privacy=1YNN
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=6164ce0f-d93f-f5d6-90dc4d33
43 B
765 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=6164ce0f-d93f-f5d6-90dc4d33
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Fri, 14 Oct 2022 14:55:03 GMT
via
1.1 google
server
nginx/1.22.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=6164ce0f-d93f-f5d6-90dc4d33
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
htw-pixel.gif
cdn.indexww.com/ht/ Frame 4C16
43 B
353 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y0l4QhsVnrOdD2McikNy5AAA%26026=&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
59276
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75a1275e79498c7d-EWR
content-length
43
expires
Sat, 15 Oct 2022 14:55:03 GMT
crum
dsum-sec.casalemedia.com/ Frame 84C6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7131516223038119427&us_privacy=1YNN
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7131516223038119427&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
AN-X-Request-Uuid
67b77bcb-ebf0-4a3b-ba9d-41b37bf103cb
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7131516223038119427&us_privacy=1YNN
Connection
keep-alive
X-Proxy-Origin
96.9.246.197; 96.9.246.197; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 84C6
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB?gdpr_consent=&us_privacy=1YNN&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:89a8:874b:1d82:df0e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 84C6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB&gdpr_consent=&us_privacy=1YNN&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:89a8:874b:1d82:df0e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
date
Fri, 14 Oct 2022 14:55:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 84C6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0l4RAAAAanUSgAT&us_privacy=1YNN
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0l4RAAAAanUSgAT&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-ewr18177-EWR
pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1665759303.452499,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0l4RAAAAanUSgAT&us_privacy=1YNN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
csync.loopme.me/ Frame 84C6
0
131 B
Image
General
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1YNN&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75a1275edf81d15b-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dcm
s.amazon-adsystem.com/ Frame 84C6
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1YNN&gdpr=&gdpr_consent=&id=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VPY9BYFRX1GGYBPMYGBE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame 84C6
0
127 B
Image
General
Full URL
https://match.deepintent.com/usersync/113?us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 14 Oct 2022 14:55:02 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
CookieIndex
rtb.adentifi.com/ Frame 84C6
0
35 B
Image
General
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.159.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-159-16.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 84C6
43 B
103 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y0l4QhsVnrOdD2McikNy5AAA%26026=&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
59276
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75a1275e997a8c7d-EWR
content-length
43
expires
Sat, 15 Oct 2022 14:55:03 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=f5561ade-312b-b7be-c30a-8769cdcba2a9&tv=%7Bc:r1VEs3,pingTime:-2,time:2608,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1030,beZ:1032,mfA:1656,cmA:1657,inA:1657,inZ:1659,prA:1659,prZ:1670,si:1675,poA:1676,poZ:1693,cmZ:1693,mfZ:1693,loA:2016,loZ:2022,ltA:3637,ltZ:3638,mdA:1035,mdZ:1068%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1YNN%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:645%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2608,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:644,wc:0.0.1600.1200,ac:1050.2542.300.250,am:i,cc:1050.2542.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1981~0%5D,as:%5B1981~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tkfygy7+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e.925660%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1g*.925660%7C1g1%7C1g2%7C1g3%7C1g4%7C1h.925660%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1g*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:645,slid:%5Bgoogle_ads_iframe_/8663477/CNN/travel/leaf/vls_2,google_ads_iframe_/8663477/CNN/travel/leaf/vls_2__container__,ad_rect_btf_01,mount%5D,sinceFw:1962,readyFired:true%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=e8ee9ae9-ec03-cd9d-df06-cd88d46a4021&tv=%7Bc:r1VEso,pingTime:1,time:3923,type:p,clog:%5B%7Bpiv:65,vs:pp,r:,w:300,h:250,t:1076%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:0,pp:3924,pm:0%7D,slEvents:%5B%7Bsl:pp,t:1076,wc:0.0.1600.1200,ac:1050.1038.300.250,am:sp,cc:0.0.300.250,piv:65,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2862~50%5D,as:%5B2862~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:543,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e.993073-65715864%7C1e1%7C1e2%7C1e3%7C1e4%7C1f%7C1g.993073-65715865%7C1g1%7C1g2%7C1g3%7C1g4%7C1h*.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k,idMap:1h.99a20ad0-4c83-0776-f418-755c57621d91.1654_925660%7C1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1076,sis:1913%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=d25c515c-3798-54f7-918f-86af5bf09764&tv=%7Bc:r1VEsz,pingTime:-2,time:2568,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1035,beZ:1037,mfA:1640,cmA:1641,inA:1641,inZ:1643,prA:1643,prZ:1656,si:1663,poA:1663,poZ:1682,cmZ:1682,mfZ:1682,loA:2073,loZ:2080,ltA:3603,ltZ:3603,mdA:1040,mdZ:1084%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1YNN%7D,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:626%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2568,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:626,wc:0.0.1600.1200,ac:436.0.728.90,am:i,cc:436.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1962~100%5D,as:%5B1962~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tkfygy7+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.925660%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1g.925660%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.925660%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1e*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:627,slid:%5Bgoogle_ads_iframe_/8663477/CNN/travel/leaf/vls_0,google_ads_iframe_/8663477/CNN/travel/leaf/vls_0__container__,ad_bnr_atf_01,mount%5D,sinceFw:1940,readyFired:true%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
eligible
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=M4Uw5gtiB2AuD6BLAJsAvAMgMYEMIAcdExoU0BGAZgBYaA2cjYAewFcAnLENAIzei4APDDjAxYaAFbAMEZsm4AGDAHcQPYIlggyNZQDdEm2GXJ06AVgDsFgJwAmWwA5b5RdSu2MCw1zJWrewDqWytFOkowi2oGJysMQjFDEBVTJhAAR1YYP2Q0J2wAG0RxEyhgWDx8CnNrO0pFBpiikrgcfER9EHZNZmg0SrBKbxBfbmQgA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=M4Uw5gtiB2AuD6BLAJsAvAMgMYEMIAcdExoU0BGAZgBYaB2ADg2AHsBXAJyxDQCN3o3AB4YcYGLDQArYBggtkPAAwYA7iF7BEsEGRoqAboi2wy5AGzmArHSsBOAEx2Gd8kup07GRUe5k6dA4B1HZ0SuaUYVbU5uQMdBiE4kYgqmbMIACObDB+yGheWAA2iBKmUMCwePgUljb2lEqN1EzFpXA4+IgGIBxaLNBoVWCU3iC+PMhAA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=M4Uw5gtiB2AuD6BLAJsAvAMgMYEMIAcdExoU0BGAZgDYAGWgFgY2AHsBXAJyxDQCMO0HgA8MOMDFhoAVsAwRWyXrQwB3EH2CJYIMpQYqAboi2wy5atQCsAdisBOAEz2AHPfKMb9jEuM8yNjaOgQz2NrTUlOFWDNTkLjYYhBLGIKrmLCAAjuww-sgUKlgANoiSZlDAsHj4FJa2DpS0TVZFpZI4+IiGIJxarNBo1WCUPiB+vMhAA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=M4Uw5gtiB2AuD6BLAJsAvAMgMYEMIAcdExoU0BGADgHZLLyBODYAewFcAnLENAI3ejcAHhhxgYsNACtgGCC2Q8ADBgDuIXsESwQZAMwAWFQDdEW2GXIA2KwFZqthgCYGlBuSUHqTRae5lqaidAgwZqJSs9cNsDKypqDEJxUxBVS2YQAEc2GH9kCnJsABtECQsoYFg8fAobe0c9JUbvYtK4HHxEYxAOLRZoNCqwPQxfRG40ZCA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=d25c515c-3798-54f7-918f-86af5bf09764&tv=%7Bc:r1VEuh,pingTime:1,time:2674,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:626%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2674,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:626,wc:0.0.1600.1200,ac:436.0.728.90,am:i,cc:436.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2068~100%5D,as:%5B2068~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tkfygy7+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.925660%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1g.925660%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.925660%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:627,sis:2631%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=d25c515c-3798-54f7-918f-86af5bf09764&tv=%7Bc:r1VEui,pingTime:1,time:2675,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:626%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2675,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:626,wc:0.0.1600.1200,ac:436.0.728.90,am:i,cc:436.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2069~100%5D,as:%5B2069~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tkfygy7+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.925660%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1g.925660%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.925660%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:627,sis:2631,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=d25c515c-3798-54f7-918f-86af5bf09764&tv=%7Bc:r1VEuj,pingTime:1,time:2676,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:626%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2676,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:626,wc:0.0.1600.1200,ac:436.0.728.90,am:i,cc:436.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2070~100%5D,as:%5B2070~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tkfygy7+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.925660%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1g.925660%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.925660%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:627,sis:2631,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
reloadCampaigns.js
cnn.bounceexchange.com/bounce/
102 KB
19 KB
Script
General
Full URL
https://cnn.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=3987&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDZCBWAdhIE4BmABmv2ss2AC8QpbMB3AUwCMcqYLwD6qACZRqAFi4AnXjhAAbOGgwFCtWgA98AJh2ZFMXvMXyo2AIYqVqBAHNRceSqgALYMAAOOAFJqAEEAgwAxMPDuGIA6JAQEeJAAWyjgeRsAN14VKJt5NCQVXiikEHkMbNR5OBwAWlTUJEqEeozs3PqsmyQkR156z147YE96vnsEJUCIxwleXVjvFLzqcPUU0RTeCVQ4NOoAEV4Um1Q8g0JRTxwU1CCjgwNKMmfaGWow69veZEffAZggA5ACObHqlAQ+HwTloAHUYDgZIQAEL8fgAVQAHFldMEAEoANWBAGEUkcnCQAFoAWScwV4MCyJCIJBUAGsCbSAJoAFXCwWxfIAEhAeQBpFIASQACnyLCKdqSVOEJRyQLSAFLAAzUDlHTGykDhPmYuAS4H4aW6HDAaX1EU4CQ4AAafIJWrg1FR8KO2LuAE8iaJpcKIN9NqJyggRLHHs9Xu9PpHgFtlG4kKVjrdRKdzipMFlUEJgNGQCAOaheFAAmRUWEDCpfI2gqFnt4-LMSCEwiQIn2IjFuPFEsk0gZ++EOjlLlOCkUSoPwuVWtVag0mi0MO1MrPur1+tMhiMVGMJrkVNMcN25ggFksVnP1lGdnsDn3jvmLoOfncHpOxyJm8RgppOVw3DgfxIJ+RyAiC4KsJC0KwgiSIouiWK4vixJkhSVJ0gyTIsmynLcvygrCmKkoyvKirKqq6qajqeoGkaJpmhaVo2naDpOi67qet6vr+kGIZhnyEbgYQUYxnGwCwcByZfNJUYZvIWawbm36XAYYSko28itr2zytgYBnPCWohOCAohQTe6AIMZwQwHYUH6Y2VlOL4dkzI5zmuSo7lkEc2AVlWNZ1g2zxZM5UWNuUKS+CUIgSHZqBOAgcAtqZISBe55mNioNh2r5DkYKIxYSM5RCkBQlAvNilD4B8ZCUB5zz2UIFXlIgCm5cE+AdQYOBwPw9w+Lsrj3uYOCrrsAVuaUhWdWNE2paIfA2GM5iLUFy0WSNa3CBtO2+CAjj9XpeVLcNo3jSdU2uYouw4E4KggPwdj8PI1YwI4Th7QVh33etU2KKNZ44AUvCOEDB2NqDj1pf9ORjADszXS5t0rUdD2TWlDhmPw6hOC90xGQN+UI6t+MbYoDg2PwJTqVmmNttTd3HQToi+JUWSVrwvizXANgLPDXN01NNkgC6wBwDAMAS7jSM8yQ5TQ+zN37ZLYOE6gORVbwIDKyD3MbfMqA2HY5jAFr2M6yr5tTfwTIVLwO2u-YpuI87aWoElIxIJ4OzxlTONm1LaU7DYCDcJ4FzLVjnNO1H2wjHHCclJdwz3BIEglCMdo+7TeuiD9IxVs40zcPbKeR2XuS8CgjlZrGu3h47DfI+Wa7FhuJd42X8fbds20iPIdcR77acJNCtCD6rG3cBUHIdAgOAwBUb6L37ogIBl3hIDYOXJ9Ppc9yTQjXlPXcz2XOCF6fHPn0PPd2hDt-A-fPfCHYga7zTudHyRMk4vzvhfHm-1gA30AWXGcuRNq8F4ByFQADO7f0gRtOa1ZkBgO1pgt+PNg6OBsHAnulRAx2H3rwWu5CeaZE0hgmmRCNpgGAPwcKxQxr0I2gUJmzRy6KBsFXFwNcv4sKXlNEYZYd7MMlnNX6rs0riJShPOKzwU56RViIewBRebFWAFveQE4saNi0brHuW0dryH4BLEKw1mRXTbLVcgVBGrDSqjVYgbiGqUCai1GQbVho2BNgNBeuNmwaIMJ2fwn52xTmXMOUcSRErLgQXOCIC5mhLnAiuCoVR+51EaPcbcbQMkHj6AME8oxxiTCvDMZc8xFjLDTM+DYaZ07vgnD2E4ZwfzSUgvcRSLwQIfBUv2P80FYLwTBBCKEMI4SImRGiDEOI8SEhJOSSkNJ6SMmZKyUgZFeQCiFKKcUUo5QKnkEqXgKo1Qam1LqfUhpjSmnNJaa0tp7SOmdG6D0XofR+gDCkYMoZwy-lkhgeSIykygQmVcNSIBMzLV6dpfpukQn2wiYdLIvhYoDSGrjaqA1Gwku0YdSmZjTI0sOkgLIziQiuPqh4lWkgapEsOk4FozkgnDVMW2HFZL2WkueGQN44qZCvFoIQagZBaAkBRPgbEZAzKHRUAy7xdUqB0E5Y2TwSBXBpjfPsHYGKarDWPklc4mV7bxWeIwT4Sq4r1kbFkAlWMKVFU1YSnx9VdV1iOMNR1sgyDYhddFAw7rnJeueBqxlg0-U6toENBxuNGDaA+DICNbqPVtljU2H1WNmXJtTUG9NJBaDYmoLKnNMU80hCFXGotLik00BTYG4NhyyDKrrVGhtwQm2FoTSW9tZbg0quxNifA7VSWuvrTG4a8atW+IDQ49doUeiTwANoLBwGvEAPkxaVRLKgZmvAAC6sAlpFgKDgbd2TihiF8DYJwl6oAZDgLwW9O6YDFScDgBOPkJCpHOAgK9n7v1bvvSkDAvBAyiEfSUXmr733Ux-feqCLcKoIBsDsK96HoPbtADgAjN6iOJWSh7KaQhMrZTI-tDD26ja2WSjYQMAMGNQSYxXERAMaG115hDP4wAuNQbvdu2D0wEM2HUJ4CoV7UToNoBKbaVswi0BFB7dRK1aCkmBMCJjOBhb9GoUhtD5GJPFVKl1RyJ6JBXtHY1ZqrVmBEdsz1ZFsZHM8d6Byf69hRALGSiAQModRPWCIxIGAgIgvUZQFe4zGBlDyCM3vRACxJ7zQc9exj7m97WOGPIMTaW05nQut53L3H8tp2esgl071PrfV+kyTjVXxM7qkWlCGcAoYw0cCVmrZdUYewTs4Uj7XStl1ASTYAZNkEU0GxJrrogGZW3PazJQS3Ot7z5iAAWHIhYizFhZvLEnPAlTsnvVR2nzDbcw3vGWcsFYwHu9ulb6sQCaze3JETohgCBmFm9lbDhDaSGNsDveltrYlEKBNwjy296u2MaNgQl43t-AkMfHybGszhejMMJAHJIdpwDsLXoIcRMk7LjHTOidqc91p-HROOdTiSALsgkqEWEc7bTrx0R4iGc8ybthvB7diuTaGz3VchSah1CF8vC7sjx6zQV1NOeLU1dpRXvINemQN7GLfFr-eh9gDY+N1fAYN5jeP2Qb4G3GQZjG7-mg43wDRCgON9Am+xuMlIJQa7yXiO044Ogqd6rwey4kNw8byh1DBdB952XRh4eOsPbTuwzhlZuH8GN-w-ggj+f8YTzz9PjdR5G8T-e0AvhBGSAmwYWUpIADiGnG+kkiEYcIqIAAyGmSDN+irQMgEALK0HCMKDTEoJREg073vvRhe8ig0yPgAyhp-xC-6AigiXp00GmZAij5NSFfRxW9GBFCKLfMgeQt7b1qWUqrQK3+X0YdvY+ZAEhIFqFfrpCAH5FAJF-xIA02xCOFf2HzIEIGPw3wMFdA00IFpFlAPwgFpDnx73gKMDIFpG0VoEoHhC4CI0cAcGmDzAxVEC3iQDqF2DezqH42rFEAqDzAkDfTe3W3+0PUEWAFfQm3wBkHhCkhTRkCJHLRTUrUwKEL5FnyMHwErXDRkJv3hA01kIRGUJIB73kLENoC1CMz+xry4J4MczRDIB40nhgA4Nr0NW4IA0c3UOQJkPUKUIcNlB7yYznnLErGrHh0sx3QQFsmKC+2fS53+wDiZEyHww-VqDT23XcJsjsnk24DQGABKCvVK0UTPSmhu0mgl1L3e10WKnkAMW2kN2B2bg0AQH+0B3fRAx2DtGaCY16DQByF8icHC2N0K3MFzyr3e3Og3ndjSnM1oJmiy36Lsl6JS0A1QHt26MPTQHuFYFyAQz5iUCp0m3KE8LEFAFsgKLfUm34F8E4EwA9gOO3QvUwF8DtmsEo0ZjwQoP-WsGi18FOKgEIEMBhBIErRnUwEeOeJIEIBkDkDeFeBICLAu2sHxUkAIBMDPCqKgEeIMDixEBQGhNwx2CgC3XWxKCAA
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
a04419a2b5dc6eeea8efbcaaf31d64ff8b2becbc3cde17e2e3daa6d44af2dcc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 14 Oct 2022 14:55:03 GMT
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
74
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
reloadcampaigns
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHmJgGsyyAPqxRFNDjQMQvHqwDMAQQUAzKGBzy+vAMILqJNHEajUGXYtUKSwQtYMawUDDgAWaMTHLosCspqfPaOgTyGfIgQWCAAnuLAJmYgFm5Otnya2k4RCjpwJjGiWEgZwTzZOuGRPGQ4gZmVWtV6eXxw5MiMJCAwojLYhMiNFVW5tVICEBaucWhYGKMaLRMKdKBQggsYJSAA7jgWoDpYJMtZqzUK0bEJUIQkHhDAFzyccbwADADSUCZQb4ACRAJF6r3aX30ADlodc+DhkCA4LQwIlkow3uN4TxXKQBkwZMUpm8AIwANnJAFZ2FSAJw8OkADjppK+ABZ2HScTocESsKJOoQzmScXQoHBBOo0GA0QJuhA4ogQCK9E0cTB1MgeKIBL1Cm9ETEcC8eYQ6Ig0GC+qJhQJgDhOqAYFirm1ajhzZbrf19iB-h4QBCbGM3Yp2jxPRarb1+k8QMgIAtzmrQzkzdGfaJNKA+jgMJBxWANmgQNLFq70+78l6YzaToQwCQcNQQAtK61wx7a1npRRQV5Fg1Uysq12a5nY6IwGh1CA6I8MLnYsGgqPO84ET2p6AZ-RGCbCMA4EwO2st5ObchgBAKBBBAmg57YOV1+eeB4oEco96p7FDj04Jnhmv42hgEAQDApCEOo6jAdWF6gf0VKdC2w4hm+OKdGcKokKIJBxEi8Hjohdb9DO-ZTCAEDEZukbbjaCwwLQWhBs2tERj+ZGiHQZYvAO87gGAHG1Cq8BQGI3QSiAypnIKgaSiJE5IaIaAoP6cAeLJKYYZcY50VxWbKlAWD7F4mIjnpG6cQx-TGaZ5ltmcgaWjAMCMP6pBKaRWYbP62yLP+6FrlZ76GVO4DIkUWAnjhq5NNiCH0Ze-ROjEUBSA4wUJWGBm2aIZn-KIiD-OC2VptZ3YpYKWBYGy3nJSp+wvMIwAmTg6gvMqLqWc0+k2dVWCYB4JAICMvWJSRjXcQuMixHyDXhTaOAeeNul9ZVyncaQJzlZhSVLf0VpaJ8E25QNKmJmIM5zot+XSiQ817aFIHcfYGXgAVIAgIIYCnetk15dVjqljFr4vQd+WaQsgJnf1VUqTecRaHshx3dVbUnujKkAFYkHQEGCGY5rY9x1D0KYPGbAFuxBaTWb+nh3UNSIlNoFBbw8AACvoADi3zc-oABi3xC5wAAy3xUrz3A8F87AAIqRF8QtMgAKt8Pw-AAat8EuS3LEtAt8isAMrfMyBtfEoQJfN8wsa3L7JAmrABaJsACL83LQJAlb7IAJp8wLABSXPsN8gf6MbcuC8r7IAEpUiHJsABrkpHQIJ2nVLfEyHsx-L7Dkm7Fs8Kn3zkgAslzkcK1XevixXcvsFX4ZfHSADqdtJQsM6xKIMnoGinVEDoPUA+dtTEDsqmpC8g8wFYDW0HQ+EQMglMkG4z08KS7Kdwr3z79rHvH1SXzN18+9q7rcukhfTLH4Hnfn18r-31S4tP5-XwpwduF16bzgPhHeZJyScAjklDYHUgFbzAb1B+4ta6f3Fh-a+VIuYGymnAWqgpCall3oDCMWAZhmAgDoNI+ITDKnUG1ZUbxQjvlwQKcCAxnj7BMCQCy60MyOhoLxfoQVAJBkWr0WU1BZj-E6sARAi0opoGKARIivVfDKlIKYHEEoTD9gJBgbS9Mpx+gDEGOgi1Ey4H4v0YwpgeEhQ2u+O0T4nTLQsSaB0Xg1r2OIbUDeNC0AAC9wAJGvEwXCtF2AewAGS7mgOJFA6BsD4FKMqZgVAaD7hADE8AcSEAJMwLgPAyiQDME1NqXUoIopROiAIZgXwol+joDIXo7NmBKHZPUqQzTWkUmpLSBkzJWQci5FEgQUgTytPYOwHgUz2R0nYF8ckSgFlUnZOSUkTJ2BRMsCAKQBwelRJ0AAR0cGDHpPAolmFBmCNSTBt4oGYL0mk9IlDWwpEoS5M5cISTQP2B0iisDMG3hgD5YzTAlJgIciAR4TzMEaVE9IZxmDECDEAA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
/
d.agkn.com/pixel/10106/
43 B
596 B
Image
General
Full URL
https://d.agkn.com/pixel/10106/?atr=cnn,CNN
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:e400:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
via
1.1 14b9e21ac67dd643dc9e782cb20c49a2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
CZIv0sqGrOzEMo3JKIyj84bfFeixe58uI1iuVUzphB4P6T0xTedqpw==
expires
Sat, 01 Jan 2000 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D54A
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=99a20ad0-4c83-0776-f418-755c57621d91&tv=%7Bc:r1VExh,pingTime:-2,time:2822,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1008,beZ:1011,mfA:1690,cmA:1691,inA:1691,inZ:1694,prA:1694,prZ:1707,si:1716,poA:1716,poZ:1733,cmZ:1733,mfZ:1733,loA:3364,loZ:3369,ltA:3829,ltZ:3829,mdA:1013,mdZ:1046%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1YNN%7D,gca2:false%7D,clog:%5B%7Bpiv:65,vs:pp,r:,w:300,h:250,t:707%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:0,pp:2822,pm:0%7D,slEvents:%5B%7Bsl:pp,t:707,wc:0.0.1600.1200,ac:1050.1038.300.250,am:i,cc:1050.1038.300.250,piv:65,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2139~50%5D,as:%5B2139~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tkfygy7+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e.925660%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1g.925660%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h*.925660%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1h*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:708,slid:%5Bgoogle_ads_iframe_/8663477/CNN/travel/leaf/vls_4,google_ads_iframe_/8663477/CNN/travel/leaf/vls_4__container__,ad_rect_atf_01,mount%5D,sinceFw:2114,readyFired:true%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 6335
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
URL: https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 19:25:35 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
2057369
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
E_JeNIgxNjZUM8Xzt_6BhfNN4akQrsJ4j4X87Asoa28W2iJgfzvf1A==
mon
pixel.adsafeprotected.com/ Frame B6B5
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=925660&campId=0x0&pubId=100473157&chanId=70774117&placementId=5644072975&pubCreative=138406769406&pubOrder=2684215891&cb=1022928613&adsafe_par&impId=2b13c543-4bd0-11ed-ad97-0a3253e544a7&custom=nat_btf_01&custom2=&custom3=&custom4=&custom5=&custom6=&adsafe_url=https%3A%2F%2Fwww.cnn.com%2F&adsafe_type=ce&adsafe_url=https%3A%2F%2F12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:2c94ee7d-2de0-0b01-9846-0dfa17e1a01b,c:r1VEyf,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-f68d76959-dz5rl,rg:va,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:2427,mot:0,app:0,maw:0,fm:tkfygGG+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e2%7C1e3%7C1e4%7C1e5%7C1f*.925660%7C1f1%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o1%7C1p%7C1q,idMap:1f*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:2462,oid:2d43c4a2-4bd0-11ed-aa6f-023cf72af680,v:19.8.355,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-183-251.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
server
nginx
x-server-name
app01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B6B5
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=2c94ee7d-2de0-0b01-9846-0dfa17e1a01b&tv=%7Bc:r1VEyh,pingTime:-8,time:2463,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:2463,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:2460,wc:0.0.1600.1200,ac:NaN.NaN.634.507,am:i,cc:NaN.NaN.634.507,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B33~1%5D,as:%5B33~634.507%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkfygGG+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e2%7C1e3%7C1e4%7C1e5%7C1f*.925660%7C1f1%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o1%7C1p%7C1q,idMap:1f*,rmeas:1,rend:1,renddet:IMG.qs,siq:2463%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
www.facebook.com/tr/ Frame 7CC8
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.cnn.com
Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.cnn.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:55:03 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sapient_util.js
s0.2mdn.net/sadbundle/1628148154522689122/ Frame 531D
4 KB
2 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/1628148154522689122/sapient_util.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6049c58b12c6586f1e7b90c2026cecbffff05a42734dd148ce099bb6dd527dee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253692
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1905
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 18:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:26:51 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 531D
27 KB
10 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TweenLite.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
555e3bb894a81d951e881702b3715c04e40b327fbec9e1bfcea66f69492f1993
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2729906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9145
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-6d74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6lWsCqzDRo5Kol9rgUCKY1q1l20ZSxft%2FTbEIEXEKwZXEtZIX8Q6H5imrXiFSSaQjeGOTVv8I%2BDT6r4PFaCbAbzxWudSovCF74ScotnVibOeXmXl7AgzkKPKOjsdQCwlpoxM4P1w0T1SnY727X0DvDP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4f94d15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
TimelineLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 531D
13 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TimelineLite.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee84db1f5f304547a1b594a3fc6caefb75a924403a9d1dc438382159be4e90a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
157752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4378
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-3400"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LF2EqsC0U5juwQF5Y8gYN3qu2WvLH%2F6%2F9kPuROTkGWmJkBqsY49bnX9FsIHDO8fpRKhV7a97mXj0rCXI6FRmSwK0KZpXWXN0NdwlkcO3TEc0ySm6uPvPseByOQycWstk%2FdjS54T%2FXXIT4%2FuQUb9EX2v"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4f95d15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/easing/ Frame 531D
6 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/easing/EasePack.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a6cadfa76475c13f40dcf77cd4d97313ca8f416fde2021893fd87ee49db97a5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2729906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1904
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-16cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlIjaAq%2F5oT6MH7nq3sjqmw9Tr2RYb3Kup1BUPjhaWp7uoSo5o8pTCdprLiotwVnzShjGTnh1bHbinbUkEYDOWTp5%2FFWNOyJk7qBctGD3a6zU%2B2wovLdgTnrflShQJMBbuVc0AumX77iROg5D8%2FfOuuz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4f96d15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/plugins/ Frame 531D
43 KB
15 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/plugins/CSSPlugin.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18e59e93eb33a02283c2c315cf4f25cb4f1cb19473a45a52f9e65c4e215796
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2729906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15028
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-aaa4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lu0GJxwEDywj%2BGDC%2F6KTo5blzb9In1ExgzvsSd%2B7z0jilomv1r8l6zfOX2ay%2FTWBLl1dfTYL8DOYbrsHIPBk9nKoFxXZOUXskPzcBG9wwwHTU4D6NaetZcS3oDLj7p35RntMsRBYO0kjneUroutYIvyi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4f97d15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
CSSRulePlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/plugins/ Frame 531D
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/plugins/CSSRulePlugin.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4134746487ee6ef220ac3d38bb213de9e003967065b9edc38e6d59402d1f1798
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
139401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
863
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-7b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaP2lZqfpGOr05beFincAYGenHj3OwiSMIGTOZN2drpOp%2FQeOlLXvnAj2yQvZHyuio8zvm26UNnjTlf7ijhH8o6JX74dAbjyx0K6dTNTTIKmRXejWfivBV%2FPH%2BBLZIkXmnBuM%2BUT6iMuvlEdkeTPx8Z0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4f98d15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
sapient_util.js
s0.2mdn.net/sadbundle/5747938229646881587/ Frame 94F6
4 KB
2 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/5747938229646881587/sapient_util.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6049c58b12c6586f1e7b90c2026cecbffff05a42734dd148ce099bb6dd527dee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254125
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1905
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:19:38 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 94F6
27 KB
10 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TweenLite.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
555e3bb894a81d951e881702b3715c04e40b327fbec9e1bfcea66f69492f1993
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2729906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9145
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-6d74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmXV1QTiQ5cDLnSKDH9T2rHIjxTbfAT9%2FGmcuzaNfC4IL6SJnv0qP1sp3YBcjPkDiIWLwi43MhZcNfdgoqBlh7gtsvWUoZ6FB6EmKwrH4FFn74la%2BykJCiZiFi56COzKO1VKFIcnxKgrLGjM0mDPGVpx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4f99d15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
TimelineLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 94F6
13 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TimelineLite.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee84db1f5f304547a1b594a3fc6caefb75a924403a9d1dc438382159be4e90a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
157752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4378
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-3400"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHCmB6MhvgrWOyPD8q3LyfQpi8tt9etgT2ghJnsLbhorRXw4QYNCOk3I2y7Wb2Y4dqnOKSWLWG0SX1owO5tGpa9hwAesNooTh9CGz9AeXErc%2BV7TCygPcvOqJMswH0nlC8QOhC8aU8imAykfg2V%2BRf30"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4f9ad15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/easing/ Frame 94F6
6 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/easing/EasePack.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a6cadfa76475c13f40dcf77cd4d97313ca8f416fde2021893fd87ee49db97a5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2729906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1904
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-16cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqo7fYDzEbPzMKkW90Dqe%2F2Lio0G2HYpIaROXNYtIkB5sGyHdqiDSPu%2F9zXYGNomIqNzItjsaXJOMLZ9LG%2F77iSMQX2OJ3ML6iltNFgzx4IAgK2N%2Fv06uKnazmTm6OoLD2A%2BfBdprdICndigtD9btW56"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4f9bd15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/plugins/ Frame 94F6
43 KB
15 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/plugins/CSSPlugin.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18e59e93eb33a02283c2c315cf4f25cb4f1cb19473a45a52f9e65c4e215796
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2729906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15028
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-aaa4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENF%2BzW9CSNjACE2bUL%2FuA%2BeKbwewimj15ZOCtcGOds5vyh00hdV29pe%2BePcC8iKlvLeihnolxk0jwqcugVXp6nyqo5TnDUsbGUy7t9V48UaOQO6N5GfIjZlLqpBjdVdParQDa%2BfY0szVOhX%2FbF%2BpRUCl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4f9cd15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
CSSRulePlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/plugins/ Frame 94F6
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/plugins/CSSRulePlugin.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4134746487ee6ef220ac3d38bb213de9e003967065b9edc38e6d59402d1f1798
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
139401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
863
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-7b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm8FWHMQIrWqwwAWmHrYYhZoOy1q6UWkqnfIaCGX7K1Dd4i0d2HrD6TUB8TibjVaImv7tfITcWjvT4wdCtDVHw4YpCjJ61zvAm1dYJ%2BuJwgsiE1S83p84dw%2FcbuqCa2JlpR5GY%2B3XKhmnWlCE0rDkxeY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4f9dd15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
sapient_util.js
s0.2mdn.net/sadbundle/3320540508672487973/ Frame 9904
4 KB
2 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/3320540508672487973/sapient_util.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6049c58b12c6586f1e7b90c2026cecbffff05a42734dd148ce099bb6dd527dee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253666
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1905
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:27:17 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 9904
27 KB
10 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TweenLite.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
555e3bb894a81d951e881702b3715c04e40b327fbec9e1bfcea66f69492f1993
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2729906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9145
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-6d74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsPBNegf0jqR1kEEUgYkjo2niLuZdeA86DaufXRt0bxAX6klAR636jTPBvvDYbEwd4JcxLXxtpfzOfG9eewJI3EaGdBXroKk6glo6eyez1afDydb14xT1ft6h1nWCMAPbh7U2kMi7hbX2xFsmftzJs20"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4f9ed15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
TimelineLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 9904
13 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TimelineLite.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee84db1f5f304547a1b594a3fc6caefb75a924403a9d1dc438382159be4e90a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
157752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4378
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-3400"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FguQGGnyW471RmlWSXtpZ3%2BcD6KZkTA34d%2FafPyv252%2FAScmiXh4UI7e6jKm2U46awbKyo%2Fs6K4D4715Ch24xPdMMnLudfOvjWoLyFcj4H%2BLl9yCeo%2B3epsUYK3tD8bwKepLSLF7gi1cMSMjG67qw7E"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4f9fd15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/easing/ Frame 9904
6 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/easing/EasePack.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a6cadfa76475c13f40dcf77cd4d97313ca8f416fde2021893fd87ee49db97a5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2729906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1904
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-16cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAU50np4sKmjXotJfrzpoMFbtpXUvASn896Bg9bK003vSs4hI2H1vLV06i7P5VJHMN%2FdSK4fym28NubTSlft%2FEGLP24dtv8WcYsRp2h0pq%2BUWoGdIFhmNMC3DDSCZ0NddapT3HJrLorqNEwKQ2TVxYyb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4fa0d15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/plugins/ Frame 9904
43 KB
15 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/plugins/CSSPlugin.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18e59e93eb33a02283c2c315cf4f25cb4f1cb19473a45a52f9e65c4e215796
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2729906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15028
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-aaa4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2e6%2Baq%2FEUhDYH3LDqQkkV3YPPYk5%2BzF7Zq6uG54cCRI84GerhYf06qTtpDAb5Vi4z3530jElY4%2Bh43sh71xgXDHJbOWj4V49HMHoF346JfMSLAdDoVAIpHMcf%2F4nRDcmSiWeOiu%2B%2Fz8zKPS%2FTWiJExq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4fa1d15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
CSSRulePlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/plugins/ Frame 9904
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/plugins/CSSRulePlugin.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4134746487ee6ef220ac3d38bb213de9e003967065b9edc38e6d59402d1f1798
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
139401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
863
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-7b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpXjtM4EwtNrxwWvUzlQ30%2B%2BLh4hzdidVw3fhuRHGEvTvvOEbBG6tYSdSXqedCzA5hUZaEYnEdsuwX5NYLXMY1ojQn%2F6FiKANh4od8%2B0mXgAdGDAC1ab8OLrhfoUSbwivXx%2FN0ZKMpCUOqinCou9kTF2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a1275f4fa2d15b-BUF
expires
Wed, 04 Oct 2023 14:55:03 GMT
dt
dt.adsafeprotected.com/ Frame B6B5
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=2c94ee7d-2de0-0b01-9846-0dfa17e1a01b&tv=%7Bc:r1VEBA,pingTime:-3,time:2668,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:634,h:507,t:2461%7D,%7Bpiv:0,vs:o,r:l,t:2667%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2668,n:2667,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:2460,wc:0.0.1600.1200,ac:NaN.NaN.634.507,am:i,cc:NaN.NaN.634.507,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B237~1,0~0%5D,as:%5B237~634.507%5D%7D%7D,%7Bsl:o,t:2667,wc:0.0.1600.1200,ac:NaN.NaN.634.507,am:i,cc:NaN.NaN.634.507,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~634.507%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkfygGG+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e2%7C1e3%7C1e4%7C1e5%7C1f*.925660%7C1f1%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o1%7C1p%7C1q,idMap:1f*,rmeas:1,rend:1,renddet:IMG.qs,siq:2463%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
server
nginx
x-server-name
dt27.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B6B5
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=2c94ee7d-2de0-0b01-9846-0dfa17e1a01b&tv=%7Bc:r1VEBD,pingTime:-6,time:2671,type:i,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2671,n:2667,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:2460,wc:0.0.1600.1200,ac:NaN.NaN.634.507,am:i,cc:NaN.NaN.634.507,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B237~1,0~0%5D,as:%5B237~634.507%5D%7D%7D,%7Bsl:o,t:2667,wc:0.0.1600.1200,ac:NaN.NaN.634.507,am:i,cc:NaN.NaN.634.507,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~634.507%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkfygGG+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e2%7C1e3%7C1e4%7C1e5%7C1f*.925660%7C1f1%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o1%7C1p%7C1q,idMap:1f*,rmeas:1,rend:1,renddet:IMG.qs,siq:2463%7D&tpiLookup=ao:www.cnn.com*&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:03 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B6B5
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=2c94ee7d-2de0-0b01-9846-0dfa17e1a01b&tv=%7Bc:r1VELU,pingTime:-2,time:3308,type:a,im:%7Bsf:1,pom:1,prf:%7BbeA:663,beZ:665,mfA:3089,cmA:3090,inA:3090,inZ:3095,prA:3095,prZ:3115,si:3124,poA:3126,poZ:3150,cmZ:3150,mfZ:3150,loA:3332,loZ:3338,ltA:3970,ltZ:3970,mdA:667,mdZ:702,idA:3152,idZ:3202%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:634.507,dom:body%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:634,h:507,t:2461%7D,%7Bpiv:0,vs:o,r:l,t:2667%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:3308,n:2667,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:2460,wc:0.0.1600.1200,ac:NaN.NaN.634.507,am:i,cc:NaN.NaN.634.507,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B237~1,0~0%5D,as:%5B237~634.507%5D%7D%7D,%7Bsl:o,t:2667,wc:0.0.1600.1200,ac:NaN.NaN.634.507,am:i,cc:NaN.NaN.634.507,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B642~0%5D,as:%5B642~634.507%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkfygGG+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e2%7C1e3%7C1e4%7C1e5%7C1f*.925660%7C1f1%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1o1%7C1p%7C1q,idMap:1f*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:2463,sinceFw:844,readyFired:true%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=99a20ad0-4c83-0776-f418-755c57621d91&tv=%7Bc:r1VEMz,pingTime:1,time:3770,type:p,clog:%5B%7Bpiv:65,vs:pp,r:,w:300,h:250,t:707%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:0,pp:3770,pm:0%7D,slEvents:%5B%7Bsl:pp,t:707,wc:0.0.1600.1200,ac:1050.1038.300.250,am:i,cc:1050.1038.300.250,piv:65,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3086~50%5D,as:%5B3086~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:915,fm:tkfygy7+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e.925660%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f.925660%7C1f1%7C1g.925660%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h*.925660%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:708,sis:2825%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame 55F3
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44410240&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2b3b88b319275cceb70794d043367e228c95151241e5eae0ce365f2c11c24ccb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 14:55:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
player-ui.min.js
turnip.cdn.turner.com/top/player-ui/2.12.1-30/
280 KB
66 KB
Script
General
Full URL
https://turnip.cdn.turner.com/top/player-ui/2.12.1-30/player-ui.min.js
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::17db:5ddb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c4ced9b65799c47270c5f92809e9ed6471d838d8fffba5aa0fb5f33a719e9d33
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:04 GMT
content-encoding
gzip
strict-transport-security
max-age=86400
akamai-grn
, , , , 0.d75ddb17.1665759304.2690852
server-timing
cdn-cache; desc=HIT, edge; dur=1
last-modified
Wed, 28 Sep 2022 20:03:59 GMT
server
AkamaiNetStorage
etag
"47b640c9e4342cd35c3ac01b175bdd1d:1664395438.712647"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts
cache-control
max-age=1209600
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
player-ui.min.css
turnip.cdn.turner.com/top/player-ui/2.12.1-30/
26 KB
9 KB
Stylesheet
General
Full URL
https://turnip.cdn.turner.com/top/player-ui/2.12.1-30/player-ui.min.css
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::17db:5ddb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
351f4a610470ff4bc5cdc7763f3a5efd757cab0b4281b8d746bc6af1868b79ec
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:04 GMT
content-encoding
gzip
strict-transport-security
max-age=86400
akamai-grn
, , , 0.d75ddb17.1665759304.269084e
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
8437
last-modified
Wed, 28 Sep 2022 20:03:59 GMT
server
AkamaiNetStorage
etag
"f4f76eebd15fc6e8f3647f276fef1a0b:1664395439.469917"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts
cache-control
max-age=1209600
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=f670ba03-9ae8-af2b-b358-264aba3dbb08&tv=%7Bc:r1VERO,pingTime:-10,time:5545,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665759304591%7C%7C114c316be0d5f4dd03edc7b2d8b1104f%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7Ce058f4089a845fdabb9739a2171e5d28%7C%7Cb1d5c29a62bdd374025942aaf66425d2%7C%7C00dc60c0ee2ebe3c3c22d5fa5276d74e%7C%7Ccaffae3006374c1292ab830ac86b42d7%7C%7Cf4853e57f3bffce8a05b65130467fa5a%7C%7C1663701684%7D
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cnn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cnn.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 14 Oct 2022 14:55:04 GMT
server
ATS/9.1.10.25
translator
hbopenbid.pubmatic.com/
0
57 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cnn.com
date
Fri, 14 Oct 2022 14:55:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ortb
bid.contextweb.com/header/
0
183 B
XHR
General
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
Access-Control-Allow-Origin
date
Fri, 14 Oct 2022 14:55:04 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
x-no-bid-reason
Passback by decision
pbjs
htlb.casalemedia.com/openrtb/
36 B
502 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=462720&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%225beb32d9c3540f%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email%22%2C%22page%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%225e0e08b828a06149b55ba9ca%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2267db05e0708112%22%2C%22ext%22%3A%7B%22siteID%22%3A%22462720%22%2C%22tid%22%3A%221d8536ba-c540-49f4-8d55-0d7979350d08%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B300%2C168%5D%5D%2C%22w%22%3A300%2C%22h%22%3A168%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A4%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22outbrain.com%22%2C%22sid%22%3A%220048938c4af9641f2e04565be89ece5954%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f39f22304f2df8c4c15400083b11ce03c42177a05523a4c91c81d0db17c3e06c

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TUpHEH74Z5WclRwGKNwSadxmPADSnsOA3S02IWwJY6UH6zLCt4QMLmRkQcphbRCmncTvL%2BM8MCzjtVrpSCQNL9wfoa3RD4mY7gYDDpDES4gPpH%2Bjak%2FHyJ8od0zgJT51A%2FyDFGs"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.cnn.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75a127661cd8c45c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/
0
113 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cnn.com
date
Fri, 14 Oct 2022 14:55:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.97 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cnn.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/
66 B
464 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6f53a1e9098a082a68ffb4f873eacaede8a4d9e5e3d403687c5a8f11b5084505

Request headers

Referer
https://www.cnn.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Oct 2022 14:55:04 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cnn.com
access-control-allow-credentials
true
content-length
66
mvo
tag.1rx.io/rmp/249808/0/
0
158 B
XHR
General
Full URL
https://tag.1rx.io/rmp/249808/0/mvo?z=1r&hbv=7.12,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cnn.com
pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
tag
q017o-jh7o1.ads.tremorhub.com/ad/
949 B
1 KB
XHR
General
Full URL
https://q017o-jh7o1.ads.tremorhub.com/ad/tag?adCode=q017o-ac6hc&playerWidth=300&playerHeight=168&srcPageUrl=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&supplyCode=q017o-jh7o1&mediaId=VideoId&schain=1.0,1!outbrain.com,0048938c4af9641f2e04565be89ece5954,1,,,&transactionId=ca5adb4c-505c-42ca-95b0-cf8b4dd2bd19&floor=USD:3.5&referrer=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&us_privacy=1YNN&hb=1&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:24bb:c108:40f2:28b8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Oct 2022 14:55:04 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.cnn.com
content-type
text/html;charset=utf-8
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-language
en
content-length
949
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
644 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=28305682&componentId=prebid&componentSubId=mustang&timestamp=1665759304662&pKey=-1037323244&_fw_us_privacy=1YNN&schain=1.0%2C1!outbrain.com%2C0048938c4af9641f2e04565be89ece5954%2C1%2C%2C%2C!aniview.com%2C58a5addb28a0612d3529bc5e%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&playerSize=300x168
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.cnn.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1665759304653076-162
ortb
bid.contextweb.com/header/
0
17 B
XHR
General
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cnn.com
access-control-expose-headers
Access-Control-Allow-Origin
date
Fri, 14 Oct 2022 14:55:04 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
x-no-bid-reason
Passback by decision
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=d25c515c-3798-54f7-918f-86af5bf09764&tv=%7Bc:r1VEWc,pingTime:-10,time:4405,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665759304864%7C%7C89e7ec62172dbf049162b6f24a76c1b4%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C2705638674b2d4afd093e92f168080d2%7C%7C42059e9dfd55bcbfcc614ce71176c5db%7C%7Cc9cf0d6608ccabe0469d97307342f022%7C%7C4203067dcf786b4a94139aae7a7fa6da%7C%7C545d3dc4cdcf8c314e00f12bb37b2d4d%7C%7C1663701684,env:%7Bar:d25c515c-3798-54f7-918f-86af5bf09764.80%7D%7D
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=99a20ad0-4c83-0776-f418-755c57621d91&tv=%7Bc:r1VEWI,pingTime:-10,time:4399,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665759304895%7C%7Cd40d46ce3f730e93274ad0701690f494%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C19624e3b5cdd445005f616e95c3bd840%7C%7Cdaaed286e7c7018ee71e3eda7577e6e0%7C%7C14a17ac34ad5db5d5eac23735647447d%7C%7C31e5b95871b46dddbed69484860f6643%7C%7Cb2958fb9ae5ec01505a346adfb18e934%7C%7C1663701684,env:%7Bar:99a20ad0-4c83-0776-f418-755c57621d91.80%7D%7D
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
eligible
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=M4Uw5gtiB2AuD6BLAJsAvAMgMYEMIAcdExoU0BGAZgBYaA2cjYAewFcAnLENAIzei4APDDjAxYaAFbAMEZsm4AGDAHcQPYIlggyNZQDdEm2GXJ06AVgDsFgJwAmWwA5b5RdSu2MCw1zJWrewDqWytFOkowi2oGJysMQjFDEBVTJhAAR1YYP2QKSmwAG0RxEyhgWDx8CnNrO0p3BwsikrgcfER9EHZNZmg0SrACn0QuNGQgA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=M4Uw5gtiB2AuD6BLAJsAvAMgMYEMIAcdExoU0BGAZgBYaB2ADg2AHsBXAJyxDQCN3o3AB4YcYGLDQArYBggtkPAAwYA7iF7BEsEGRoqAboi2wy5AGzmArHSsBOAEx2Gd8kup07GRUe5k6dA4B1HZ0SuaUYVbU5uQMdBiE4kYgqmbMIACObDB+yBTU2AA2iBKmUMCwePgUljb2lO6O5sWlcDj4iAYgHFos0GhVYJTeIL48yEA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=M4Uw5gtiB2AuD6BLAJsAvAMgMYEMIAcdExoU0BGAZgDYAGWgFgY2AHsBXAJyxDQCMO0HgA8MOMDFhoAVsAwRWyXrQwB3EH2CJYIMpQYqAboi2wy5atQCsAdisBOAEz2AHPfKMb9jEuM8yNjaOgQz2NrTUlOFWDNTkLjYYhBLGIKrmLCAAjuww-sgUVtgANoiSZlDAsHj4FJa2DpSMTtQlZXA4+IiGIJxarNBo1WCUPiB+vMhAA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/
42 B
60 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=M4Uw5gtiB2AuD6BLAJsAvAMgMYEMIAcdExoU0BGADgHZLLyBODYAewFcAnLENAI3ejcAHhhxgYsNACtgGCC2Q8ADBgDuIXsESwQZAMwAWFQDdEW2GXIA2KwFZqthgCYGlBuSUHqTRae5lqaidAgwZqJSs9cNsDKypqDEJxUxBVS2YQAEc2GH9kCitsABtECQsoYFg8fAK7BwY9TwZbcmLSuBx8RGMQDi0WaDQqsD0MX0RuNGQgA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=f5561ade-312b-b7be-c30a-8769cdcba2a9&tv=%7Bc:r1VEZu,pingTime:-10,time:4681,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665759305068%7C%7Cce8dc36f0a0215adc489dca5db395c2f%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7Cc02b60cd1ccff2cb54f505538eafac23%7C%7C487bb6428551353f792757acb6e2a52f%7C%7C618d3a7f8bebc0e814a6dfaf82d0b120%7C%7C0afccacea751bae70acb869ce9913824%7C%7C3558c4ea3e4b3e5c4224ad311a74f5d4%7C%7C1663701684,env:%7Bar:f5561ade-312b-b7be-c30a-8769cdcba2a9.80%7D%7D
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:05 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
psm.json
lightning.warnermediacdn.com/cdp/psm/brands/cnn/webapp/web/release/3.1.2/
79 B
422 B
Fetch
General
Full URL
https://lightning.warnermediacdn.com/cdp/psm/brands/cnn/webapp/web/release/3.1.2/psm.json
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
617988e22d374aa7a01f59efd3fabaad1601943ade41f8c8006e29ff86a5174a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:05 GMT
content-encoding
gzip
content-length
87
last-modified
Wed, 28 Sep 2022 20:02:21 GMT
server
AkamaiNetStorage
etag
"0f2549570246f0810a755a5d15632702:1664395341.743091"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.cnn.com
access-control-allow-methods
*
cache-control
max-age=215
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 14 Oct 2022 14:58:40 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CF03
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFRGVrN0drdkVBQUI1VnA2M3VUZw&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEDek7GkvEAAB5Vp63uTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEDek7GkvEAAB5Vp63uTg&pid=558502&do=add
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAEDek7GkvEAAB5Vp63uTg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEDek7GkvEAAB5Vp63uTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5095224376267906723
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEDek7GkvEAAB5Vp63uTg
42 B
280 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEDek7GkvEAAB5Vp63uTg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 14 Oct 2022 14:55:06 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEDek7GkvEAAB5Vp63uTg
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D3EE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:97f46349-7844-4300-86cf-3c860e6e57c7&gdpr=0&gdpr_consent=
42 B
346 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:97f46349-7844-4300-86cf-3c860e6e57c7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 14 Oct 2022 14:55:05 GMT
Expires
Fri, 14 Oct 2022 14:55:04 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master ord-pixel-x57 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:97f46349-7844-4300-86cf-3c860e6e57c7&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 0507
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yBxsqMkXbKPTFz7zmhp18M4fb6LTGT71zB7Dsfqb
42 B
360 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yBxsqMkXbKPTFz7zmhp18M4fb6LTGT71zB7Dsfqb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 14 Oct 2022 14:55:05 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yBxsqMkXbKPTFz7zmhp18M4fb6LTGT71zB7Dsfqb
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
image2.pubmatic.com/AdServer/ Frame 1AEF
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_65f95a0236824e23b0efd
42 B
298 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_65f95a0236824e23b0efd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Fri, 14 Oct 2022 14:55:04 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_65f95a0236824e23b0efd
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 7507
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2f2ac954-4bd0-11ed-869d-8bd57caea974
42 B
343 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2f2ac954-4bd0-11ed-869d-8bd57caea974
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 14 Oct 2022 14:55:05 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2f2ac954-4bd0-11ed-869d-8bd57caea974
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-7
server
Cowboy
usersync.aspx
dis.criteo.com/dis/ Frame 7076
43 B
362 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:55:04 GMT
expires
Fri, 14 Oct 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
424866
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9616
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4YcvVatpQRlHac9ZHs6pq2AJ9sU
42 B
284 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4YcvVatpQRlHac9ZHs6pq2AJ9sU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Oct 2022 14:55:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4YcvVatpQRlHac9ZHs6pq2AJ9sU
Pug
simage2.pubmatic.com/AdServer/ Frame A0F8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:e8hOHL8z1OJm5z5&gdpr=0&gdpr_consent=
42 B
215 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:e8hOHL8z1OJm5z5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 14 Oct 2022 14:55:05 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:e8hOHL8z1OJm5z5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0278aba86f220c900@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4300
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=699232399620
42 B
209 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=699232399620
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=699232399620
Pug
simage2.pubmatic.com/AdServer/ Frame 6E5F
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=s5BD93-aM
42 B
225 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=s5BD93-aM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=s5BD93-aM
vary
Origin
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame F507
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005&rndcb=4292773886
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2da24d39-36ac-4537-8e1e-fa5cf644c790&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/54581ddb-cf4b-4c83-8772-b771adc7cdd3?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005
42 B
358 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Fri, 14 Oct 2022 14:55:05 GMT
ETag
RX75cf0fb009ec407bbb4e2c0b1aec98db005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
i.match
s.tribalfusion.com/z/ Frame 6970
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
424 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
75a1276a590bd153-BUF
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
75a12769b8eed153-BUF
content-type
text/html
date
Fri, 14 Oct 2022 14:55:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
47
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame EF95
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d33adbdc-c6a0-45bf-8979-97e8a3cdb74c&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
42 B
497 B
Document
General
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.5.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-5-141.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Fri, 14 Oct 2022 14:55:05 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 14 Oct 2022 14:55:05 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
/
csync.loopme.me/ Frame C080
0
0
Document
General
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75a127699914d15b-BUF
date
Fri, 14 Oct 2022 14:55:05 GMT
server
cloudflare
Pug
simage2.pubmatic.com/AdServer/ Frame A6D8
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7190457051879055423&uid=Q719045705187905...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7190457051879055423
42 B
363 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7190457051879055423
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=42439
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Fri, 14 Oct 2022 14:55:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7190457051879055423
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
pub
matching.truffle.bid/sync/ Frame 6808
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 14 Oct 2022 14:55:05 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
image2.pubmatic.com/AdServer/ Frame 7F95
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Uldthyd0AaGBQR3eSXhJYw
42 B
228 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Uldthyd0AaGBQR3eSXhJYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Uldthyd0AaGBQR3eSXhJYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 276F
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1e00769e-42e2-4e6f-a351-c3a1eaf3ffd2-tucta42fdc9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1e00769e-42e2-4e6f-a351-c3a1eaf3ffd2-tucta42fdc9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Fri, 14 Oct 2022 14:55:05 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ewr18170-EWR
x-timer
S1665759305.384462,VS0,VE23

Redirect headers

accept-ranges
bytes
content-length
0
date
Fri, 14 Oct 2022 14:55:05 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1e00769e-42e2-4e6f-a351-c3a1eaf3ffd2-tucta42fdc9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ewr18180-EWR
x-timer
S1665759305.292350,VS0,VE2
x-vcl-time-ms
2
cookiesync
core.iprom.net/ Frame 5671
43 B
279 B
Document
General
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 14 Oct 2022 14:55:05 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-09a5f2160a71@version_1.528v3
X-core-time
0ms
X-server-arch
v2
33141
tags.bluekai.com/site/ Frame 55F3
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=43be5bfc-2333-45c8-b58e-491325ded701&icm&gdpr=0&gdpr_consent=&cver
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b634e9e09fa8272d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=2f043a78a432c272ed2107d3793e2e88&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=77b5de23e4257d51
62 B
423 B
Image
General
Full URL
https://tags.bluekai.com/site/33141?&id=77b5de23e4257d51
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 14 Oct 2022 14:55:07 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=77b5de23e4257d51
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 55F3
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&addseg=10,33,39
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&addseg=10,33,39
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date
Fri, 14 Oct 2022 14:55:05 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&addseg=10,33,39
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 55F3
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:05 GMT
Frontend-ID
8
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:05 GMT
Frontend-ID
3
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 55F3
43 B
654 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-100.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:05 GMT
via
1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P3
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
DrnlIKew-KlRX-KF7cebuIk3ge0bzYhC1Oc3eQVDCp6cZ98aJOtjBQ==
expires
0
C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 55F3
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3?gdpr=0&gdpr_consent=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:89a8:874b:1d82:df0e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 55F3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HszbWylE2uVL_mKbjgr.2M_43K6NGgw-~A&gdpr=0&gdpr_consent=
0
129 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HszbWylE2uVL_mKbjgr.2M_43K6NGgw-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HszbWylE2uVL_mKbjgr.2M_43K6NGgw-~A&gdpr=0&gdpr_consent=
date
Fri, 14 Oct 2022 14:55:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 55F3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0602a09a-9f21-4e5d-ac24-dc5606f0b66d&gdpr=0&gdpr_consent=
1 B
255 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0602a09a-9f21-4e5d-ac24-dc5606f0b66d&gdpr=0&gdpr_consent=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0602a09a-9f21-4e5d-ac24-dc5606f0b66d&gdpr=0&gdpr_consent=
Date
Fri, 14 Oct 2022 14:55:05 GMT
Connection
keep-alive
X-CI-RTID
3c1e8bb8-de93-4628-9281-c716c00ff3ff
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame 55F3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7131516223038119427&gdpr=0&gdpr_consent=
42 B
218 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7131516223038119427&gdpr=0&gdpr_consent=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:05 GMT
AN-X-Request-Uuid
a047781a-a476-4fd0-8884-19bb6e8c1d9f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7131516223038119427&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
96.9.246.197; 96.9.246.197; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 55F3
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=25c1ad91c0101483&is_secure=true&networkId=17100&version=1&nuid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHSY3L4uHTPwMYJt5-AAAAAAA&expiration=1665845705&nuid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&...
42 B
266 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHSY3L4uHTPwMYJt5-AAAAAAA&expiration=1665845705&nuid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:05 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHSY3L4uHTPwMYJt5-AAAAAAA&expiration=1665845705&nuid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 55F3
0
34 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.159.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-159-16.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:05 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 55F3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&gdpr=0&gdpr_consent=
42 B
218 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&gdpr=0&gdpr_consent=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:04 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c465da82-33be-4311-84c5-c60565b4654b-63497843-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame 55F3
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_F7BEF837_22BD5B1A&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B
Image
General
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Server
204.2.255.233 Bear, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-348746105; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:05 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-348746105; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Fri, 14 Oct 2022 14:55:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 55F3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=54581ddb-cf4b-4c83-8772-b771adc7cdd3&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_f95d0d40-91ff-4467-88ce-c4ad708bc18b&bsw_param=54581ddb-cf4b-4c83-8772-b771adc7cdd3&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=54581ddb-cf4b-4c83-8772-b771adc7cdd3&gdpr=&gdpr_consent=&gdpr_pd=
1 B
203 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=54581ddb-cf4b-4c83-8772-b771adc7cdd3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=54581ddb-cf4b-4c83-8772-b771adc7cdd3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 14 Oct 2022 14:55:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 55F3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3163447472039705408
42 B
237 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3163447472039705408
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3163447472039705408
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 55F3
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7131516223038119427
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7131516223038119427
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:05 GMT
AN-X-Request-Uuid
36fddb2c-4dc7-4624-855c-6272041c483f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7131516223038119427
Connection
keep-alive
X-Proxy-Origin
96.9.246.197; 96.9.246.197; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skin1.js
s0.2mdn.net/sadbundle/5747938229646881587/ Frame 94F6
3 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/5747938229646881587/skin1.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
447ca1004faf4a3c960a82f9d4296cd6aaf7db42d3c98c8379f204f9084f1ff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255008
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:04:57 GMT
skin1.js
s0.2mdn.net/sadbundle/3320540508672487973/ Frame 9904
3 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/3320540508672487973/skin1.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecc549864ba1fa8cc0acac299172b9b08a647371c56f2abfe0afb867adc40792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1230
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:27:17 GMT
skin1.js
s0.2mdn.net/sadbundle/1628148154522689122/ Frame 531D
3 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/1628148154522689122/skin1.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
902af3f7b0beaadf03683ebc8f71e35471c89f3034ae64baf1aa90cad94c3809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 18:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:26:51 GMT
dt
dt.adsafeprotected.com/ Frame B6B5
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=2c94ee7d-2de0-0b01-9846-0dfa17e1a01b&tv=%7Bc:r1VF47,pingTime:-10,time:4437,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665759305355%7C%7C29a1807ee2cbde320a6e1e7e54128890%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C964c71ec5e9638a30e67db200babed27%7C%7C955653f14f511b597cd7d4b3c5bbaf62%7C%7Caaf6bfe3a4d854c7aa9bd83b7bc0e6f4%7C%7C39e7de41cdff31d296f77aec6a817c46%7C%7Ce25b0ef2d5af32e7d320cef750eba2b9%7C%7C1663701684%7D
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:05 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=243d9f67-53d7-b892-5bdf-49966da6ec14&tv=%7Bc:r1VF5e,pingTime:-10,time:6369,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665759304591%7C%7C114c316be0d5f4dd03edc7b2d8b1104f%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7Ce058f4089a845fdabb9739a2171e5d28%7C%7Cb1d5c29a62bdd374025942aaf66425d2%7C%7C00dc60c0ee2ebe3c3c22d5fa5276d74e%7C%7Ccaffae3006374c1292ab830ac86b42d7%7C%7Cf4853e57f3bffce8a05b65130467fa5a%7C%7C1663701684,sca:%7Bspg:f670ba03-9ae8-af2b-b358-264aba3dbb08%7D%7D
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:05 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
23 B
459 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3159&u=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&pid=VorOHozQI0FdD&cb=3&ws=1600x1200&v=22.10.32118&t=500&slots=%5B%7B%22id%22%3A%22aps-preroll%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22si_section%22%3A%22video%22%7D&cfgv=2&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:05 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
GH93R0K3FFZNW9J0M745
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cnn.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
6AF8UvXMmQWGVgA8pQ746LtaS34dFFTzq_S8k4iRsbr5EoqbLVOqdw==
ui
registry.api.cnn.io/bundles/fave/ui-e1c2b922/
429 KB
120 KB
Script
General
Full URL
https://registry.api.cnn.io/bundles/fave/ui-e1c2b922/ui
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fa18840f88fd0b61330f628cc89e2252d99af01ce97676c14e1c18ebfb98294

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-amz-request-id
Y4G4Y1ASN25XKTWG
age
500
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
122443
x-amz-id-2
ueNyhxdk8UUzdvEoakUOIA4lc/3GR2WlxiqQMGBnR8Rj7hZLYpZvkXD0TZ98c9Q/28Ii5Ju16Lc=
x-served-by
cache-iad-kiad7000084-IAD, cache-ewr18150-EWR
last-modified
Thu, 13 Oct 2022 22:53:58 GMT
server
AmazonS3
x-timer
S1665759306.531055,VS0,VE0
vary
origin,accept-encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
1936, 174
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=www.cnn.com&rs=www.cnn.com&sid=55667&t=1665759301&cip=96.9.246.197&sn=185&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=300&he=168&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&aafaid=&proto=https&uid=1665759301012-976147915756-007734-012-001359&cha=0.7&stagid=&stplid=&d35=&d36=6.2.56&cb=21083150230&d39=&d65=&apppkg=&cd3=6990990&cd4=sidebar&cd5=11743-84256-%2C12287-0-&cd1=AR_18&cd2=no_abtest&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=168&&copid=58a5addb28a0612d3529bc5e&nid=59c9148628a0612da3689288&cocid=5bb9e3c5073ef431390091da&ncid=616d760ca5e4006b3c0c82b6&coasid=616d76a0b1e605487e33ff4d&e=bid&cb=1665759305587&asid=621c7e0c8047b625a05d186e&ofpr=&fpo=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.209.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-209-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=f670ba03-9ae8-af2b-b358-264aba3dbb08&tv=%7Bc:r1VF98,pingTime:5,time:6619,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:844%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:6619,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:844,wc:0.0.1600.1200,ac:436.0.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5797~100%5D,as:%5B5797~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:546,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.993073-65715864%7C1e1%7C1e2%7C1e3%7C1f.925660%7C1g.993073-65715865%7C1g1%7C1g2%7C1g3%7C1h.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i,idMap:1e.d25c515c-3798-54f7-918f-86af5bf09764.365_925660%7C1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:846,sis:1900%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:05 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=f670ba03-9ae8-af2b-b358-264aba3dbb08&tv=%7Bc:r1VF99,pingTime:5,time:6620,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:844%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:6620,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:844,wc:0.0.1600.1200,ac:436.0.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5798~100%5D,as:%5B5798~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:546,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.993073-65715864%7C1e1%7C1e2%7C1e3%7C1f.925660%7C1g.993073-65715865%7C1g1%7C1g2%7C1g3%7C1h.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i,idMap:1e.d25c515c-3798-54f7-918f-86af5bf09764.365_925660%7C1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:846,sis:1900%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:05 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
video
fave.api.cnn.io/v1/
5 KB
2 KB
XHR
General
Full URL
https://fave.api.cnn.io/v1/video?id=business/2022/08/10/moderna-ceo-stphane-bancel-vaccine-future-orig-ht.cnn-business&customer=cnn&edition=domestic&env=prod
Requested by
Host: registry.api.cnn.io
URL: https://registry.api.cnn.io/bundles/fave/vendor-8cd0b0d8/vendor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
67aaebcd230a3ce57aada23a67f1e9ea4c00dfeb172b1f91dfeccf8e2ef3d012

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
cache-iad-kjyo7100141-IAD, cache-ewr18177-EWR
date
Fri, 14 Oct 2022 14:55:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1252
x-timer
S1665759306.840376,VS0,VE1
vary
origin,accept-encoding, Accept-Encoding
x-cache
HIT, HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
max-age=60
accept-ranges
bytes
content-length
1703
x-cache-hits
30, 1
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=e8ee9ae9-ec03-cd9d-df06-cd88d46a4021&tv=%7Bc:r1VFbA,pingTime:5,time:6725,type:p,clog:%5B%7Bpiv:65,vs:pp,r:,w:300,h:250,t:1076%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:0,pp:6725,pm:0%7D,slEvents:%5B%7Bsl:pp,t:1076,wc:0.0.1600.1200,ac:1050.1038.300.250,am:sp,cc:0.0.300.250,piv:65,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5663~50%5D,as:%5B5663~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:1027,fm:tkfygcv+11%7C12%7C13%7C14%7C15%7C16111%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e.993073-65715864%7C1e1%7C1e2%7C1e3%7C1e4%7C1f.925660%7C1g.993073-65715865%7C1g1%7C1g2%7C1g3%7C1g4%7C1h*.993073-65715865%7C1h1%7C1h2%7C1h3%7C1i%7C1j%7C1k,idMap:1h.99a20ad0-4c83-0776-f418-755c57621d91.1654_925660%7C1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1076,sis:1913%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:05 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 70C6
342 KB
116 KB
Script
General
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1665759306.dop059.lo4.t,1665759306.cds090.lo4.shn,1665759306.cds090.lo4.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
program-map.top-2.json
lightning.warnermediacdn.com/cdp/psm/schemas/video/qos/1.1.5/
2 KB
737 B
Fetch
General
Full URL
https://lightning.warnermediacdn.com/cdp/psm/schemas/video/qos/1.1.5/program-map.top-2.json
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
697aa7f78c3deb8d46b3ee11199ee5458e3efe513c14f3482c7d15a92bfbdcc4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:05 GMT
content-encoding
gzip
content-length
402
last-modified
Wed, 28 Sep 2022 19:30:45 GMT
server
AkamaiNetStorage
etag
"07e9d503efd4f135041a5bc0d8a86d16:1664393445.52726"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.cnn.com
access-control-allow-methods
*
cache-control
max-age=373
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 14 Oct 2022 15:01:18 GMT
l
use.typekit.net/af/20ad3a/00000000000000003b9ae7f7/27/ Frame 94F6
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/20ad3a/00000000000000003b9ae7f7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/sfa7jox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:749a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf179df11689b20cc6af20402afa4b3d8d1bdfa20474c9869bb45f4c0b6ba1d1

Request headers

Referer
https://use.typekit.net/sfa7jox.css
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:05 GMT
server
nginx
etag
"2b3ed5bc45684eceddff49ec7083f42a8c89b80c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19388
img_card_front.png
s0.2mdn.net/sadbundle/5747938229646881587/ Frame 94F6
27 KB
27 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5747938229646881587/img_card_front.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe521c443ba7c8125f280e39d27e2a972d23409128179c3560bb67ee1c037ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:19:38 GMT
x-content-type-options
nosniff
age
254127
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27514
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:19:38 GMT
img_card_back.png
s0.2mdn.net/sadbundle/5747938229646881587/ Frame 94F6
25 KB
25 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/5747938229646881587/img_card_back.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4098a02bb830340117ea0801a7b5cab514c5138af9502a4b45d6c04da4cbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5747938229646881587/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:19:38 GMT
x-content-type-options
nosniff
age
254127
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25874
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:19:38 GMT
l
use.typekit.net/af/20ad3a/00000000000000003b9ae7f7/27/ Frame 9904
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/20ad3a/00000000000000003b9ae7f7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/sfa7jox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:749a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf179df11689b20cc6af20402afa4b3d8d1bdfa20474c9869bb45f4c0b6ba1d1

Request headers

Referer
https://use.typekit.net/sfa7jox.css
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:05 GMT
server
nginx
etag
"2b3ed5bc45684eceddff49ec7083f42a8c89b80c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19388
img_card_front.png
s0.2mdn.net/sadbundle/3320540508672487973/ Frame 9904
27 KB
27 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3320540508672487973/img_card_front.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe521c443ba7c8125f280e39d27e2a972d23409128179c3560bb67ee1c037ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:26:30 GMT
x-content-type-options
nosniff
age
253715
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27514
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:26:30 GMT
img_card_back.png
s0.2mdn.net/sadbundle/3320540508672487973/ Frame 9904
25 KB
25 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3320540508672487973/img_card_back.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4098a02bb830340117ea0801a7b5cab514c5138af9502a4b45d6c04da4cbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3320540508672487973/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:26:30 GMT
x-content-type-options
nosniff
age
253715
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25874
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:04:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:26:30 GMT
l
use.typekit.net/af/20ad3a/00000000000000003b9ae7f7/27/ Frame 531D
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/20ad3a/00000000000000003b9ae7f7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/sfa7jox.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:749a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf179df11689b20cc6af20402afa4b3d8d1bdfa20474c9869bb45f4c0b6ba1d1

Request headers

Referer
https://use.typekit.net/sfa7jox.css
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:05 GMT
server
nginx
etag
"2b3ed5bc45684eceddff49ec7083f42a8c89b80c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19388
img_shadow.png
s0.2mdn.net/sadbundle/1628148154522689122/ Frame 531D
14 KB
14 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/1628148154522689122/img_shadow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b3338f50271f3046fe9c6df8e986d27d99a0e8d1f234c937d8d6ed5d64961ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:26:51 GMT
x-content-type-options
nosniff
age
253694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14669
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 18:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:26:51 GMT
img_card_front.png
s0.2mdn.net/sadbundle/1628148154522689122/ Frame 531D
27 KB
27 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/1628148154522689122/img_card_front.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe521c443ba7c8125f280e39d27e2a972d23409128179c3560bb67ee1c037ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:26:51 GMT
x-content-type-options
nosniff
age
253694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27514
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 18:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:26:51 GMT
img_card_back.png
s0.2mdn.net/sadbundle/1628148154522689122/ Frame 531D
25 KB
25 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/1628148154522689122/img_card_back.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4098a02bb830340117ea0801a7b5cab514c5138af9502a4b45d6c04da4cbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:26:51 GMT
x-content-type-options
nosniff
age
253694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25874
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 18:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:26:51 GMT
img_card2.png
s0.2mdn.net/sadbundle/1628148154522689122/ Frame 531D
17 KB
17 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/1628148154522689122/img_card2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e11c95df1842787d45061b351028a007632ed1ca3985d6c5f08c8ee82b25b9dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1628148154522689122/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:26:51 GMT
x-content-type-options
nosniff
age
253694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17573
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 18:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Oct 2023 16:26:51 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=993073&asId=e8ee9ae9-ec03-cd9d-df06-cd88d46a4021&tv=%7Bc:r1VFeC,pingTime:-10,time:6913,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665759304591%7C%7C114c316be0d5f4dd03edc7b2d8b1104f%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7Ce058f4089a845fdabb9739a2171e5d28%7C%7Cb1d5c29a62bdd374025942aaf66425d2%7C%7C00dc60c0ee2ebe3c3c22d5fa5276d74e%7C%7Ccaffae3006374c1292ab830ac86b42d7%7C%7Cf4853e57f3bffce8a05b65130467fa5a%7C%7C1663701684,sca:%7Bspg:f670ba03-9ae8-af2b-b358-264aba3dbb08%7D%7D
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
track
track1.aniview.com/
0
94 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=www.cnn.com&rs=www.cnn.com&sid=55667&t=1665759301&cip=96.9.246.197&sn=185&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=300&he=168&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&aafaid=&proto=https&uid=1665759301012-976147915756-007734-012-001359&cha=0.7&stagid=&stplid=&d35=&d36=6.2.56&cb=21083150230&d39=&d65=&apppkg=&cd3=6990990&cd4=sidebar&cd5=11743-84256-%2C12287-0-&cd1=AR_18&cd2=no_abtest&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=168
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.209.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-209-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cnn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 14 Oct 2022 14:55:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
220810162805-moderna-vaccine-story-tablet.jpeg
cdn.cnn.com/cnnnext/dam/assets/
38 KB
39 KB
Image
General
Full URL
https://cdn.cnn.com/cnnnext/dam/assets/220810162805-moderna-vaccine-story-tablet.jpeg
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
797829b8aedf125545f9d66e64974854813818e948d7cd435adbceb768c19984

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
server
Apache-Coyote/1.1
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
content-length
39219
expires
Fri, 14 Oct 2022 15:55:06 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A9F2
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158615&us_privacy=1YNN
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=57891
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 14:55:06 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 15 Oct 2022 06:59:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/
0
0

visitormatch
bh.contextweb.com/ Frame 1961
4 KB
5 KB
Document
General
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
8aeb5be4993bbe0be70b679599c007345928d6078a0ccecf0663c738e6a958fa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
3861
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-7b8b47d95b-wrqgr
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
view
securepubads.g.doubleclick.net/pcs/ Frame 1806
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssL7VO0VK6Fr0mpJBjycDlSCpX_GRMXtpgNA6g_UWCcsr6leHBwD_p-BKBexaaXSFwttzKU6-8m6Zh9NavFDNq-IgIf-Z6xuogenNSHgS6z1TeIv65J1gbIpT0wNflp1VtJ9G19rCCxGeZzcW-mocxfNhcoTUed1fgwJm_YpuxL5UhStf_p_G2yyDk2kiikjAZch-5IsDxIxlXehY3hf9G-EbvVjcRGARS2tKdEFKJ0G-vdDHnDGfuTmdlFnJs2AalBoZVn6akQ4SlzyhAlBnvGKP0cXk1_b9HwUnTR3ty5zXk9tzHPwRo4TFVC2bjHh4tDBko&sai=AMfl-YRVOUENQYxsOaO1HlsHBduq9Per7ZslxlaOuP7touiNEE26-tytfr3eyU58T3tkbSswok_FnSsAEZC_c8RKMgYmnbnm0x72-DoAKhB9ehUkRws03yaR9C0qaCZMz-D_gWbY4A&sig=Cg0ArKJSzDA4_j1QKEavEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 14 Oct 2022 14:55:06 GMT
COMMON.css
c.evidon.com/a/ Frame 1806
2 KB
984 B
Stylesheet
General
Full URL
https://c.evidon.com/a/COMMON.css?r=0.5173107074353245
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
715
box_77_top-right.png
c.evidon.com/icon/ Frame 1806
159 B
463 B
Image
General
Full URL
https://c.evidon.com/icon/box_77_top-right.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18ce127fac997d05e6cac7436df99fe45e8a589d26d1c891aa127e8b2af572a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:19 GMT
server
AkamaiNetStorage
etag
"49829da8a0a594f300b83586f077bf58:1360189519"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
179
c_30_us.png
c.evidon.com/icon/ Frame 1806
924 B
1 KB
Image
General
Full URL
https://c.evidon.com/icon/c_30_us.png
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7aa846082d8ee4453971b0c942731bc25e45f436af3c8d59764f454414c375cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:25 GMT
server
AkamaiNetStorage
etag
"698a04f1a4e8d39498dd892af9c71412:1360189525"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
921
pixel.gif
l.betrad.com/ct/0_0_6260004_157707/us/0/1/0/0/0/0/728/90/242/675/0/ Frame 1806
0
120 B
Image
General
Full URL
https://l.betrad.com/ct/0_0_6260004_157707/us/0/1/0/0/0/0/728/90/242/675/0/pixel.gif?v=2_1&ttid=2&d=www.cnn.com&r=0.9695399159835705
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.52.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-52-81.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 7E61
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstv-hTBTV8XJChi3AiNHwJsdPCKJcGKOvny3MN0X2NKui0A9WLkaAwkHBTcktaJCU5CMfmWkrekP4cFQfDI2qV8ukYti8Vh8yHxZRZup0Wz4s5PBfGiNJ2BHKFgjl8T-hxHDR0KOiV7u5mRyCy6ykRv6g_0-BsSaOMRLJRu87lyED4-8Ao11U1wGqifVJvBfAmDyOuM_TNXC1TePxqLo17tyJ6z3mT_aZ0-Ih5XNXmoLhAhaqluWFpIgEAND-hU_hGjVdUTBwRzEltizyYsboada9DfkKeH_fbmhCk0rV25nIOh9rO5YpD4waMnAIBZoqbmw5I&sai=AMfl-YQevwOp9won7IkyOZJiBBY7FXmEF9KoaqMFeO49S-LdwJ3btA9HPPHPUabqh834t1YOgV58pTxqot18NcgUbGn-QSAe72cEPVxWAVwHZsV8z1OIc5T4kKgFtTXiok5DiR9IKQ&sig=Cg0ArKJSzCK-UhgK8QUTEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 14 Oct 2022 14:55:06 GMT
COMMON.css
c.evidon.com/a/ Frame 7E61
2 KB
984 B
Stylesheet
General
Full URL
https://c.evidon.com/a/COMMON.css?r=0.6859088653295862
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
715
box_77_top-right.png
c.evidon.com/icon/ Frame 7E61
159 B
463 B
Image
General
Full URL
https://c.evidon.com/icon/box_77_top-right.png
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18ce127fac997d05e6cac7436df99fe45e8a589d26d1c891aa127e8b2af572a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:19 GMT
server
AkamaiNetStorage
etag
"49829da8a0a594f300b83586f077bf58:1360189519"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
179
c_30_us.png
c.evidon.com/icon/ Frame 7E61
924 B
1 KB
Image
General
Full URL
https://c.evidon.com/icon/c_30_us.png
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7aa846082d8ee4453971b0c942731bc25e45f436af3c8d59764f454414c375cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:25 GMT
server
AkamaiNetStorage
etag
"698a04f1a4e8d39498dd892af9c71412:1360189525"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
921
pixel.gif
l.betrad.com/ct/0_0_6260004_157707/us/0/1/0/0/0/0/300/250/242/675/0/ Frame 7E61
0
120 B
Image
General
Full URL
https://l.betrad.com/ct/0_0_6260004_157707/us/0/1/0/0/0/0/300/250/242/675/0/pixel.gif?v=2_1&ttid=2&d=www.cnn.com&r=0.8626796282851898
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.52.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-52-81.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 25A9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhRXejGMpHAFm_LQ_a2CToEC-nCfuI8C8KgPbkr-1WDKlcO6I-LNh5xRbEZL__XuGYbJgOo_AZSzWsdRWGB-2_83xItcpnn21EUM9OGX0KN1tDR2aRd9v1Y85rHeTu8-pYgBqffTjzOnq7jKiKex7NSWYqHW-6-YfTyLAt88dW88Ux2IxP9mfqmaTyx1g1969i5RNR6-guazmE3nCmYgmI9Z--e28o3P0SL1bp_FpZMFjyM-WpL6fln6SecAxH2nyeUIPrpbIvGKVMJrvhGmeTqjl756d9SkqpjZzpbjNmx9Qnp0FT_OhQBu5DA_O8F85aVXE&sai=AMfl-YQXTBKNmD7Mrp2JwmqFTdPQYMsgv2YKwk9OkFY2w64DSJTilIgveuaDCT6lnbX6uMGXnFVhx7L6OnTc7Ic8FHCfXftANYdZIcbxkJV43_9vsNGMDhFHaMizCpyDa1ExJ8unxw&sig=Cg0ArKJSzLDGya6icl7GEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 14 Oct 2022 14:55:06 GMT
COMMON.css
c.evidon.com/a/ Frame 25A9
2 KB
984 B
Stylesheet
General
Full URL
https://c.evidon.com/a/COMMON.css?r=0.9813609402969217
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
715
box_77_top-right.png
c.evidon.com/icon/ Frame 25A9
159 B
463 B
Image
General
Full URL
https://c.evidon.com/icon/box_77_top-right.png
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18ce127fac997d05e6cac7436df99fe45e8a589d26d1c891aa127e8b2af572a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:19 GMT
server
AkamaiNetStorage
etag
"49829da8a0a594f300b83586f077bf58:1360189519"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
179
c_30_us.png
c.evidon.com/icon/ Frame 25A9
924 B
1 KB
Image
General
Full URL
https://c.evidon.com/icon/c_30_us.png
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.36.90.250 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-90-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7aa846082d8ee4453971b0c942731bc25e45f436af3c8d59764f454414c375cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:25 GMT
server
AkamaiNetStorage
etag
"698a04f1a4e8d39498dd892af9c71412:1360189525"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
921
pixel.gif
l.betrad.com/ct/0_0_6260004_157707/us/0/1/0/0/0/0/300/250/242/675/0/ Frame 25A9
0
121 B
Image
General
Full URL
https://l.betrad.com/ct/0_0_6260004_157707/us/0/1/0/0/0/0/300/250/242/675/0/pixel.gif?v=2_1&ttid=2&d=www.cnn.com&r=0.11986465596177465
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.52.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-52-81.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
device-map.json
lightning.warnermediacdn.com/cdp/psm/schemas/video/qos/1.1.5/
8 KB
1 KB
Fetch
General
Full URL
https://lightning.warnermediacdn.com/cdp/psm/schemas/video/qos/1.1.5/device-map.json
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6af22ea2947525c5004cfae2db03db66e2834947ddd59e7bf9085fd756cac2ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
content-length
1138
last-modified
Wed, 28 Sep 2022 19:30:47 GMT
server
AkamaiNetStorage
etag
"58e59078b830b48080c3dc6f46316f55:1664393447.251685"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.cnn.com
access-control-allow-methods
*
cache-control
max-age=373
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 14 Oct 2022 15:01:19 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=d25c515c-3798-54f7-918f-86af5bf09764&tv=%7Bc:r1VFlL,pingTime:5,time:5990,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:626%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5990,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:626,wc:0.0.1600.1200,ac:436.0.728.90,am:i,cc:436.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5384~100%5D,as:%5B5384~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:444,fm:tkfygy7+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e*.925660%7C1e1%7C1e2%7C1e3%7C1e4%7C1f.925660%7C1f1%7C1g.925660%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.925660%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:627,sis:2631%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ixmatch.html
js-sec.indexww.com/um/ Frame 5764
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.cnn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
59016
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75a12771b9cc1971-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 14:55:06 GMT
expires
Fri, 14 Oct 2022 18:55:06 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
rtset
bh.contextweb.com/bh/ Frame 1961
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=32d074d2af9b1087&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFw3dHOCaycgM47NAcAAAAAAA&expiration=1665845706&nuid=&is_secure=true
49 B
740 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFw3dHOCaycgM47NAcAAAAAAA&expiration=1665845706&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7b8b47d95b-wrqgr
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFw3dHOCaycgM47NAcAAAAAAA&expiration=1665845706&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
epx.gif
px.owneriq.net/fr/ Frame 1961
Redirect Chain
  • https://px.owneriq.net/eucm/p/cwc
  • https://px.owneriq.net/fr/epx.gif
43 B
402 B
Image
General
Full URL
https://px.owneriq.net/fr/epx.gif
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Server
23.219.95.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-95-182.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:06 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type
image/gif
Cache-Control
max-age=116047
Connection
keep-alive
Content-Length
43
Expires
Sat, 15 Oct 2022 23:09:13 GMT

Redirect headers

Date
Fri, 14 Oct 2022 14:55:06 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://px.owneriq.net/fr/epx.gif
Content-Type
text/html
Cache-Control
max-age=70362
Connection
keep-alive
Content-Length
154
rtset
bh.contextweb.com/bh/ Frame 1961
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=M2Y2ZVQxRmY0ODY3WkVuMF9VTlNJQQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEJPjJRjm5ONLmZKH5Jp9gHY&google_cver=1
49 B
706 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEJPjJRjm5ONLmZKH5Jp9gHY&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7b8b47d95b-wrqgr
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEJPjJRjm5ONLmZKH5Jp9gHY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 1961
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pulsepoint
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=pulsepoint&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=pulsepoint&gdpr=0&user_id=5KhOaOWjTmP_oxwztq5XMOKrTWL_rRw14KrBNUCz
  • https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=54581ddb-cf4b-4c83-8772-b771adc7cdd3
49 B
783 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=54581ddb-cf4b-4c83-8772-b771adc7cdd3
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7b8b47d95b-wrqgr
expires
-1

Redirect headers

Location
//bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=54581ddb-cf4b-4c83-8772-b771adc7cdd3
Date
Fri, 14 Oct 2022 14:55:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55972/ Frame 1961
0
359 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55972/sync?uid=fO645FflFaZM&_origin=1&gdpr=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
xuid
eb2.3lift.com/ Frame 1961
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=fO645FflFaZM&dongle=8bee
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 14 Oct 2022 14:55:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
v1
match.sharethrough.com/sync/ Frame 1961
68 B
280 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&source_user_id=fO645FflFaZM
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.76.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-76-72.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
cache-control
no-cache
content-length
68
content-type
image/png
/
rtb-csync.smartadserver.com/redir/ Frame 1961
Redirect Chain
  • https://s.ad.smaato.net/c/?dspInit=1001299&dspCookie=fO645FflFaZM
  • https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=240de039
43 B
425 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=240de039
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Server
199.187.193.193 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 14 Oct 2022 14:55:06 GMT
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=240de039
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
jHjogMtn1yrOLTadX5mmwZzAa9_vkN8QzViEP9ctM8rS9Iyh8wUUgw==
rtset
bh.contextweb.com/bh/ Frame 1961
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_cm&google_hm=fO645FflFaZM
  • https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEPUeN-15dXJz-yF5bzL5mqI&google_cver=1
49 B
672 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEPUeN-15dXJz-yF5bzL5mqI&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7b8b47d95b-wrqgr
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEPUeN-15dXJz-yF5bzL5mqI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trc.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame 1961
0
203 B
Image
General
Full URL
https://trc.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?taboola_hm=fO645FflFaZM
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Fri, 14 Oct 2022 14:55:06 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1665759307.627850,VS0,VE3
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-ewr18180-EWR
sync
partners.tremorhub.com/ Frame 1961
43 B
182 B
Image
General
Full URL
https://partners.tremorhub.com/sync?uipp=fO645FflFaZM
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b1f5:a380:b13f:7d71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 14 Oct 2022 14:55:06 GMT
server
Apache-Coyote/1.1
content-type
image/gif
UserMatch.ashx
atemda.com/ Frame 1961
43 B
1 KB
Image
General
Full URL
https://atemda.com/UserMatch.ashx?bidderid=97&bidderuid=fO645FflFaZM
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.113.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.113.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
via
1.1 google
access-control-allow-methods
GET
p3p
CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 14 Oct 2022 14:55:06 GMT
um
sync.teads.tv/ Frame 1961
23 B
287 B
Image
General
Full URL
https://sync.teads.tv/um?eid=142&uid=fO645FflFaZM&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 14 Oct 2022 14:55:06 GMT
pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 1961
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=fO645FflFaZM&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JAXXW9YPVG40C08FAVP2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 1961
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=fO645FflFaZM
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
sync.springserve.com/ Frame 1961
43 B
206 B
Image
General
Full URL
https://sync.springserve.com/usersync?aid=849&uuid=fO645FflFaZM
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.124.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-124-93.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 14 Oct 2022 14:55:06 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
rum
dsum.casalemedia.com/ Frame 1961
43 B
765 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=189&external_user_id=fO645FflFaZM&expiration=[EXPIRATION]
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
pp.gif
sync.colossusssp.com/ Frame 1961
42 B
664 B
Image
General
Full URL
https://sync.colossusssp.com/pp.gif?puid=fO645FflFaZM
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.111.121 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 1961
0
52 B
Image
General
Full URL
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=fO645FflFaZM
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Fri, 14 Oct 2022 14:55:06 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1665759307.627879,VS0,VE3
x-cache
MISS
accept-ranges
bytes
x-served-by
cache-ewr18180-EWR
55660
i6.liadm.com/s/ Frame 1961
Redirect Chain
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=fO645FflFaZM
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=fO645FflFaZM&_li_chk=true&previous_uuid=d4817b4fcfa14f54afb0f62dc294237e
  • https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=fO645FflFaZM
0
0

m
cm.mgid.com/ Frame 1961
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=400&user_id=fO645FflFaZM&expires=30&user_group=[NUMERICAL_VALUE]
  • https://cm.mgid.com/m?cdsp=433145&c=54581ddb-cf4b-4c83-8772-b771adc7cdd3&gdpr=&consentData=&uspString=
  • https://cm.mgid.com/m?c=54581ddb-cf4b-4c83-8772-b771adc7cdd3&cdsp=433145&consentData=&gdpr=&uspString=&sct=1
43 B
322 B
Image
General
Full URL
https://cm.mgid.com/m?c=54581ddb-cf4b-4c83-8772-b771adc7cdd3&cdsp=433145&consentData=&gdpr=&uspString=&sct=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H3
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
75a127742b60d153-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
location
https://cm.mgid.com/m?c=54581ddb-cf4b-4c83-8772-b771adc7cdd3&cdsp=433145&consentData=&gdpr=&uspString=&sct=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
75a12773aae2d15b-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
bid
cs.chocolateplatform.com/ Frame 1961
0
0

setuid
ib.adnxs.com/ Frame 1961
43 B
999 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=494&code=fO645FflFaZM
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
AN-X-Request-Uuid
4de8ba7a-e80f-4724-8568-d18d2d6670e6
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
96.9.246.197; 96.9.246.197; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1961
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=545637763&val=fO645FflFaZM
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1961
42 B
192 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTkmdGw9MTI5NjAw&piggybackCookie=fO645FflFaZM
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cksync.php
hbx.media.net/ Frame 1961
45 B
637 B
Image
General
Full URL
https://hbx.media.net/cksync.php?cs=3&type=ppt&ovsid=fO645FflFaZM&redirect=http://adnetwork.com/redirect/link
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 14 Oct 2022 14:55:06 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 14 Oct 2022 14:55:06 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 1961
0
37 B
Image
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=4939fd63-7a0f-46b9-9b09-9b6faa8292c9&biddername=10&pid=59c9148628a0612da3689288&key=fO645FflFaZM
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.14.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-14-246.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E58
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4sumQXhJY77WKqPGj-8PycmCkA0AAAAAOAHgBAI&bg=!UVKlUhbNAAYeOJy_Pjg7ACkAdvg8Wiwl3u8kTqx1IVzuBkHaBkjJMn8n_tSAZ26FtNfdXmpVgQnDkwIAABOUUgAAAAZoAQcKAIALsGXGJW7DXVGRvOgivBJR3ByOxh1wjWsnMQZBIo9DulgAppu7GRvQe4GB7X-d-8sr68SNKAvM_d0xfBouJJ2qKnkBUsO7BaFSLFLiM9aeR63IVMY2dZb0nx_K-Lt7wO5FiqHtsEuyR5l-0DBJdR83wBNXToNpclTzDbYBCjjIw5kCsVXMvQamJjrFwH6woAgalQJKptvaKw9NlON8pK4As6BQryFUak2_8R9L8IjXEbt9pBf-X2kEJHxAXBkCkrhCNIZh-IoLu8o12Y4JC7tHeVo-Gq3prHtOgJGHVxLnqsaWZl9yYWgjJ2SiZHNi6nnokixA7eotaQSHe5y8BdZ4MLzgxmSlUMtezBeJtJiIxii_lFtVDbFv6otCjgH7L11k1jX7_XQDRQlO7-b78M0ifbFPj-2yWYDSW2eJD8BQ4DyCMR3LjmH-jYnWL1uyKAtS3HbZgP50AN_2owN5e1dYCyy2Sm3bHYuxYPm_7oahoPZLUuFtPicufU5dbAGfHLoLEjPFZRKnkGzaRHZRJAnnA79wcVZn3G9qBLu0cTAzYcDMuUdXaDLEg2dEJC7Kfgr5L5pjWDSVzm0subk5Rt7s2XIzXn_nTmJmjs-S7j3lT4cMXX-SS3jlx4N6jVz13xpdzBveSy0OwQpLw12qpGvaiDMMgnkXkLtPJqmM3f6rJFxK9vKwBaiab6Vz6rMtWisWj7YMsXiF5gANZeTVXJUaeQGajNM2kciywK2NN6ieoOiIvq9MulkWLof4nJl2JtDMJIZ9BcCbFjfIq9uqlbQI5b6agAwp8aeNeyON3O5iQP7FMo_ZEweIX-K-71kahiIRE8JGII0L99IVUXGLFQjBjYnKstgszyPxjx58c5V1k4SXjKt7bgWR7JcQvXNQN47s3N_n-Rw01JZP3-HGb-qm497hALXVMKyz9mGFdkQIYUUe6V9nIx8TvpE3x71IacQagMwJfvPKJy8glGjOY-hdE2DnYjIeY-4GBz4XoGuQRUxLpPxS-jdrYK9eA7uSrZ3dyQ7_zBE-pjSzVzluU6f9rb_8JcByPUzaC9hfeekDIiVvVitL8cyU6VQIb8t4EL1Q6DwR
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0182
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNJsRQXhJY8DWKqPGj-8PycmCkA0AAAAAOAHgBAI&bg=!HR6lHlrNAAYeOJy_Pjg7ACkAdvg8WoSeGobWnfQvg-7TSgCGrj12O0DH02rWEG06umEv_NS9a-TE4wIAABN4UgAAAANoAQeZArM_xEJ-2gPsbjldVVzvHoBzQqhMpY0x75tqEYBhTr3NIZ7NvSdZs5VxkS6JzOgYNlDeGuNkOatkAlv2aniWv-KGJHZZj-e19GZTGy7krTRqWCGTozaS9EG12El32pqon70QlnyjEvhw3bX0A8kQCv2rL4I2e-nD0YCYOp0f94C8Z5wg_bn3K5FuDYphI9oP-o9izPE54ImanDDnQv33uo_YBCwxH-lUvE4gy6rnAWnbVStEW20uxWTlKNIAAXOyaCyrT2lsvpW2k_adIihwfD9W1QaOeLKT9Im5d6M-ka8UVdfcQTo0nfvdbfd-aKdqCsV6ZNQ5BjJFaQJIqs0516eij6mI-FpspC_o6nwkg-CFRr-_DFjDhPP-QRXZf1uuf6zZSB32jIAeAppG2-tXtO75BB-F3OjRVq0TuFQ-BrEjWN2JzxC67lfnhQ4zte22dJgH0sSePvFYT3e34ZcQX5W3O4uy7HKgfzQTDu68gtqeOicypY6FMD_dxCdgWYWkcyscDWsYDpRP13l_WAOGtmPCK2aIaSRSNl_Hu7-lnBcJnxL5MSq4Rq6dbzgrPqP7WeQ5SHKf3RH9MNxljzNhwDpxhN6jJogglHSDEVFebyEvl86u5kS1u7PKed-wNZFexwRs6xHWREq3JNFcy3X86prcvMdeZhD_LxBCZzdw092rhGOYHfPzvoh3_QL0xIt5tSztY4F7DxI9eA3Iw6UHnxYJOl5oxy55wqybNbYh3SINLGqukwPeANISGZ0UvTNCo3m-92Y5DyqzYAIWwx-bNYXqn3jKgKyMh1CpHVdWXRoui9PkOPATiTFgPZrlj2rp-D9uAEQQ71OYIxZi6i-tTgXR-ulIf46CiNt5FnNrCeVflDLHiEzTxb3yUG8bHR__NzX07YpEqLIo4Z2yJy1tjBJQTc2F
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7801
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCmJyQXhJY7zWKqPGj-8PycmCkA0AAAAAOAHgBAI&bg=!_P-l_7vNAAYeOJy_Pjg7ACkAdvg8WmmO9pYQDJofMiBFAKT-63k7uJV88ZhN0ir15J-00tOhcdco_gIAABSUUgAAAAVoAQeZArHDk8vDqaJ80POTHE5PTURt6CtiGCJIl2YBdJDqnIXU6Vv5t2kCVCtQU-UXisCOGrmmEBa3XPI27HM4zGA_VS5IgwBoWt46Ny4nN-06PlPXgzrQzf60FMQJ-X5t4RqGiAGRADLsgFktlLFAxyoilqPGljoR58w_OQY3L4MIT1Lcz6ttshG7Lbns3b2Z_aybPlXzT9iVZaQ0Eg3I6WPBOfstVXsnPlYHZc-1rnlLB5v6b5ZehLl5WT4Tepq6dtygMSjwNxb5Tpao45H7Qt51c-dOUADQ50PastlN2CK-jrcdGN5ZA9XSw3vbbBFoWxvRWTjzpeSBhrqDTNN_HQ8juGr5v1Uq-FCR2Wo1v_DlIqKi7QhHN3HAZcMRoifSe5XYFgx9tEOq9jbWHyYlweXpAN7aMdWHDK3zeHIVOIcyrI8ordDhh1867hPIhvkmydfQPgGmPoH2dTro7uwzBd-nq1zrmsQqj13DOzzw_hNA_rwUr5LaWVmMC_EG2HldtlQnhNhJMBgadHziwFEA6XCE84RAo4pQJXZfz-SrM4Od1_rldPad7ic1eiYjrbgmutSk0SmIu7P-OE0egYg7tOWZLlt3aIai2Bei_hFMk1vmlVQjQGeRXVRvX38MuSlj1y8Ab8NruvV-p5j0--IEwrnUfAPps8l0UZXoBc6xromUXaffhbTu1dRO3Hs5pyEKcOi_vqJrB1ZjKuJv6Mzf8ERojHeyMX80xJyo7I7JKM5oB4KKVJqwBbLclDAzawaOjRIn2Ps_4X4r7jT8lq_YOYrxBNpBhUgK8CqLV6nbtZXA0j9HCbwuSZG0-UdYggojMpFT0NhII7DUvnTkzZ-bTc6iWWT2ySk8xC1E8zRsDwYa5uU5YyasgN9qEO689SBpBbWV2OQzOU-2v4U00ZwWLGnXQBE1aA
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event-map.top-2.json
lightning.warnermediacdn.com/cdp/psm/schemas/video/qos/1.1.5/
915 B
588 B
Fetch
General
Full URL
https://lightning.warnermediacdn.com/cdp/psm/schemas/video/qos/1.1.5/event-map.top-2.json
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
db236ff9e0404eb845760186649b1fe14eb66951a9e94d9aedbcb63c030fd2ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
content-encoding
gzip
content-length
252
last-modified
Wed, 28 Sep 2022 19:30:46 GMT
server
AkamaiNetStorage
etag
"97b9a367e7320b02659b8815266bed7e:1664393446.238754"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.cnn.com
access-control-allow-methods
*
cache-control
max-age=373
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 14 Oct 2022 15:01:19 GMT
usermatch
ssum-sec.casalemedia.com/ Frame DCC1
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
408f5e12d2b9b9ff75b208f6361dffca5ff35ee965586f30deadfd515bca2f9e

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75a12772e95b18fa-EWR
content-encoding
br
content-type
text/html
date
Fri, 14 Oct 2022 14:55:06 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5avPYkamTRLXuZWuqaWaFdLkNrc2d7JzMT3HxjAT0S%2FM%2BIqewb8W0CC2c0CR5KucdDTdvQY0klgXXb3np8Yve7nNlV2WDxlSvty6mCE7mdqRhhO0Tt1czIpaiyl1kxURML0tlKI%2BX66AQg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
config.json
lightning.warnermediacdn.com/cdp/psm/schemas/video/qos/1.1.5/
560 B
876 B
Fetch
General
Full URL
https://lightning.warnermediacdn.com/cdp/psm/schemas/video/qos/1.1.5/config.json
Requested by
Host: d9esmwyn3ffr1.cloudfront.net
URL: https://d9esmwyn3ffr1.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:496::3134 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7d8eb7249e3bc58ba3421a6e51e50fdbb1b59932c4ac62b82d35d4ec53bb7d32

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
last-modified
Wed, 28 Sep 2022 19:30:46 GMT
server
AkamaiNetStorage
etag
"e1a3903e15e2ccdaa276a7aebcb42a61:1664393446.563731"
access-control-max-age
86400
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
https://www.cnn.com
cache-control
max-age=373
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
560
expires
Fri, 14 Oct 2022 15:01:19 GMT
crum
dsum-sec.casalemedia.com/ Frame DCC1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=878D02C6705744198FB20951038F4088&us_privacy=1YNN
43 B
764 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=878D02C6705744198FB20951038F4088&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Fri, 14 Oct 2022 14:55:06 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=878D02C6705744198FB20951038F4088&us_privacy=1YNN
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 13 Oct 2022 14:55:06 GMT
crum
dsum-sec.casalemedia.com/ Frame DCC1
Redirect Chain
  • https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=MWRlYmRjMjc4ZTU4MTNlOWM3NjA5NzNhYjZhOWM5MDk&expiration=1697295306
43 B
764 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=MWRlYmRjMjc4ZTU4MTNlOWM3NjA5NzNhYjZhOWM5MDk&expiration=1697295306
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=MWRlYmRjMjc4ZTU4MTNlOWM3NjA5NzNhYjZhOWM5MDk&expiration=1697295306
pragma
no-cache
date
Fri, 14 Oct 2022 14:55:06 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
140
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
crum
dsum-sec.casalemedia.com/ Frame DCC1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=e8hOHL8z1OJm5z5&us_privacy=1YNN
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=e8hOHL8z1OJm5z5&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-09dc561dd75df0a64@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=e8hOHL8z1OJm5z5&us_privacy=1YNN
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DCC1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=4YcvVatpQRlHac9ZHs6pq2AJ9sU
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=4YcvVatpQRlHac9ZHs6pq2AJ9sU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=4YcvVatpQRlHac9ZHs6pq2AJ9sU
Date
Fri, 14 Oct 2022 14:55:06 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame DCC1
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&us_privacy=1YNN
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=084022040721ccefec9a803e&expiration=[EXPIRATION]
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=084022040721ccefec9a803e&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=084022040721ccefec9a803e&expiration=[EXPIRATION]
Date
Fri, 14 Oct 2022 14:54:41 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
crum
dsum.casalemedia.com/ Frame DCC1
Redirect Chain
  • https://match.deepintent.com/usersync/113?us_privacy=1YNN
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_65f95a0236824e23b0efd
43 B
765 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_65f95a0236824e23b0efd
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_65f95a0236824e23b0efd
date
Fri, 14 Oct 2022 14:55:06 GMT
content-type
image/gif
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum.casalemedia.com/ Frame DCC1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&us_privacy=1YNN
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7131516223038119427&us_privacy=1YNN
43 B
765 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7131516223038119427&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
AN-X-Request-Uuid
16c9e603-4031-4387-80be-a14cfd85d254
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7131516223038119427&us_privacy=1YNN
Connection
keep-alive
X-Proxy-Origin
96.9.246.197; 96.9.246.197; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame DCC1
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1YNN&gdpr=&gdpr_consent=&id=Y0l4QhsVnrOdD2McikNy5AAAABoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 14:55:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AFGGQZT25ZS4F2XHAF2B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame DCC1
43 B
154 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y0l4QhsVnrOdD2McikNy5AAA%26026=&us_privacy=1YNN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNN&d=https%3A%2F%2Fwww.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:06 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
59279
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75a127736a328c7d-EWR
content-length
43
expires
Sat, 15 Oct 2022 14:55:06 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 70C6
25 KB
25 KB
XHR
General
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1665759307093
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:07 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1665759307.dop208.lo4.t,1665759307.cds203.lo4.shn,1665759307.cds203.lo4.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.cnn.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=c7b4c0bb963befbef95e98774dcc26b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e5f69_7154381690738909760&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=43be5bfc-2333-45c8-b58e-491325ded701
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YzdiNGMwYmI5NjNiZWZiZWY5NWU5ODc3NGRjYzI2Yg==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDAf5LEFTfvkWv9YELcNCwk&google_cver=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/c7b4c0bb963befbef95e98774dcc26b?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-E2W_q5tE2oNqoReZFTXOwLusO_.kFJXIsjZqKTfb~A
  • https://usersync.octillion.tv/fw?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554&userId=28e127f9-7157-465f-8309-913e19824084
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=7131516223038119427
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAEDek7GkvEAAB5Vp63uTg&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=e8hOHL8z1OJm5z5&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3163447472039705408
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Y0l4RAAAAanUSgAT
0
0

SPug
simage4.pubmatic.com/AdServer/ Frame 55F3
0
129 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156512&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 7E61
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9YIpJytyujggAUEXmKIXvM80a3-RqEdyiB0yr_BTIG_scRpJJMhuLHwJltAKuUtHZOG4PVYtYoZ4GBOAqfw34Ma_Pb7IhEpGWf5Tji9aOCwU72bjK_DU6bIJueSQLNBW8rLoImo4tW6dxQ_rw_SWdNhSk22kITNcODhH4ukEO&sig=Cg0ArKJSzDiLcGaczobuEAE&id=lidar2&mcvt=1000&p=1038,1050,1288,1350&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20221012&bin=7&avms=nio&bs=1600,1200&mc=0.65&vu=1&app=0&itpl=19&adk=1731925108&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665759298340&rpt=7930&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1806
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdbY0cegjj0rMtQMT_HtIzLF2-hZxxwBi0mrFjzJr0vgmf_WJtgGE13Ayc1xSbotL3jiTFwK5Yo0iZRoIRZsmO4aXa5P5gAiM0uicd9ZqfmmOmA5T11hZ9_Z6mzF1IN8HzB05-BvmIjyY2p_0XM1i4swxda5UBzazoxqMFBqnZ&sig=Cg0ArKJSzF8GuConZT4eEAE&id=lidar2&mcvt=1010&p=0,436,90,1164&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20221012&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2790737673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665759298143&rpt=8098&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI+113/cZZj304/VVCBF57phx4PW98GJW51HTyfnW5JQdxX4R719nN8LB07w3lLCfV1-WJV7CgV2BW3_rPG76svGd0W5NP45g5fGqLwW8C4dHV83QKvbVkPH1D76JBwfVGwJdd3WYpWGW3Tk-ys10SDs2W2rbkkK3VhM-mW2wYTBL4NCNPvW689H4M9ltzZ0W550dFn2FJFtwW41vKC22gHZ9vW2lZcG04NHjPYVdkYgT25n_SzW17zw6X81tbqsW7rJqTc70DBfXW8HG_f-87Kn7nW96-V2392pkjGW2_yYVR1Vq9H1W1kbz5j8hyzTWW1Zg7Q93_3Jt7W1cRblZ1Yqtq9W5M2Xgw2Y05xqW7Ndlz57kPgjjW8KKh_j7vHQRdW5cjMbC5cmLYMW2t9BP044m6x8W7Y2fSL2N2FkbW3FTyxL4dj7P83jhG1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=925660&asId=99a20ad0-4c83-0776-f418-755c57621d91&tv=%7Bc:r1VFIh,pingTime:5,time:7348,type:p,clog:%5B%7Bpiv:65,vs:pp,r:,w:300,h:250,t:707%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:0,pp:7348,pm:0%7D,slEvents:%5B%7Bsl:pp,t:707,wc:0.0.1600.1200,ac:1050.1038.300.250,am:i,cc:1050.1038.300.250,piv:65,obst:0,th:0,reas:,bkn:%7Bpiv:%5B6664~50%5D,as:%5B6664~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:432,fm:tkfygy7+11%7C12%7C13%7C14%7C15%7C16111%7C16121%7C16122%7C16123%7C16124%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e.925660%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f.925660%7C1f1%7C1g.925660%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h*.925660%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:708,sis:2825%7D&br=c
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6577:8b73:d344:2d89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:07 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame A9F2
1 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94223240&p=158615&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158615&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ece6b2efba857756a0e51b7bd1566a6121ec0388af87a3681dd3743551e74626

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 14 Oct 2022 14:55:08 GMT
content-length
1514
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame AEE0
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=c16267ac-ccff-4421-8885-3ef7dad4c15d
1 B
53 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=c16267ac-ccff-4421-8885-3ef7dad4c15d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158615&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:55:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 14 Oct 2022 14:55:09 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=c16267ac-ccff-4421-8885-3ef7dad4c15d
strict-transport-security
max-age=15724800; includeSubDomains
epx
um.simpli.fi/ Frame DF14
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://um.simpli.fi/epx
43 B
228 B
Document
General
Full URL
https://um.simpli.fi/epx
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158615&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
content-type
image/gif
date
Fri, 14 Oct 2022 14:55:09 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
pragma
no-cache

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 14 Oct 2022 14:55:09 GMT
expires
Thu, 13 Oct 2022 14:55:09 GMT
location
https://um.simpli.fi/epx
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 151C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:878D02C6705744198FB20951038F4088
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:878D02C6705744198FB20951038F4088
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158615&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 14:55:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 14 Oct 2022 14:55:09 GMT
expires
Thu, 13 Oct 2022 14:55:09 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:878D02C6705744198FB20951038F4088
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
/
io.narrative.io/ Frame A9F2
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
  • https://io.narrative.io/?io.narrative.guid.v2=32efcad0-4bd0-11ed-829c-0661d704b7c9&companyId=673&id=pubmatic_id:C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
0
247 B
Image
General
Full URL
https://io.narrative.io/?io.narrative.guid.v2=32efcad0-4bd0-11ed-829c-0661d704b7c9&companyId=673&id=pubmatic_id:C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
HTTP/1.1
Server
50.16.120.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-120-253.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 14:55:09 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=32efcad0-4bd0-11ed-829c-0661d704b7c9&companyId=673&id=pubmatic_id:C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
Date
Fri, 14 Oct 2022 14:55:09 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame A9F2
49 B
263 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3&gdpr=0&gdpr_consent=
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.23
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame A9F2
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=923e1045-fbdf-4106-ae07-ff4664f8de7b%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=43be5bfc-2333-45c8-b58e-491325ded701&ttd_puid=923e1045-fbdf-4106-ae07-ff4664f8de7b%2C
95 B
113 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=43be5bfc-2333-45c8-b58e-491325ded701&ttd_puid=923e1045-fbdf-4106-ae07-ff4664f8de7b%2C
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/png
date
Fri, 14 Oct 2022 14:55:09 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=43be5bfc-2333-45c8-b58e-491325ded701&ttd_puid=923e1045-fbdf-4106-ae07-ff4664f8de7b%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
Pug
simage2.pubmatic.com/AdServer/ Frame A9F2
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3e6b44d6-de14-48b2-8b30-de9d59d95ec0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3e6b44d6-de14-48b2-8b30-de9d59d95ec0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 14 Oct 2022 14:55:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3e6b44d6-de14-48b2-8b30-de9d59d95ec0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 14 Oct 2022 14:55:09 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
d1ba4609
rtb.gumgum.com/getuid/ Frame A9F2
35 B
209 B
Image
General
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.77.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-77-219.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:55:09 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
ping
ping.chartbeat.net/
43 B
200 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=cnn.com&p=%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html&u=DweKZ8Ba-1cPnpDXM&d=cnn.com&g=37612&g0=travel&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=6509&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=3283&_m=email&_x=hs_email&_y=229722043&_s=%7B%22obr%22%3A%22b48b1fc02b52b293c9083c3081d0e038%22%7D&t=Bj2qjlDmQlfpDUl5d0CUAbP6Ir5Qd&V=136&tz=0&sn=2&sv=DcSctQDilONWvKCnzCR9F_oDXe8R9&sd=1&im=067b0ef3&_
Requested by
Host: www.cnn.com
URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.69.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-69-97.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cnn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 14 Oct 2022 14:55:11 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame A9F2
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158615&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158615&us_privacy=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:55:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
widgets.staging.tree.com
URL
https://widgets.staging.tree.com/fonts/CNN/CNNSansW04-Light.woff
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D
Domain
r.nexac.com
URL
https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DPIzqpAw5%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Domain
id.geistm.com
URL
https://id.geistm.com/m/OB/JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Domain
r.nexac.com
URL
https://r.nexac.com/e/getdata.xgi?dt=br&pkey=quky68qukyi81&ru=https://beacon.krxd.net/data.gif?_kuid%3DPIzqpAw5%26_kdpid%3D4e3f8627-26fa-484d-bd95-a1f8f09d95a6%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/um/ixmatch.html
Domain
i6.liadm.com
URL
https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=fO645FflFaZM
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/bid?advid=5771&bcid=fO645FflFaZM
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Y0l4RAAAAanUSgAT

Verdicts & Comments Add Verdict or Comment

272 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| CNN object| WM function| OptanonWrapper object| OneTrust function| __uspapi undefined| _ object| optimizelyMoat object| optimizely object| cnnVisitorTracking object| _sf_async_config function| _readOnlyError function| ownKeys function| _objectSpread2 function| _defineProperty2 function| _createForOfIteratorHelper function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| _typeof2 object| AdFuelUtils object| __core-js_shared__ boolean| _sessionStoreAvail object| AdFuelOptions object| IndexExchangeIdentity object| pbjsChunk object| pbjs object| _pbjsGlobals object| AdFuelVideoAPI object| PrebidVideoAPI object| Prebid object| A9VideoAPI object| apstag object| AmazonA9 object| beemray object| Beemray object| Admiral object| Blockthrough object| CEP object| FWProgrammatic object| GUID object| HHID object| InViewRefresh object| __iasPET object| IAS function| krux_getDESegments function| krux_getFWKeyValues function| krux_getFWSegments function| krux_getKuid function| krux_getUser function| Krux object| MalvertisingDetection function| gotSegmentData function| recallProximic object| Proximic function| spIsBlocking object| SourcepointAdBlocking object| SSAI string| cnnad_transactionID function| cnnad_getTransactionID function| turner_getTransactionId object| TransactionID object| WMSegments object| __INITIAL_STATE__ object| __ASYNC_COMPONENTS_STATE__ object| __PREVIEW__ boolean| __EDITION__ string| __GRAPHQL_SERVER_URI__ string| __ENVIRONMENT__ object| webpackJsonpCVR object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| webpackChunkgroundcontrol function| bootAd object| Audit object| STR object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| wminst boolean| is_expansion object| _jsmd object| PubSub function| setJSMDVideoEvent function| trackAudioProgress function| trackVideoProgress function| trackMetrics function| trackVideoEvent function| sendInteractionEvent function| sendHP10Interaction function| sendGameInteraction function| sendVideoClick function| sendVideoEvent function| sendVideo2Event function| sendAudioEvent function| sendNewsPulse function| sendHTML5Event function| sendOpenStoryPerspective function| trackExitLinkMetrics object| _ml object| _comscore function| admiral function| 4dm1r11545242527 number| experienceIndex number| now object| shortterm object| longterm function| turner_getGuid object| diagPixSentCodes object| __iasAdRefreshConfig object| googletag boolean| overlaysHidden object| AdFuel boolean| apstagLOADED object| OneTrustStub object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked object| headertag object| IASVideoAPI object| ns_ object| scCGSHMRCache object| CNNI object| ZION object| ZION_MESSAGE_BUS object| zion_analytics object| COMSCORE function| udm_ object| ns_p object| psmMgrConfig object| psmMgr string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData function| AppMeasurement function| s_gi function| s_pgicq string| s_account number| s_objectID number| s_giq object| s object| __consolidated_events_handlers__ object| ggeac object| google_tag_data object| google_js_reporting_queue object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| bouncex object| zionFeatureManager object| GlobalSnowplowNamespace function| zionSp function| zionFlagManagerDebug object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv function| iFrameResize object| s_i_cnn-adbp-domestic object| psmVideo object| Criteo undefined| google_measure_js_timing object| proximicData object| Snowplow object| Optanon function| ZionMessageBus boolean| OneTrustLoaded object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| FAVE object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 undefined| $ function| jQuery object| _perfRefForUserTimingPolyfill object| webpackChunkwebpackJsonp_FAVE_ string| VIDGET_VERSION object| OB_VIDGET function| OB_VidgetAuditCallback object| slot string| k string| spec object| adobeID function| fbq function| _fbq function| avPlayer function| close_bouncex_ad object| storageAni object| NexusPlatform object| Origin undefined| localAsyncStorage object| Base64 object| omid function| BLFactory object| BL function| __IASVANS object| webpackChunkbitmovin_player_name_ object| TOP object| __IntegralASExec object| ZION_SDK object| TopPlayer object| freewheelssp_cache function| FaveUiController function| PlayerUserInterface object| React object| ReactDOM

316 Cookies

Domain/Path Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie Name: thirdparty
Value: yes
lightning.warnermediacdn.com/cdp/psmtk Name: psm_thirdparty
Value: 1
.mrtnsvr.com/sync Name: userId
Value: s5BD93-aM
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQvRM
.order.weshield.us/ Name: __cf_bm
Value: fJ3MbZ9spTAzp_JYfecrqxIfHkl0MK.QtPwyYR9eBJQ-1665759292-0-ASOg1iFNRsKiBk9bPsCibyGLHJDH8St/vL1ogL/bhD0oYUfiSa3ti6mExeA/QZ3+VRUbCT1R14cnHLobVFtMh9g=
.order.weshield.us/ Name: __cfruid
Value: 2adeabf922493ed523616f132eae27ef7aa253c8-1665759292
.cnn.com/ Name: countryCode
Value: US
.cnn.com/ Name: stateCode
Value: NY
.cnn.com/ Name: geoData
Value: buffalo|NY|14202|US|NA|-400|broadband|42.880|-78.880|514
.cnn.com/ Name: FastAB
Value: 0=8820,1=5234,2=2637,3=3631,4=0599,5=5984,6=8680,7=2853,8=0952,9=3272,10=4616,11=8324,12=3693,13=5443,14=8550,15=7838,16=5573,17=3888,18=3955,19=1220
.cnn.com/ Name: usprivacy
Value: 1YNN
.cnn.com/ Name: optimizelyEndUserId
Value: oeu1665759293636r0.7557971177913501
.cnn.com/ Name: sato
Value: 1
.www.ugdturner.com/ Name: ug1
Value: 6349783d0e03f40a3f9cef001449eaf6
.cnn.com/ Name: umto
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-2009
Value: 1
.ads.stickyadstv.com/ Name: UID
Value: c7b4c0bb963befbef95e98774dcc26b
www.cnn.com/ Name: umto
Value: 1
.adnxs.com/ Name: uuid2
Value: 7131516223038119427
.tremorhub.com/ Name: tvid
Value: 427fcc71780f41d8b13f97aba743dc45
www.cnn.com/ Name: ug
Value: 6349783d0e03f40a3f9cef001449eaf6
www.cnn.com/ Name: ugs
Value: 1
.rubiconproject.com/ Name: khaos
Value: L98M2PLK-Y-BTOL
.spotxchange.com/ Name: audience
Value: 29ce967a-4bd0-11ed-a4fb-191acae40103
.imrworldwide.com/ Name: IMRID
Value: 29cf5dd0-4bd0-11ed-9df8-fdf7688243a5
.tremorhub.com/ Name: tvssa
Value: 1665759294592
.cnn.com/ Name: zwmc
Value: 7131516223038119427
.cnn.com/ Name: goiz
Value: 427fcc71780f41d8b13f97aba743dc45
.cnn.com/ Name: ifyr
Value: L98M2PLK-Y-BTOL
.mid.rkdms.com/ Name: sessionid
Value: h-c88ca9d72978e85f8d47ec48b3a17a02_t-1665759294
.adsrvr.org/ Name: TDID
Value: 43be5bfc-2333-45c8-b58e-491325ded701
.fwmrm.net/ Name: _uid
Value: "e5f69_7154381690738909760"
.cnn.com/ Name: FastAB_Zion
Value: 5.1
.cnn.com/ Name: hkgc
Value: 29ce967a-4bd0-11ed-a4fb-191acae40103
.scorecardresearch.com/ Name: UID
Value: 1768d5da4481a9dbdd5e8aa1665759295
.ml314.com/ Name: pi
Value: 3630748696449122349
.ml314.com/ Name: tp
Value: 11%3b10%2f14%2f2022+10%3a54%3a55+AM%3b0
.tree.com/ Name: __cf_bm
Value: TPjWSosvPCzhVvwq970bWKKRk0JjYx4MyE1mS_vyr6M-1665759295-0-ARvuKo9mCCgltC9QPL4YswNCizps7IocG1ctmuCJBhu1fHsSMTDkyS4MAzZOW/SWHlwMsg7FdkjUfag0+CRqJJA=
.demdex.net/ Name: demdex
Value: 16977201831754669203597928873521890878
.cnn.com/ Name: AMCVS_7FF852E2556756057F000101%40AdobeOrg
Value: 1
.cnn.com/ Name: s_ecid
Value: MCMID%7C16938152031959992083593953103926057598
.cnn.com/ Name: cnprevpage_pn
Value: cnn%3Ac%3A%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2F
.cnn.com/ Name: _cb
Value: DweKZ8Ba-1cPnpDXM
.cnn.com/ Name: _chartbeat2
Value: .1665759296229.1665759296229.1.DcSctQDilONWvKCnzCR9F_oDXe8R9.1
.cnn.com/ Name: _cb_svref
Value: null
.cnn.com/ Name: AMCV_7FF852E2556756057F000101%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19280%7CMCMID%7C16938152031959992083593953103926057598%7CMCAAMLH-1666364095%7C7%7CMCAAMB-1666364095%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665766496s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.cnn.com/ Name: s_cc
Value: true
.cnn.com/ Name: _awl
Value: 2.1665759295.0.5-eaf2ae4dd504e3a733748f8c526510cd-6763652d75732d6561737431-0
.outbrain.com/ Name: obuid
Value: 486b77bd-d47b-404e-8979-7206b9b4c94d
.krxd.net/ Name: _kuid_
Value: PIzqpAw5
.cnn.com/ Name: _admrla
Value: 2.2-ddfb9fecdd4dc939-2b015f02-4bd0-11ed-896a-18d90ed6bdeb
.cnn.com/ Name: WMUKID_STABLE
Value: a47ce3f8-cc27-4d56-9210-915fa9dbd3f8
.cnn.com/ Name: _sp_ses.f5fb
Value: *
.cnn.com/ Name: _sp_id.f5fb
Value: 8cf478ef-97e1-4e95-ab3d-68d05e6699cb.1665759297.1.1665759297.1665759297.3a4821f2-d18a-44ee-9615-c64f7d0f1e42
.warnermediacdn.com/ Name: CDPID
Value: caf89b3d-22d6-4a30-b903-e85a0fce21e6
.amazon-adsystem.com/ Name: ad-id
Value: A2sJmNulZ0teg40-HUVirJU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.cnn.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Oct+14+2022+14%3A54%3A57+GMT%2B0000+(GMT)&version=6.36.0&isIABGlobal=false&hosts=&consentId=3e28d312-82cc-44c6-8654-6d0fcbaff69f&interactionCount=0&landingPath=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&groups=BG173%3A1%2Csmv%3A1%2Cpfv%3A1%2Cpzv%3A1%2Cven%3A1%2Csav%3A1%2Cadv%3A1%2Cpf%3A1%2Csa%3A1%2Cad%3A1%2Csm%3A1%2Ctdc%3A1%2Ccos%3A1%2Cdid%3A1%2Cdlk%3A1%2Cpcp%3A1%2Cdsa%3A1%2Cmra%3A1%2Cmap%3A1%2Cpap%3A1%2Cgld%3A1%2Cpad%3A1%2Cpdd%3A1%2Csid%3A1%2Ccad%3A1%2Csec%3A1%2Cai%3A1%2Cfc%3A1%2Ctc%3A1%2Cpcd%3A1%2Cmcp%3A1%2Creq%3A1
collector.cdp.cnn.com/ Name: sp
Value: eb2e00c7-3861-499f-b7bf-44dbd7ac4846
.cnn.com/ Name: CDPID
Value: {"cdpId":"caf89b3d-22d6-4a30-b903-e85a0fce21e6","wmukId":"a47ce3f8-cc27-4d56-9210-915fa9dbd3f8"}
.cnn.com/ Name: psmSessionId
Value: 90aad5db-1a24-42c3-b2e0-578c0bdd0440
.cnn.com/ Name: psmLastActiveTimestamp
Value: 2022-10-14T14%3A54%3A57.660Z
.cnn.com/ Name: psmSessionStart
Value: 2022-10-14T14%3A54%3A57.660Z
.cnn.com/ Name: psmPageLoadId
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 16977201831754669203597928873521890878
.agkn.com/ Name: ab
Value: 0001%3AM2AvV%2BNd4QfJO98BWgJBiZAlXDWDJwgz
.zemanta.com/ Name: zuid
Value: nn12DaTFKjxqFrRvUj2d
.zemanta.com/ Name: obuid
Value: JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
.bidswitch.net/ Name: tuuid
Value: 54581ddb-cf4b-4c83-8772-b771adc7cdd3
.bidswitch.net/ Name: c
Value: 1665759297
.mfadsrvr.com/ Name: tuuid
Value: 94c3909b-d059-4f0c-acbe-cdd72d108f1f
.mfadsrvr.com/ Name: c
Value: 1665759298
.mfadsrvr.com/ Name: tuuid_lu
Value: 1665759298
.doubleclick.net/ Name: IDE
Value: AHWqTUmyA23dLx0qsOqceGMmK6HodUDo26Dz8NnG9VgM5uc3eIGRHX4LCn-SF4O6Gs8
.cnn.com/ Name: __gads
Value: ID=a72716dbeb955295-220ad903b1d70086:T=1665759297:S=ALNI_MZhgLAjP3CFFJob8Rah9yh4nCCnJA
.cnn.com/ Name: __gpi
Value: UID=000008835cec0776:T=1665759297:RT=1665759297:S=ALNI_MaL9_8lEPvaJI5Pm3auOnGln6eDtQ
.bidswitch.net/ Name: tuuid_lu
Value: 1665759298
.outbrain.com/ Name: obsessionid-p185
Value: 6c791484-2d5c-c50c-0000-0183d6fdbce6|1330|1
.outbrain.com/ Name: recs_6304bc0b8c8975e5592b5b1519c443c9
Value: 0B4792789638A4793577652A4808869214A4812047113A4800001668AC1B4495642018A4676274190A4747528303AC2B4814532029A4810020028A4801021123A4805242399A4816300152ACD1
.eyeota.net/ Name: mako_uid
Value: 183d6fdc24a-7d1a0000010a4d03
.eyeota.net/ Name: SERVERID
Value: 19715~DM
.mfadsrvr.com/ Name: ssh
Value: !outbrain,1665759298
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0NLMwMjAwNjY1NxXiM9T1DPRMyi0odgx38zQFACOTuQwlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0NLMwMjAwNjY1NxXiM9T1DPRMyi0odgx38zQFACOTuQwlAAAA
.twitter.com/ Name: personalization_id
Value: "v1_5pMw5Yz5wyrw9JJnibtf8w=="
.postrelease.com/ Name: visitor
Value: 55337776-bd8e-4234-9d00-61135806d824
.postrelease.com/ Name: status
Value: 0
.creativecdn.com/ Name: u
Value: KiBr5w6Mdp6KaDCbClGH
.creativecdn.com/ Name: ts
Value: 1665759298
.adfarm1.adition.com/ Name: UserID1
Value: 7154381707928795275
.cnn.com/ Name: hhidVersion
Value: 38
.cnn.com/ Name: idrTimestamp
Value: %222022-10-14T14%3A54%3A58.458Z%22
.cnn.com/ Name: sendAuthToken
Value: true
.cnn.com/ Name: sendHHID
Value: false
.cnn.com/ Name: isInAuthTokenExperiment
Value: true
.cnn.com/ Name: isInHHIDExperiment
Value: false
.cnn.com/ Name: sendWMSegs
Value: false
.3lift.com/ Name: tluid
Value: 1313157157490509546917
.quantserve.com/ Name: mc
Value: 63497842-8fbd5-a0073-6fd21
.exelator.com/ Name: EE
Value: "068d8c46307af0c0ff6a21300f1771fe"
.pippio.com/ Name: did
Value: zuXncrLbLm_6p5mI
.pippio.com/ Name: didts
Value: 1665759298
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CMLwpZoGEgYIgr0rEAA=
.yahoo.com/ Name: A3
Value: d=AQABBEJ4SWMCEOzXcOQsj6pWZOXpy9VbetkFEgEBAQHJSmNTYwAAAAAA_eMAAA&S=AQAAAsadkvrxGLWj3uP9jDvlXOQ
.yieldmo.com/ Name: yieldmo_id
Value: gfdae83e92f758ca0c7b%7C1665759298584%7C0%7C
.casalemedia.com/ Name: CMPS
Value: 054
.openx.net/ Name: i
Value: 7529f75e-a440-4733-9e1e-9f9ea51f0dbc|1665759298
.creative-serving.com/ Name: tuuid
Value: 8a8de51f-330e-4ff5-8dbc-ddce92b6c70c
.creative-serving.com/ Name: c
Value: 1665759298
.cnn.com/ Name: OptanonControl
Value: ccc=US&csc=NY&cic=0&otvers=6.36.0&pctm=0&reg=ccpa&ustcs=1YNN&vers=3.1.15
.emxdgt.com/ Name: uid
Value: 53601665759298707451b6
.360yield.com/ Name: tuuid
Value: a461fc5b-dae0-4755-b69a-465dd6e7c6b9
.360yield.com/ Name: tuuid_lu
Value: 1665759298
.ml314.com/ Name: u
Value: aHR0cHM6Ly9jZG4ua3J4ZC5uZXQvcGFydG5lcmpzL3hkaS9wcm94eS4zZDIxMDBmZDcxMDcyNjJlY2I1NWNlNjg0N2YwMWZhNS5odG1sIyFreGNpZD1JVGJfNGVxTyZreHQ9aHR0cHMlM0ElMkYlMkZ3d3cuY25uLmNvbSZreGNsPWNkbiZreHA9
.casalemedia.com/ Name: CMID
Value: Y0l4QhsVnrOdD2McikNy5AAA
.casalemedia.com/ Name: CMPRO
Value: 026
sofia.trustx.org/ Name: tuuid
Value: 1a17055b-4b10-4d74-aaa0-3ce0d186eb74
sofia.trustx.org/ Name: c
Value: 1665759298
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHAzCLFItnEzNjAPDHNINkgLc0s0cjQ2MAgzdDc3DAtdXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAbEl%252BUWb6otDgxUUpaQyLSopPBR98XQ8Ajh4qow%253D%253D"
.bounceexchange.com/ Name: bounceClientVisit340c
Value: %7B%22vid%22%3A1665759298910479%2C%22did%22%3A%227727749706370546187%22%7D
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: id5
Value: 6808836c-2fbc-40e5-87aa-456df6729972#1665759298922#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C2367DCF-74FC-4AA8-8E78-2D71DCDD5AC3
.creative-serving.com/ Name: tuuid_lu
Value: 1665759299
.smaato.net/ Name: SCM
Value: 240de039
.smaato.net/ Name: SCMo
Value: 240de039
sofia.trustx.org/ Name: tuuid_lu
Value: 1665759299
sofia.trustx.org/ Name: um2
Value: !1,54581ddb-cf4b-4c83-8772-b771adc7cdd3,435038099
sofia.trustx.org/ Name: buid
Value: 54581ddb-cf4b-4c83-8772-b771adc7cdd3
.linkedin.com/ Name: li_sugr
Value: 0ad9ee38-2cdb-4948-aa3f-2544a01ce08f
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&e93f0898-c73e-42a9-8bfe-d4021115e850"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2805:u=1:x=1:i=1665759299:t=1665845699:v=2:sig=AQGT9pf57YCx6kxpWdwKAkO00txiz44F"
.bing.com/ Name: MUID
Value: 080377C6DC1D604327AF65FBDDC961A7
.c.bing.com/ Name: MR
Value: 0
.emxdgt.com/ Name: apn_id
Value: 7131516223038119427
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e1872f55-ab69-4119-4769-cf591ecea9ab.g2QBGEafEfJKHmsK0z1nXB4%2Bdo8Ta%2Fg46ftExSHphWU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4YcvVatpQRlHac9ZHs6pq2AJ9sU.7tYRNmx0LzAkVXekle0s0JMq2zbi%2Fsmo5lURqKgwR6Y
.smartadserver.com/ Name: pid
Value: 5095224376267906723
.ads.yieldmo.com/ Name: ptrrc
Value: L98M2PLK-Y-BTOL
.technoratimedia.com/ Name: tads_uid
Value: 34407F43C3FE4EEB80AABDCB94E5E702
.technoratimedia.com/ Name: tads_uid_cd
Value: 20221014105459-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.sitescout.com/ Name: ssi
Value: c465da82-33be-4311-84c5-c60565b4654b#1665759299472
.eqads.com/ Name: EQUser
Value: UID=9a98636e-dc9a-473d-8ea3-fbc518fd5fe5
.tvpixel.com/ Name: sp
Value: 640ba9b1-c3b6-4de8-8cef-96250a55ea1c
.ads.yieldmo.com/ Name: ptrt
Value: 43be5bfc-2333-45c8-b58e-491325ded701
.contextweb.com/ Name: V
Value: fO645FflFaZM
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: db9d3e87ed118333
.imtwjwoasak.com/ Name: trkid
Value: 9914a360990978c3
.samplicio.us/ Name: _ftv
Value: 4bb97209-a2f8-48fb-b45c-889c2d1efb44
.mediago.io/ Name: __mguid_
Value: fea0c2a094ed3eaa316564467f9a5719
.ads.yieldmo.com/ Name: ptrstk
Value: 4YcvVatpQRlHac9ZHs6pq2AJ9sU
.bidr.io/ Name: bito
Value: AAEDek7GkvEAAB5Vp63uTg
.bidr.io/ Name: bitoIsSecure
Value: ok
.t.co/ Name: muc_ads
Value: 7b68ac92-ec43-4e38-952c-55e4b53a5429
.smadex.com/ Name: smxtrack
Value: 3b38920b-66f5-482a-9c13-5abb4c44464b
.smadex.com/ Name: smxbds
Value: 1
pool.admedo.com/ Name: tuuid
Value: 284a5727-69e8-48d1-bf38-85bae0bed6ed
pool.admedo.com/ Name: c
Value: 1665759299
.cnn.com/ Name: bounceClientVisit340v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0AxgHZWUD2AtkQgE4CGAbgKZhFssIAlhTBciFOizpVOglgFcUAWkbCpVJa048lHNhQqCqXJXC5swCOEuI8wxlOgJGAJlwAeZRA14Z88hAYAfQYuF0F5JgwAES4GNkFeXAA2ILgUBkFMaNxcAE4AdlyABgAWDDxU9K4qCmyIXCwAOQBHBAAvJTyqAEYegHNigHUAMxRS5IAhACNpgFUADg53LAAlADUmgGEGaP6AVgAtAFl+rC4Rjn2e5P2wAGtV44BNABV8LAXXgAkARWeANIMACSAAVXiwWN9QlswPgAfc6McAFIIXAYe7ROaguj4V5zeQApo9YHuFAIYFKb4oFwoAAar1WyPkGEmQ2iCwyAE91kFgV9fpUAsEJFQEDUENlcoUSuUhYEgig6PIWBQxDF0kE4gkwCAADQgFgwED6kCCFBBfp0RVcRyCaQwEYWFBcA3my0QG12h3QJ1gF0AXyAA
ssp.behave.com/ Name: tuuid
Value: 00b7bc1c-e3d9-472e-93e7-8a3f74511cd2
ssp.behave.com/ Name: c
Value: 1665759300
ssp.behave.com/ Name: tuuid_lu
Value: 1665759300
pool.admedo.com/ Name: tuuid_lu
Value: 1665759300
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y0l4RAAAAanUSgAT
.mathtag.com/ Name: uuid
Value: 97f46349-7844-4300-86cf-3c860e6e57c7
.simpli.fi/ Name: suid
Value: 878D02C6705744198FB20951038F4088
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y0l4RAAAAanUSgAT&KRTB&22978-Y0l4RAAAAanUSgAT&KRTB&23194-Y0l4RAAAAanUSgAT&KRTB&23209-Y0l4RAAAAanUSgAT
.adform.net/ Name: C
Value: 1
.turn.com/ Name: uid
Value: 2810044332467077412
.adform.net/ Name: uid
Value: 3163447472039705408
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-43be5bfc-2333-45c8-b58e-491325ded701&KRTB&22918-43be5bfc-2333-45c8-b58e-491325ded701&KRTB&23031-43be5bfc-2333-45c8-b58e-491325ded701
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEPs5tkJK4AOA7oMXyaLWlTQ&KRTB&22987-CAESEPs5tkJK4AOA7oMXyaLWlTQ&KRTB&23025-CAESEPs5tkJK4AOA7oMXyaLWlTQ&KRTB&23386-CAESEPs5tkJK4AOA7oMXyaLWlTQ
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2810044332467077412&KRTB&23150-2810044332467077412
.ads.yieldmo.com/ Name: ptrbsw
Value: 54581ddb-cf4b-4c83-8772-b771adc7cdd3
.aniview.com/ Name: aniC
Value:
.sportradarserving.com/ Name: zuuid
Value: 2da24d39-36ac-4537-8e1e-fa5cf644c790
.sportradarserving.com/ Name: c
Value: 1665759301
.sportradarserving.com/ Name: zuuid_lu
Value: 1665759301
.rlcdn.com/ Name: pxrc
Value: CMLwpZoGEgUI6AcQABIFCOhHEAASBgi46wEQAxIGCIq6KxAB
.cnn.com/ Name: _fbp
Value: fb.1.1665759301421.1304673834
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1665759301
www.cnn.com/ Name: nexus-web-application-identifier
Value: 3cb757e1-ad78-4cbc-bf2c-eccf5f034690|1665759301745
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005%22%7D
.agkn.com/ Name: u
Value: C|0AAgAAAAAKtw0xwAAAAABAXmiAnu6RAIAuNOmAgA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZqbmppbGBsbGq5iwnGN7K0MLIwAwCAhB-PIAAAAA
.rlcdn.com/ Name: rlas3
Value: ZqJS22lreG5WAkB2OodHbOmaBiViEcQ/o+b7CXnDiDo=
beacon.lynx.cognitivlabs.com/ Name: UID
Value: d33adbdc-c6a0-45bf-8979-97e8a3cdb74c
.deepintent.com/ Name: CDIUSER
Value: di_65f95a0236824e23b0efd
.adgrx.com/ Name: ADGRX_UID
Value: 2f2ac954-4bd0-11ed-869d-8bd57caea974
.brand-display.com/ Name: _knxq_
Value: 6164ce0f-d93f-f5d6-90dc4d33.1665759303.0.1665759303.1665759303
ssp.behave.com/ Name: um2
Value: !2,54581ddb-cf4b-4c83-8772-b771adc7cdd3,435038103
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1665759304377
.tapad.com/ Name: TapAd_DID
Value: 923e1045-fbdf-4106-ae07-ff4664f8de7b
turnip.cdn.turner.com/ Name: akacd_cvp_prod_ion
Value: 1665759424~rv=92~id=0672a2d67b49dd53f22dd9707376e8e6
.ads.stickyadstv.com/ Name: pxId
Value: 10353
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_65f95a0236824e23b0efd
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-2f2ac954-4bd0-11ed-869d-8bd57caea974&KRTB&23275-2f2ac954-4bd0-11ed-869d-8bd57caea974
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-yBxsqMkXbKPTFz7zmhp18M4fb6LTGT71zB7Dsfqb&KRTB&19420-yBxsqMkXbKPTFz7zmhp18M4fb6LTGT71zB7Dsfqb&KRTB&22979-yBxsqMkXbKPTFz7zmhp18M4fb6LTGT71zB7Dsfqb&KRTB&23403-yBxsqMkXbKPTFz7zmhp18M4fb6LTGT71zB7Dsfqb
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:97f46349-7844-4300-86cf-3c860e6e57c7&KRTB&16736-uid:97f46349-7844-4300-86cf-3c860e6e57c7&KRTB&23019-uid:97f46349-7844-4300-86cf-3c860e6e57c7&KRTB&23208-uid:97f46349-7844-4300-86cf-3c860e6e57c7
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-d33adbdc-c6a0-45bf-8979-97e8a3cdb74c
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY2NTc1OTMwNTIyMywiMjQiOjE2NjU3NTkzMDM0MzgsIjM5IjoxNjY1NzU5MzAzNDM4LCI3IjoxNjY1NzU5MzAzNDM4LCI4MSI6MTY2NTc1OTI5OTcxMH0
.owneriq.net/ Name: si
Value: Q7190457051879055423P
.owneriq.net/ Name: pmc
Value: 1
beacon.lynx.cognitivlabs.com/ Name: ss
Value: %2FK0k%2BXgDCGUGTuVx%2FKjsKY%2F9j6Njqi58f15rQzCHhD9X6fbijp2rE4OZIba5n2wANXu2OHS%2BbCLzu2UL7DjYGw%3D%3D
.acuityplatform.com/ Name: auid
Value: 699232399620
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQXVfXXKamGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUF1X11ymo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.taboola.com/ Name: t_gid
Value: 1e00769e-42e2-4e6f-a351-c3a1eaf3ffd2-tucta42fdc9
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-4YcvVatpQRlHac9ZHs6pq2AJ9sU&KRTB&23334-4YcvVatpQRlHac9ZHs6pq2AJ9sU&KRTB&23417-4YcvVatpQRlHac9ZHs6pq2AJ9sU
ads.playground.xyz/ Name: connect.sid
Value: s%3AKzxaL4P6miLc0ohifDLeJlOQl583SHR7.a2XXE3k%2FYpEnM901DKYJ%2FkFGAIAsHhQbIeQz0GAOEb8
.w55c.net/ Name: wfivefivec
Value: e8hOHL8z1OJm5z5
.fiftyt.com/ Name: fifid
Value: ee1f7bc8-1dd2-4c68-7bae-2e6eb6444aa8
.fiftyt.com/ Name: cs
Value: MTY2NTc1OTMwNXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fMKmLDMs-9MiVqEeYlSRComMM5eJ_N1W3ptJt8PBVeHC
.ipredictive.com/ Name: cu
Value: 0602a09a-9f21-4e5d-ac24-dc5606f0b66d|1665759305328
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-s5BD93-aM&KRTB&23413-s5BD93-aM
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-699232399620
.semasio.net/ Name: SEUNCY
Value: 87C78D0EFB0A1A24
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:e8hOHL8z1OJm5z5
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005%22%2C%22nxtrdr%22%3Afalse%7D
.tribalfusion.com/ Name: ANON_ID
Value: a3nseFM0inh9PBmSUTpJ3SjUvZdPS1meAEZcXsZaUpHPPxVQR2GZbUNjG7WLQZboAHlHscmKZaeHy3VUVZdPI0sZcq5y
.mxptint.net/ Name: mxpim
Value: R1B330_F7BEF837_22BD5B1A.1.000000000000000063497849
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7190457051879055423&KRTB&22521-Q7190457051879055423
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005&KRTB&17107-RX-75cf0fb0-09ec-407b-bb4e-2c0b1aec98db-005
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3163447472039705408&KRTB&23263-3163447472039705408
.onaudience.com/ Name: cookie
Value: b634e9e09fa8272d
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-c465da82-33be-4311-84c5-c60565b4654b-63497843-5553
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7131516223038119427&KRTB&23339-7131516223038119427
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_f95d0d40-91ff-4467-88ce-c4ad708bc18b
.technoratimedia.com/ Name: tads_uidp_73
Value: AAEDek7GkvEAAB5Vp63uTg
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-0602a09a-9f21-4e5d-ac24-dc5606f0b66d&KRTB&23011-0602a09a-9f21-4e5d-ac24-dc5606f0b66d&KRTB&23355-0602a09a-9f21-4e5d-ac24-dc5606f0b66d
.c.appier.net/ Name: _auid
Value: Uldthyd0AaGBQR3eSXhJYw
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B330_F7BEF837_22BD5B1A&KRTB&23092-R1B330_F7BEF837_22BD5B1A
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-Uldthyd0AaGBQR3eSXhJYw&KRTB&23130-Uldthyd0AaGBQR3eSXhJYw
.fiftyt.com/ Name: fppm
Value: 20221014145505
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHSY3L4uHTPwMYJt5-AAAAAAA&KRTB&22713-AAAHSY3L4uHTPwMYJt5-AAAAAAA&KRTB&22715-AAAHSY3L4uHTPwMYJt5-AAAAAAA
www.cnn.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.onaudience.com/ Name: done_redirects104
Value: 1
.cnn.com/ Name: _pubcid
Value: 0184768e-d972-4d79-a4c9-619dd962bbc2
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-54581ddb-cf4b-4c83-8772-b771adc7cdd3&KRTB&23280-54581ddb-cf4b-4c83-8772-b771adc7cdd3
.cnn.com/ Name: _v__chartbeat3
Value: 3rd1MCP2K7PQvY77
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEDek7GkvEAAB5Vp63uTg
.onaudience.com/ Name: done_redirects109
Value: 1
.owneriq.net/ Name: p2
Value: cwc
.smaato.net/ Name: SCMsas
Value: 240de039
.smaato.net/ Name: SCM1001299
Value: 240de039
.rubiconproject.com/ Name: audit
Value: 1|wyAr1LbNmRCQaN8AZBQ97/yXFx+q1OznEwly5HsVwNiFQXC9JARqfrB0sP2Ps0ecDxGb7u7pZutCqQ3+tQhlLHMDvubSxZCG4/T+vyHaX/qKe9EIJ9y6gT/hm5uMeOnm
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~27pq:195n~27pq:1967~27pq:175w~27pq:18z8~27pq:176s~27pq"
.dotomi.com/ Name: DotomiTest
Value: 32d074d2af9b1087
.atemda.com/ Name: UM1
Value: MAAAAB-LCAAAAAAAAAvj0uNIFNLi4knzNzMxdUvLcUuM8hXi5mj51XTz8P9p1gKsUiBOx6x_v2YAOVoMAJ0dXFAwAAAA0
.atemda.com/ Name: vi
Value: f27c386c274f19ea04ab0e00d11d6b7d
.atemda.com/ Name: fid
Value: f27c386c274f19ea04ab0e00d11d6b7d
.sharethrough.com/ Name: stx_user_id
Value: ebf894f5-11d1-4883-9578-64f15e31e2a0
.quantserve.com/ Name: d
Value: EJABIwGqJ_ijC_vLEL7iCZ8QuN3hAA
.smartadserver.com/ Name: csync
Value: 127:AAEDek7GkvEAAB5Vp63uTg|133:240de039
.adnxs.com/ Name: anj
Value: dTM7k!M40DEVNsVF']wIg2Hc#sJVN?!A#F3.TOKZnxwah*e/z>cV=v]BC`'pD`.*6[AQ]:^y9ZT3PVX23nXm/!!Ade.tmXG
.liadm.com/ Name: lidid
Value: d4817b4f-cfa1-4f54-afb0-f62dc294237e
.pubmatic.com/ Name: KRTBCOOKIE_1030
Value: 23330-fO645FflFaZM
.pubmatic.com/ Name: PugT
Value: 1665759305
.teads.tv/ Name: tt_viewer
Value: 59dd9fe5-918d-4d77-91be-34ee02680537
.colossusssp.com/ Name: gtm_usr
Value: f667d3e2-9dea-45c1-bcb4-0f3fa55a7c29
.w55c.net/ Name: matchcasale
Value: 5
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220221014%22%2C%22113%22%3A%2220221014%22%7D
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1gnl|7Bj.0.CAESEPUeN-15dXJz-yF5bzL5mqI|6zB.0.54581ddb-cf4b-4c83-8772-b771adc7cdd3|4is.0.CAESEJPjJRjm5ONLmZKH5Jp9gHY|2N.0.AAAFw3dHOCaycgM47NAcAAAAAAA|8jE.0.1|7dN.0.AAEDek7GkvEAAB5Vp63uTg
d.adroll.com/ Name: __adroll
Value: 1debdc278e5813e9c760973ab6a9c909-a_1665759306
.adroll.com/ Name: __adroll_shared
Value: 1debdc278e5813e9c760973ab6a9c909-a_1665759306
.mgid.com/ Name: muidn
Value: m9e6RsWOkyT7
.mgid.com/ Name: __cf_bm
Value: Y2Ajb2A_PXqmVrKqc3rWfc.qvOr0spnaaMGiWbEfK6A-1665759306-0-AXq/Kkkp+nRSo+y4oHcjB0C6PcX/3dZh6yfku1W54wmnr3WtPu7FJGfjbtYODezHQRjtDapNYdeB2fyljJ3v7h0=
.media.net/ Name: visitor-id
Value: 3087609066573354000V10
.media.net/ Name: data-p
Value: fO645FflFaZM~~3
cm.mgid.com/ Name: mg_sync
Value: {"433145":1665759306}
.pubmatic.com/ Name: SPugT
Value: 1665759307
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: e5f69_7154381690738909760
.ads.stickyadstv.com/ Name: MRM_UID
Value: e5f69_7154381690738909760
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 43be5bfc-2333-45c8-b58e-491325ded701
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEDAf5LEFTfvkWv9YELcNCwk
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-E2W_q5tE2oNqoReZFTXOwLusO_.kFJXIsjZqKTfb~A
.ads.stickyadstv.com/ Name: uid-bp-40946
Value: 28e127f9-7157-465f-8309-913e19824084
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 7131516223038119427
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAEDek7GkvEAAB5Vp63uTg
.w55c.net/ Name: matchfreewheel
Value: 5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: e8hOHL8z1OJm5z5
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 3163447472039705408
.adotmob.com/ Name: uid
Value: 084022040721ccefec9a803e
.adotmob.com/ Name: uuid
Value: 084022040721ccefec9a803e
.adotmob.com/ Name: partners
Value: IX%3A1665759307976
.ads.stickyadstv.com/ Name: uid-bp-45
Value: Y0l4RAAAAanUSgAT
.casalemedia.com/ Name: CMTS
Value: 1287
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: pi
Value: 158615:4
.pubmatic.com/ Name: DPSync3
Value: 1666915200%3A236_245_226_228_197_201_219_221%7C1666310400%3A248_164%7C1665792000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1670889600%3A69%7C1666569600%3A63%7C1666915200%3A56_178_166_204_233_240_8_176_243_189_220_96_165_238_57_54_104_55_3_99_231_81_250_5_48_249_239_234_22_222_13_71_21_7%7C1668297600%3A224%7C1666310400%3A38_15_2_223%7C1667001600%3A35
.adsrvr.org/ Name: TDCPM
Value: CAESEwoEa3J1eBILCPbywobD_5Y7EAUSFQoGY2FzYWxlEgsI-JCtlsP_ljsQBRIWCgdydWJpY29uEgsI5pvsncP_ljsQBRIXCghwdWJtYXRpYxILCPL4y6HD_5Y7EAUSFAoFdGFwYWQSCwiK3cr4w_-WOxAFGAEgASgCMgsIitXNpdr_ljsQBTgBWgV0YXBhZGAC
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3De5876411-676a-465e-a8d8-0a6aa17ef08c
.bnmla.com/ Name: rx_uuid
Value: e5876411-676a-465e-a8d8-0a6aa17ef08c
.bnmla.com/ Name: rx_maxage_10738
Value: 1667055309
.bnmla.com/ Name: rx_sspid_10738
Value: 6_170
io.narrative.io/ Name: io.narrative.guid.v2
Value: 32efcad0-4bd0-11ed-829c-0661d704b7c9
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6902
.inmobi.com/ Name: idsp_c
Value: c16267ac-ccff-4421-8885-3ef7dad4c15d
.adsby.bidtheatre.com/ Name: __kuid
Value: 3e6b44d6-de14-48b2-8b30-de9d59d95ec0.434973309

13 Console Messages

Source Level URL
Text
javascript error URL: https://widgets.tree.com/widget/5c4f1e80a581c30001acca92
Message:
Access to font at 'https://widgets.staging.tree.com/fonts/CNN/CNNSansW04-Light.woff' from origin 'https://widgets.tree.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://widgets.staging.tree.com/fonts/CNN/CNNSansW04-Light.woff
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id.geistm.com/m/OB/JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DPIzqpAw5%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=JK_w8QnTgfJuPYqbWTtgRS3fsOw2zEvUpGgEKxUMtQIPCB1cqVPY1pvngC8LyEdl
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=quky68qukyi81&ru=https://beacon.krxd.net/data.gif?_kuid%3DPIzqpAw5%26_kdpid%3D4e3f8627-26fa-484d-bd95-a1f8f09d95a6%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:878D02C6705744198FB20951038F4088
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://q017o-jh7o1.ads.tremorhub.com/ad/tag?adCode=q017o-ac6hc&playerWidth=300&playerHeight=168&srcPageUrl=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&supplyCode=q017o-jh7o1&mediaId=VideoId&schain=1.0,1!outbrain.com,0048938c4af9641f2e04565be89ece5954,1,,,&transactionId=ca5adb4c-505c-42ca-95b0-cf8b4dd2bd19&floor=USD:3.5&referrer=https%3A%2F%2Fwww.cnn.com%2Ftravel%2Farticle%2Fcoronavirus-omicron-travel-vaccine-health-wellness%2Findex.html%3Futm_medium%3Demail%26_hsmi%3D229722043%26_hsenc%3Dp2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ%26utm_content%3D229722043%26utm_source%3Dhs_email&us_privacy=1YNN&hb=1&fmt=json
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.cnn.com/travel/article/coronavirus-omicron-travel-vaccine-health-wellness/index.html?utm_medium=email&_hsmi=229722043&_hsenc=p2ANqtz-9n11g0Wfs46BbbU8vxARVNCmDg5ZMgAefv5165lkRMYTFA8THQYKmIPTrrHmeClFKkoMJt23kDUPoFTUuKN1IxstI-HsdsXTRJu3BWD8smyV_I8TQ&utm_content=229722043&utm_source=hs_email
Message:
Access to XMLHttpRequest at 'https://js-sec.indexww.com/um/ixmatch.html' from origin 'https://www.cnn.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://js-sec.indexww.com/um/ixmatch.html
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cs.chocolateplatform.com/bid?advid=5771&bcid=fO645FflFaZM
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Y0l4RAAAAanUSgAT
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12257d7b3fe7fde9e949cf7cd4ea7e00.safeframe.googlesyndication.com
1f2e7.v.fwmrm.net
a.sportradarserving.com
a.tribalfusion.com
a125375509.cdn.optimizely.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
analytics.twitter.com
api.btloader.com
api.rlcdn.com
as-sec.casalemedia.com
assets.bounceexchange.com
atemda.com
aud.pubmatic.com
b1sync.zemanta.com
bea4.v.fwmrm.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
c.betrad.com
c.bing.com
c.evidon.com
c1.adform.net
c2shb.pubgw.yahoo.com
casale-match.dotomi.com
cdn.cnn.com
cdn.cookielaw.org
cdn.indexww.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.ml314.com
cdn.optimizely.com
cdn.stickyadstv.com
cdn3.optimizely.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cm.smadex.com
cms.quantserve.com
cnn.bounceexchange.com
collector.cdp.cnn.com
connect.facebook.net
consumer.krxd.net
contextual-analytics.wunderkind.co
core.iprom.net
creativecdn.com
cs.chocolateplatform.com
cs.emxdgt.com
csync.loopme.me
d.adroll.com
d.agkn.com
d9esmwyn3ffr1.cloudfront.net
dfp.bouncex.net
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dynaimage.cdn.cnn.com
eb2.3lift.com
eq97f.publishers.tremorhub.com
eus.rubiconproject.com
events.bouncex.net
fastlane.rubiconproject.com
fave.api.cnn.io
fw.adsafeprotected.com
geo.ngtv.io
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graphql.verticals.api.cnn.io
grid.bidswitch.net
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.cdn.turner.com
i.clean.gg
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.geistm.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.outbrainimg.com
imtwjwoasak-pmi-pixel-origin.s3.amazonaws.com
imtwjwoasak.com
io.narrative.io
jadserve.postrelease.com
js-sec.indexww.com
l.betrad.com
libs.outbrain.com
lightning.cnn.com
lightning.warnermediacdn.com
loadus.exelator.com
logx.optimizely.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
maxcdn.bootstrapcdn.com
mcdp-nydc1.outbrain.com
mid.rkdms.com
ml314.com
mweb.ck.inmobi.com
native.sharethrough.com
observe.aniview.com
odb.outbrain.com
order.weshield.us
p.rfihub.com
p.tvpixel.com
p.typekit.net
pagead2.googlesyndication.com
partners.tremorhub.com
ping.chartbeat.net
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.aniview.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
ps.eyeota.net
psm.wmcdp.io
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
q017o-jh7o1.ads.tremorhub.com
r.casalemedia.com
r.nexac.com
receive.wmcdp.io
registry.api.cnn.io
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.cdn.turner.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-us.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
segment-data-us-east.zqtk.net
simage2.pubmatic.com
simage4.pubmatic.com
smetrics.cnn.com
sofia.trustx.org
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssp.behave.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
steadfastseat.com
sync-amz.ads.yieldmo.com
sync-jp.im-apps.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.springserve.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
t.co
tag.1rx.io
tag.bounceexchange.com
tags.bluekai.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
track1.aniview.com
tracker.samplicio.us
trc.taboola.com
turnip.cdn.turner.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
umto.cnn.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
usermatch.krxd.net
verticals-static.cnn.com
visitor.fiftyt.com
warnermediagroup-com.videoplayerhub.com
widget-pixels.outbrain.com
widgets.outbrain.com
widgets.staging.tree.com
widgets.tree.com
wmff.warnermediacdn.com
www.cnn.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.cdn.cnn.com
www.ugdturner.com
www3.smartadserver.com
x.bidswitch.net
z.cdp-dev.cnn.com
zion.api.cnn.io
ads.stickyadstv.com
cs.chocolateplatform.com
i6.liadm.com
id.geistm.com
js-sec.indexww.com
r.nexac.com
sync-tm.everesttech.net
widgets.staging.tree.com
100.24.185.7
104.18.13.76
104.18.19.126
104.18.252.222
104.244.42.131
104.244.42.5
104.36.115.111
104.36.115.113
104.45.178.220
107.178.246.49
107.178.254.65
107.22.218.231
108.138.106.100
108.138.124.226
108.139.47.33
129.159.70.95
13.225.214.12
13.33.60.10
130.211.23.194
139.162.78.222
141.94.171.214
142.250.80.2
142.251.32.98
142.251.40.134
143.204.150.76
146.75.38.132
151.101.1.44
151.101.194.133
151.101.194.49
151.101.66.133
159.65.196.12
162.19.138.82
162.248.18.10
162.248.18.11
173.231.178.115
18.190.165.21
18.207.52.81
184.50.205.90
185.167.164.49
185.184.8.90
185.86.139.96
192.35.249.127
192.40.39.223
195.5.165.20
198.148.27.134
198.148.27.140
199.127.204.163
199.127.204.171
199.187.193.193
199.187.193.197
199.38.167.131
20.127.253.7
2001:4de0:ac19::1:b:2b
204.2.255.233
207.198.113.88
216.200.232.253
23.192.7.104
23.217.155.4
23.219.95.182
23.22.76.72
23.36.90.250
23.52.161.180
23.52.162.190
23.52.164.28
23.52.164.7
23.52.167.93
23.73.227.191
23.73.233.196
23.83.76.97
2600:1400:9000::687e:749a
2600:1400:9000::687e:74c1
2600:1400:d:496::3134
2600:1400:d:4a3::13b8
2600:1400:d:592::2c79
2600:1400:d::17db:5d40
2600:1400:d::17db:5ddb
2600:1901:0:6072::1
2600:1f13:800:7780:6577:8b73:d344:2d89
2600:1f18:4e9:5a02:89a8:874b:1d82:df0e
2600:1f18:612b:4200:b1f5:a380:b13f:7d71
2600:1f18:612b:4232:24bb:c108:40f2:28b8
2600:1f18:6593:f606:2bad:1cf:7b7b:1af
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6
2600:9000:2140:6a00:1a:5946:2700:93a1
2600:9000:2209:e200:1b:5138:8a40:93a1
2600:9000:23cb:a800:15:6b9f:1380:93a1
2600:9000:24f1:3800:18:1fcd:351:7bc1
2600:9000:2510:b400:8:48e:53c0:93a1
2600:9000:2514:b000:14:42af:1f40:21
2600:9000:2514:e400:19:fc2c:a140:93a1
2602:803:c002:200::32
2606:2c40::c73c:67e4
2606:4700:1::6813:864e
2606:4700:20::681a:832
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700:4400::ac40:98f5
2606:4700::6810:5914
2606:4700::6810:9540
2606:4700::6811:180e
2606:4700::6812:acf
2606:4700::6813:ad6c
2606:ae80:1451:22::760
2607:f8b0:4006:807::2004
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80f::2008
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2006
2607:f8b0:4006:823::2001
2607:f8b0:4006:823::2002
2620:100:a001::4
2620:112:f002:bbbb::21
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::773
2a04:4e42:400::773
2a04:4e42:600::300
2a04:4e42:600::323
3.12.170.58
3.218.90.66
3.224.10.93
3.224.75.67
3.228.209.13
3.5.2.181
3.81.223.235
34.102.163.6
34.102.253.54
34.111.151.213
34.111.234.236
34.111.8.32
34.120.155.137
34.120.253.250
34.150.170.96
34.192.159.16
34.196.133.247
34.199.181.183
34.224.196.35
34.229.3.43
34.236.83.94
34.95.69.49
34.98.72.95
35.190.113.31
35.190.60.146
35.201.96.126
35.207.10.239
35.207.24.140
35.208.249.213
35.210.53.219
35.211.165.199
35.211.168.6
35.211.178.172
35.211.233.246
35.244.159.8
35.71.139.29
38.91.45.7
44.193.231.250
44.196.124.93
44.196.51.150
44.209.207.157
5.161.47.120
50.16.120.253
50.57.31.206
52.1.188.23
52.223.40.198
52.23.59.39
52.3.138.212
52.3.27.31
52.45.77.219
52.46.151.131
52.5.242.57
52.54.188.160
52.69.167.60
52.71.183.251
52.72.225.237
52.73.149.117
52.86.14.246
54.156.230.254
54.173.22.171
54.196.132.16
54.198.142.223
54.205.5.141
54.210.69.97
54.221.50.150
54.237.142.200
54.237.249.69
54.239.38.253
54.80.141.180
54.80.61.218
63.140.38.117
63.251.28.233
64.202.112.127
64.202.112.159
68.67.160.75
68.67.160.76
69.173.151.100
69.90.254.78
74.119.119.129
74.119.119.150
74.222.140.101
75.2.29.249
75.2.41.202
76.223.14.12
8.2.111.121
8.28.7.83
8.28.7.84
85.114.159.93
0084f3025b62635fb1d9fd855c1757260891499abe699746310db9c0006e6f9d
00bab1a0ca70bae23e6e733c1b78045476a2d2688aa0c5cf26fc7efa81ccaa0b
00f8d504457c14ab3989f9dbe2deabf6fd74e0c8fa703ec778e5fa4c4785bb2b
012578769db652ab9526de0d528fdd1c8b2db089c4179c72813b19a79cd1b8f1
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0201b2a2116fb85a47297a8f8815343584fafb1c4018a5201cd983b191ad3975
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681
035bee8cfc81c767fa26e23b4454fb37152b1fee353ced6335abee5c1c3bd20a
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ffd9e17bd41822b9a7b982a8ff486fafa54f7781baacb6ef3507ae7f9b36b5
0730ae5e6463d13788dd06f595b6bc77f82f0ddf26b16e27803dccfabc2bfc36
08b3ef532c673594756c7fe348f0eddfd345e93b86b04c87b56e2c7c3b1407b8
0a3207ed6ac144bb58e9ea8a9a44d3e121e1ffb5444e72256017e2d5e7266873
0a43bebe400ea210ea456d062ce76aac840cc50dd0c180478ede66c39854d460
0ad24989464f627acf1138c804935dd252c62a1a44e2704016c91c195882ac58
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b62e02d1e5006626a7dca0d61b0a130e31235872dba389a04089e3b85406f1a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
105971e4adc710c3a901cfcdf863bca4f5dedbfaa4c4500626abbdc6d7d85573
115e68dc3bdea7859d137cdefe6937529f04613db5d0ba230ad26c5f9dc9b83c
11b83161dee76d812081fcb607f48ed273e13719f801237a0d32d1e41012a389
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
137c162c911f939eda7cd0f2bd8d73c49aef6825a81d8ea96e19a4b66d577085
151ee9b6cc20cf1ebfc11b980f8be4623e85d439af8ba430629db32ac1310c4f
15be68e990be0ec60f4cd0baeb01ebfb13e3b0666c9b127e0f6b8d3895cbbb1b
17359a286b63355a4c758a87e382fba8db1702ae5d15fdb215a251ee1201e8e2
1793b1f7c6c22f4d15cd33627e691aa697b3abaf8367f90e429d82a3797f4f68
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ce127fac997d05e6cac7436df99fe45e8a589d26d1c891aa127e8b2af572a1
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1956586654d1b728b2c0af3cb41f5056075198ff0a6a9f6460295655222b63cb
1975c68a11eeeec221de98531a1be1121d7b6aa3d0f551e44fa25d9d0245dbe1
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
1afd9d0b0088c707945d3eed4a229a81f70a10cd0e3ae6a8d60ae93aff463d25
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c21ca40115a1dca13f19f9502eb5d432a4a83447bd5232424809f6c8145b9a4
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cb26822149a5039570eb936bdcce3adfc61e3e8031082e6188cae156e80979d
1ecf37bdb3030ca4681f82d24a04d4488a70e72e7e55600700e1b8562c28f07c
1f4098a02bb830340117ea0801a7b5cab514c5138af9502a4b45d6c04da4cbbf
1f513072aed1d6585ccb6fc01b0db68ded7c5937ddc58c5997b34cf68c20b84e
1fecbe05419b474d532b9a76baf8f33d4105f61247101ac8c78e80d06fde464e
1ff67dc8f3edcb5b1491a1ca1cc8ee6cd12c95a8c3bd646ad6ad95a13c2cf3f4
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67
23d73ca140f265ab3584cbc9df6312d8f99128def40bc2117c5c053d877c1e0d
24292692c0764a82f2b4eeb701e14b6c102f05cd8acd4e3f18198ad71a92076d
24f51704c0fc3b79c10bea3396cb18a0f7ebfcd6adef114874f94b023822adf9
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26cf27e2cee712025c08cf2ec3e0c8eed7d26775390d8861403dd6b77096ad6b
270baa991d4c6a92df00e1939f1f7ad1ec718a79ee8e376762baa4764a48de99
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
2881a209222d2489b85ce877c4b7f6b10c9eee495cc91045ceddddb0d92ad488
289dadbee2c8071696c7618cf8121e4a92be71f1654d4f89af02d2b8919ac2e6
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a3b6d8d430b9350c312645161680f1f6c3363e68edfba287500c532d095bbaf
2a5ecf8d0ef59a28ffc063a80cdb76bd373c037f95f9e560752d07e2541efd10
2a6cadfa76475c13f40dcf77cd4d97313ca8f416fde2021893fd87ee49db97a5
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae
2b3b88b319275cceb70794d043367e228c95151241e5eae0ce365f2c11c24ccb
2b9af71d9b488981544d45064fb489209674011bbf7b494a557e2c2f4ba2911d
2be7007304d4de5039a8583f848d851f30759d225aafc7b57d3905af3be46ee8
2c18e59e93eb33a02283c2c315cf4f25cb4f1cb19473a45a52f9e65c4e215796
2c2e2c663fc9520d0d357da4e8b8ea4e786cd12aa552aabe2e792a38781e0748
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cea9a4b108baafe4e44a838501fc030893c8f07f2258c16fa7881f942e5c002
2cf4277fcbc9d7f194f9f004e4c800113581e70b435d3a78bbb11a7c37e3249b
2d1e3239d53066463518868aa1174679fb133cec0c95e9acd50ebd404308db5f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3166ddb18a7c073185864a44a253427c52edb30f5d15b06a399f686eb7340df3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329318ab19ccf973c54c56989d8a3bfc2b778ca5da60af92374e0b43b61a6c34
33c27dfa15abcae114c497fafb1f0e9942e94c1da4ba218c22ea7c9400428d36
351f4a610470ff4bc5cdc7763f3a5efd757cab0b4281b8d746bc6af1868b79ec
354c25b974554ea833c68232be45b9ce82eaafbf12754ea89b319e52d95491fe
35e0dfb52ef6815e19735e5e24c5724eba15906da2124c27689c459dcdbb2677
3670cd6ea33a6e6eabcfd4dacc6fe7ee12dbcc84b6abfdb2b78cd3616d422d2d
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3746513cc9c297dcf9c128f3028b602175145361d5512c68108a03210d6618a9
3753e0ae94e8312904d6797d4599bb860fe9217c5ff64a731a1839a0390eae30
37c6a88e79418fdb89807bfa310f1070a3709a865fa09af705f78cf7381a50e9
388d6899382bb9c403f05346c4d90ff37d8f23c41097c36165220fa6759dc885
39e25f1f874faaf89cea5a4722d143df1444e2c2fcc653b28366f866b206472c
3b86c4ec158449f0d268750b41270422cf35fe4397250919bb896bd34447943b
3bc6e9e5e4ddd87dd4fb43f62a60f5dad12ba6c3fd558c15323c49d1b1fbdaef
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3c1179965bbbc155a93a33852b756160ec48f09d26d41f96273d14f732fa74c8
3cabe05b7228f5abca71e49d0342c1d5d6e2d2a04e789e23148db033f367b9a8
3d7f4f5a9e515953a51ba871357a26765ef23739e724715ad7b6acbb7874f3f1
3e3ac730cb213b20bf93b1026c3f1fbbffb80623d246f3e35921a5e670cb52bf
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2a65fc5589f099c6cdd8cdf83d2a937d18550b87b83cbac1dbacb6031a6ca5
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
408f5e12d2b9b9ff75b208f6361dffca5ff35ee965586f30deadfd515bca2f9e
4134746487ee6ef220ac3d38bb213de9e003967065b9edc38e6d59402d1f1798
42c7aa016e5da5e8b8e57f60505a9acd2724447c1a59894da3f5937e9d642c4b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44760875eb5d979c21e5a8478efb889a6088f6bfdb5a4ff047b2c6b92ee7a988
447ca1004faf4a3c960a82f9d4296cd6aaf7db42d3c98c8379f204f9084f1ff6
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
47d9a20bb477c23070c9ea3874f8a667a38aac2c3e43f15fef14a5b7e2e6667f
47f4ef52c6885777bd24a5566e75c005b66176d382da8fe3667942e7565ef592
48201e6162f2f3724d7df1a0d702b3e947ac7f628d999bd911172e04778849f8
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28
4ae4312f7607dbb787e201e48009fa93dd62236506efff04d9a6684fd60cb57b
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
4b33e75cb5f95365ebafb32ccc625f79e7bbc6019bf42a94c866a43110b05348
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd3c9ac3c7d63f8005ab22bd26a19260c89d30c1d6a16020857f0e4df01f334
4d42aa7f0f3bffc68781d8a6553679db4643a3b852c34b4103c10ac4bb59af52
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3ab7fba3ccc0f8b7b02215ab32cb22b3611ab233dbb94ce32d1fcce91fd387
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5079076cf278338285df356086a41b7f6eab04fd299296e6a7d68013c48c4e87
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24
51df93b818c51153f40463a75a56fb55da06fcaae908f0a36c237d3464ad376d
52eec1fdf18e408e7def99967114a13fba7707896cdd08f5acb48f1bf6ca9003
5317fca956d9f65b8fdc17884b2693ab3e272b286dde6d434af867e6a5b33ba8
53fbcbbbe94c8ff9e31d33bdf945f991bd258b2134bd88b55a17ec7cd6db5af0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555e3bb894a81d951e881702b3715c04e40b327fbec9e1bfcea66f69492f1993
5569fc9ee78b68b9da51891d71bb3b3ad83115c0e7b6760488174dfa23e4b8ac
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
563d5a8ab017d2f2de55d481c50625a6da125d4f11ead96bcbba9f8c5ae1388d
57ad8175a700fc3c80f5c819c9e564b9c0ee3a68a66e0af3a8a2b936a186cc71
594674117ee7fbfeafb70cb2258230148ac79822797659461c23f123adaf74bc
5b2974bacfa07ea37066aafe414ee78e9499e4fbc2e51837b64fc031418cf179
5dd52efe9f01f3a9d65da322b2d9bf2fbfa505b91b13d15885c7b323da84ec63
5ea213ca4780f5a9084e58ef00f944ce58d5883d22c3d0a3ef145ea70675b188
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fa4904db83f4442239a6f64b44f77c8e8108bc1c393d5549d13db0b18582dcd
5fe521c443ba7c8125f280e39d27e2a972d23409128179c3560bb67ee1c037ab
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6049c58b12c6586f1e7b90c2026cecbffff05a42734dd148ce099bb6dd527dee
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
617988e22d374aa7a01f59efd3fabaad1601943ade41f8c8006e29ff86a5174a
62298265921b78734bf12beebaf0dcab868098b570755499874c796fb5124f19
626e5cd337dff6951c9dab516f5c48fdde79c61da0a9c2026b6546f4e3b43213
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
654daaa439a0297541d075575f8e9fbbbe65232ea0a340db55176ef9f589aa6e
6609f61db22d9bdcc3dbfcbeda72953585bcdeadb294ca8a6b17a3bfd5b6801b
672bd4038a2113fa6a188880ea1a099c423f3cd429418699dbb51ba34daf13ba
67603bf5fc4bbac38db4249af72d478c182817669c22757eb9730e47f2216da6
67943aa57c80456915d96c2515f9f0ac5622a7fa29c53be3fe9f2b49931661f1
67aaebcd230a3ce57aada23a67f1e9ea4c00dfeb172b1f91dfeccf8e2ef3d012
67e8269cd944134ebe49deda2f7b3c76fba0b2b97037c8649d0a411007de23f5
681d53718f0c6682143e6385469c8173d7ba32d93c8e5c3bc7d0aa3873052f47
6938b419ee2325f0617b7873bdd313503a4d3e67f6fba54326c70197429c6cbd
697aa7f78c3deb8d46b3ee11199ee5458e3efe513c14f3482c7d15a92bfbdcc4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af22ea2947525c5004cfae2db03db66e2834947ddd59e7bf9085fd756cac2ca
6c825fd295562e37e1119a7f1dc29b2a16fe046177ae16c498c9d73a0fa66020
6d6117559ca0b6e4c3d243dee2b44a0fea099fa2cf590396b38f521072dca034
6e3918e850a4b73069afd766372fe3487b473f487bbd9c3b9fb5c84876972bfd
6efeb1e49f8d15198616fade431c964aae80923879f36311b2f4e3380c2a52b6
6f53a1e9098a082a68ffb4f873eacaede8a4d9e5e3d403687c5a8f11b5084505
6f584c9d6aba1cbd0502cc327c19bd8339247815ac83a031066bcb75568497cf
6fa18840f88fd0b61330f628cc89e2252d99af01ce97676c14e1c18ebfb98294
6fd085863ad696f554615ed2f47c6bbd077fc6e6172418ca1a4c3784cc3d8f3f
70aca2a6be1160cab108cc64c19118b74cc2b344cb9cf20ffa94738548e39820
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
7471826a39b48c644be8b402bcb00d6729e57b632be7585a5f5881e244c3a2fc
74983772e78b4ab621bd8d5d8a686a2ded7cc9376cc34cd4f57c04a3c41eac90
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
75437f99e78fc61503bee51ddec73ed638680878a47d0edf5fb593be21f87fc4
75676110c4c61bda7bb44a1e6f17d8368b3739537559e5aa8e8bfa353e2e09e2
756fc7dbf6e4ba97c61ad14913289b7cda96f360cd385aad2e82f8311d708233
761d5e2b0ff642e56f1e89996a65563f48605b0993752bf84cc06983b0b94f94
76fae0bd28c9d3e5c0b515748309ac22fc66c180dfe323432b80fbf18401d683
77790612c417a0e893fdaf8fb5997054ec60486ea298dc6c8e90fe0611fe7101
797829b8aedf125545f9d66e64974854813818e948d7cd435adbceb768c19984
7a0d98aa9ef82527027a313c2097b331077653f53a1c019bd8439ee6a3eb1f17
7a6bb419cbbf58307abefc7224a57c0be452ab88446b0c2ced7be294fa50e0cf
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7aa846082d8ee4453971b0c942731bc25e45f436af3c8d59764f454414c375cd
7b3338f50271f3046fe9c6df8e986d27d99a0e8d1f234c937d8d6ed5d64961ca
7c66b5fd80c2287d6639e3d2186873e393c160b22b77ac7f779a793bdc420202
7d8eb7249e3bc58ba3421a6e51e50fdbb1b59932c4ac62b82d35d4ec53bb7d32
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
80745628bfdbb2a2d6484c179795e8acbd868ad1265cd2dc18fdd73c1dedd2f1
80e7aefdd09a701b2862f1f26113eef8d612f7b56ff9a26930898d47364c9a74
813197a86f077dc5cb16f49b1d3ae5fe69754fcbbb6d0027ce251cc32e5c1ba2
81772a6dc0845a5249d42fc51bdb1e22d7dcee50773b789b0d3ae18df689af7f
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8433f645be5af5d9a0fc33d7ad90e7f9dbfa48dd6ee0b487d3d59d2f70ecc7d6
868a35dc62791b1969e1675b116e1bd11586851987be72a7e33e41b44ce88d29
86b539ab73772056b99195dbee86d756bc30f85b1c9365152a4ac0aefcd419e3
8732346bbc22ba869b01b76807b15e10af1cbeb6d9ffd57beb8f9b776204ae86
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
89a9bdc41593255b5aceb86e8649998b32e69483a7630171739b9e14283e1b7b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
8aeb5be4993bbe0be70b679599c007345928d6078a0ccecf0663c738e6a958fa
8b4974c3c560c306bc6c617db2178dbe5ab8f66827c77dc41f48d5d80f81dfbe
8b9f4f1f70b663a6f9c20adbfc3fe2feb4aa33d8ea89ecc196d1b617043f6c36
8e0c63a2efcef6fffa7da5476862116eabc0ec2e3d9e94b70363cf49252bcaa7
8e3026f71a38ec0c7c535a2e0c3811b14863a01eb5cb922655f755ec2ae2c2bf
8fd30b06e7ab6a3d0f7f2c494750a1893267cc02340e1292738fdcbe4e27c319
902af3f7b0beaadf03683ebc8f71e35471c89f3034ae64baf1aa90cad94c3809
921e5bd5a3b445ce7f478c141e50e69982f51a5c37ababf0d78cf2c4308005c2
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9401ab1246b087aa9d65a943a694694b205d89133f5d2fca8149beed5b2fe481
96e24ccde861fd8eecd9e66127838a292b06b43c265ce3cebfd98262b2b7b1a0
971ac0afbc5b9af174313666676cbe6385da537f4109fd1cbae65e1dfd4dfcbb
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99303911c8be04851e65f0fb033d9f803a9ec89876d9ecb00c2e878a9b37324b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0fdf5f2f59d1723c6ac11472077ca4515952866f79b00feb9fa646c8db4b8f
9aef644563f54706e2d90611c2a7c96c65ef84f516b7ef1a209dde9cfcd07361
9b29cc470a35e9de8c083fa1cb2d9f3d49fe0cd604ec98b5e99550ae2c245f68
9c7519212772209334a467e250030576a4552ae96c77477d5c5b3d18b9e9c26c
9cc6fa58c95bd8348626766180bbbbb7a9c187bb8a507d9b485d28b3bde8c671
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401
9dce40b619e921f47861f42150fe9ab574ecc47db3953a6394a8d7030cc5ce03
9ddae755c64ab288fd0e9b10ab8481d1c1fef8f91edc1b02072292fbf9112636
9ee84db1f5f304547a1b594a3fc6caefb75a924403a9d1dc438382159be4e90a
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a04419a2b5dc6eeea8efbcaaf31d64ff8b2becbc3cde17e2e3daa6d44af2dcc8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d7ec608ef9c081362c8d518e638f76128e40d8682c03e0675fec77425a88bd
a1e4888fea653359d24e130790805cfa1d340d1d6c5375e4c09c7b7735b25d0a
a1f5e94f0b68ff8ca310ca69d05df88c97ac03d0d6cfe6f2bc5553baf72da4dc
a28f73a5741b70ca26246a9b76c3f43e7de4b2a787e9aec59d1a045402a9cb31
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907
a49dd3134463ea656a19e3881cc768d72ea169b3a2132aa30b3dfbfc6475b403
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6b4795935173dd8879c4892909ac59f2be2f6bc3f6f8e8448d3a72dc5dd9ac9
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7c5bad558df5549a37722e2c5bfbd969edb237f56a9268cb4413b9a349e0790
a8f82f427a143e43627990393fec6d358ae5861d2e434c29a485b9bf680e1cdc
a906eb16f76c88221a9c3a0e42db23a20886ee333cd8e2e2a5a7f5085ff2a10b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab2bffcdcab8d3e3089d5cce03970e3e8e3f098be7b846c62c78d773353acf66
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac8f250891b9f2439ccf1465e993d11271ca6935c7b908565977b7428029b9b7
ace439e1c5b2d75e5937d932c74bad9cdcc17667292db07d70b843a99dec8c67
ad1e6142ee4942d81f5db672be8ecbe0a3252751e92ee31d1167426fcb3b3f9b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae1484b1d5ef64f2687caf0bcb08e74677551a38c8fe0ddc101c8c97f10b051b
afc3fd9915b5e2dd938df4b615df0250a440d41dbca3a12467f8b7c57bf3cbef
b014a4a3aa47ec06076d38e0d79c1e6777df2b6149e7bbdb00dbbd782e6ab2b6
b029a89ae0a6fc5cd5a6be5e63e38570a134f01f91adce7a358e97df12b719be
b13a73a3e3f43ee1ba0c49f8c364b64ea2424f22f7ae922ecd7b3f7e22e548b9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b602aa29cdb7dfa3857ccd6adef55af01a178fce12e8ee4138db6cf8567721
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b39f1aa03663a52de489e18a6e1c3dae1de2c0290eafe64458dfa8307fe20954
b3b6d03341c68779e351ee7ece4003b4f48bde05b9c47667ac7e91a18bf70ce7
b5831918f8b066574a88e6f574e3b59cf121b69969dd7e1441f2604ce61ea72d
b6cbcad0f790b1c0e3569a0ffe5501ba7083a5721bed84e744eaf648d292435c
b74420758de35d9e305c4be91525ace39bc3961b99841ab0624834b863b7cd01
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
b90f463149e1be2a45e93411401025b9b0fa3e078b054f8e5ebba2b4ee3f6d55
b91716f5f6515323bac0be9828e77d126d21b2eedefd007f7bc2f10ea02a8d22
bad9f46f79618c74afa969e86a2cda11792b6b032b809f10af1108b17360b9ba
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb673d9ac3876184f89e1ad2b891ac7fc77e1b1cab749f1d581bc786a23a3e77
bb76745d3ee1a80189705d4a778107c616362889fa9091a6d542f83a2619679e
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bc05fb263db39ac239ae88f3ec71f97d7ea39e62886aaf3a0b197232996cc65e
bc297048583b3fa85211a4cc5021f54648e0ff6ac8ae99c4f74921d2337457ff
bc8353143f985630e0f06b0f1da1f28e5aba611050c249fbe3b1e1c32a64829c
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2561d2cc5ba7c8144002da79ebe88606c7a95586331319b06062064db952606
c2c92cde33538b1187bedea3d0b6d5141e4222eba8092476339aa080cee759ac
c4ced9b65799c47270c5f92809e9ed6471d838d8fffba5aa0fb5f33a719e9d33
c4f9470a1e9db4dd928801af9afdcb3049ddf6bd4df7a05106fb35fb094d5210
c6104817ba76c7ef1ce99a73ab68bac973a3d0a1bef9db9f91624153754d8f35
c647ca6ed0f4ae7df127061508bc51ae3a871362144bf252e8f46a9f0b7d6aa6
c9a9c5b70316d0b77250c6410bff38f354e17e1c30495bfb340aede9e36963cb
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbe5bbee2b9a60052bea16aea3100aa41aaca657ae66af6b0c2a9097fd8fb5ed
ce4f517240bd5934346fb0891d1eda77fb7c4f6f3ca14524023f07c595c0c037
ce5c73724b1c90b9b70b3528a5e7b25f41676fbac89de38946c80a04bb4ae6a0
ceb863becaa364f1d55bf6d643e9c79cb3316e3add1e75269d464a53576b9385
cf179df11689b20cc6af20402afa4b3d8d1bdfa20474c9869bb45f4c0b6ba1d1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf54ba25dde67304d51588ae967712adeb5ea3d307164b06e4b04ae9786be118
cfe9c981c4b6a98bcf7bad851a321d94cd5d6b52166581a1ee054607aa1727a3
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0b3ddde6f162bb866ce6bb72a7657b3acff48eb7ccec718ae23eac61768ad24
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d28e7b3a596ad8361ab4d58bb00b69645642829cd3260a2d83f564ceaacb8d2a
d2e4ba007fb2b665be935d8ca963f318a346eba671f1f3803d06fab7ee1ecf7a
d66cf8ddae7555f3f0402b259faea0c57beef67afd0502159434b31f50e2ef82
d6bc84371e722005a1cc2f0d2cf5392355b02667188face67dce065343feee20
d856e1202f7aa63f208d3848bc7b3d1b3352e02d3a689049d0ecb537b8532c45
d90e8db3eeda980bab9952d50d2e8248574cbdc39805e7207a55b8ef9ef49bc5
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9b631e93557f39f97520cdb582d0228f9418850461f56b00810834241f279f5
da2e173f3b0247df9b194a1bf4dfcf50966166f84a2000ee9c672a4ad7a66031
da2f4ebc12869a2dacf2f2f4f77310c977a0dda13c3a702c2fb18b40065b4c0c
da6758d8b1f408269e9a66000242b0a9cb89accde6c06c8c96a5d21f35efc012
da683bdedcaa402ef4a35d4dea12d836a009e4d6e1c46201c4848d8f282ecb50
db236ff9e0404eb845760186649b1fe14eb66951a9e94d9aedbcb63c030fd2ce
db896db6bc5a61711279462a950f48940e6379ca407040ddf8a455939d38904b
dba6cd6ea8cd4b220a20275c440ac8b66e7f96c21bf5b220d7805524bc5da486
dbc718cb9ae1df7c2938dc85cc9cfb02d2a5fdc0bad6b093480ae67e0336214b
dc1095edea697c039f9f72cae9f784dcdf6b77ad061a94904bd1741832722617
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e08b46087a100a23157c9426007e2f8d0872494db84f7ccebdad5c063eeb30c1
e11c95df1842787d45061b351028a007632ed1ca3985d6c5f08c8ee82b25b9dc
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab
e291e22c061178bfae4f5c46bbdbbc01f83d8e4695d2faddbbf0ddd1ac7d024f
e32708204fd9d2531ebb40e65a0b4304970d01345c4c03ab29311066cb640847
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e72f0926b3418896301bda925b636ad884f5bf18f54308383ae77522ca5cd9a2
e7e7d81167cf94a302519795edb29decd2628958ad2aeb3ddfbf228e1f50fffd
e8c56d0595a3f501568f8b9c0cd8441fcb90e2ef3e8f42d033cc5c22ea72d997
ea3f0c72d90e6dfaeaf10473d2e3ab7138a5e16081807bb53bf25c119be435b4
eb3c88537c4191450dc5457dc2d8137cd5b784fe27b51e04e643672e96dcf882
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecc549864ba1fa8cc0acac299172b9b08a647371c56f2abfe0afb867adc40792
ece6b2efba857756a0e51b7bd1566a6121ec0388af87a3681dd3743551e74626
ecf3291968bb9be3ad2ab69d29aef2e02f2ea9b0cde0e1af953038ac6d87f25a
ed4f3ec92437599d1dee247e7aa8e01e70a9af6a57fdd24a984b2696e0a1fd45
ed956d8b011dad1c2e7cf81e161e4fec4da0a5aaad8c60a40f94a4d652760ca4
edef143f2ba46d981cd4540961762c64bb8b9ef3f0b40a287573f8b4de14eeff
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee743cff1dd1f61fc4a3d5d15834f2878e2e1c10b499d5beff9f005b9ed06b70
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eee98945090dc5236e66bfa2eaabd4130d06873a97633e64d54dfe76a1d745ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef715a298ef085266c4cd67915f28f17590b4c930b0ed110844025be68d8828b
ef9fb965f39111265d183ba9b09e88629ee8c9ac196fdda72cdc3a3bbfa23c7a
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f1802b470cbc719a2adb2603ae1371473a0f8ad30662e5ff2d87d9f7554b217e
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f304bc76902d340b811b13ce202524584f3b8ae5983f1dd1a0a984fbf5aee91f
f304f45550671582b688cf783331149146bbff148259b7afc87ff1356bdaa145
f39f22304f2df8c4c15400083b11ce03c42177a05523a4c91c81d0db17c3e06c
f4dccd9f47ddd9c45c515c5367a1064400eef210f31928b11eb79c13ba1c5e87
f532b34382ae0d1f4099fddefac3c000bfa0d044e3fda50bc8e6467fd87decfb
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f8d6148b07b2251c53a2605a003b1d29babb8154c5abd0bde0f7e8a800f2dfd9
f8e8b23f1553b146025c1fa74fa8cef93438b9ae57bdda32ce31ef990d487f77
f9699b9f521b1c637bb698eab0017f2670dddbc21660ca74bb204a52b34e68b2
f993f56ff55ed0cc0d296f2e2c611553d2eba6d71ebd89f97f60908eaac0e4f2
f9a9338d8b09e71b172238a4cff6c2146c3eeb2219a55390e3e5093fc1cd07e0
fa66103f79eef86d00ea032010300e4ced0d79bf7c8e87d265f186e48ccbab3f
fad5aa3c80c045f57dfee78896d5d24c800cd550f009346e66a0dc9e1f41ff4e
fd652c82344039a7f0f531b55d8ce5851c2755a68307b4ec53f82163f8573966
fdde3f4f2137d2449ad365a8ea24c2bc8d49dfbbc909a46d2e1ac23918610209
ff159559494745a0de09e555b7722975b3d531b19458b7aaeb87d23293a8718f