urlscan.io logo urlscan.io
SecurityTrails logo

www.ibtimes.com Open in urlscan Pro
54.166.249.156  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVz...
Effective URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xO...
Submission: On March 17 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 9 countries across 79 domains to perform 286 HTTP transactions. The main IP is 54.166.249.156, located in United States and belongs to AMAZON-AES, US. The main domain is www.ibtimes.com.
TLS certificate: Issued by Amazon on May 19th 2020. Valid for: a year.
This is the only time www.ibtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.254 209242 (CLOUDFLAR...)
1 54.166.249.156 14618 (AMAZON-AES)
1 2600:9000:203... 16509 (AMAZON-02)
32 151.139.128.11 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:2800:234... 15133 (EDGECAST)
4 52.85.115.11 16509 (AMAZON-02)
6 104.160.77.202 46469 (GETRESPON...)
3 35.190.48.184 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 35.186.195.222 15169 (GOOGLE)
3 13.226.158.204 16509 (AMAZON-02)
1 18.196.104.43 16509 (AMAZON-02)
1 23.37.38.181 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
5 136.144.59.88 54825 (PACKET)
1 7 35.244.159.8 15169 (GOOGLE)
1 35.158.194.251 16509 (AMAZON-02)
1 213.19.162.61 3356 (LEVEL3)
4 9 185.33.220.243 29990 (ASN-APPNEX)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 8 151.101.14.137 54113 (FASTLY)
3 199.232.58.137 54113 (FASTLY)
43 104.19.136.78 13335 (CLOUDFLAR...)
1 2600:9000:211... 16509 (AMAZON-02)
2 142.250.186.162 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.190.72.161 15169 (GOOGLE)
6 52.53.123.199 16509 (AMAZON-02)
2 65.9.58.52 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.170.85.180 14618 (AMAZON-AES)
1 35.190.36.172 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.198 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 5 23.37.53.17 16625 (AKAMAI-AS)
1 52.85.115.98 16509 (AMAZON-02)
2 13.226.159.44 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
9 3.20.220.113 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a0c:5c81:514... 55081 (24SHELLS)
1 104.244.42.72 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:1901:0:2... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 199.232.58.110 54113 (FASTLY)
2 162.247.243.146 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 23.37.42.132 16625 (AKAMAI-AS)
4 184.30.212.16 20940 (AKAMAI-ASN1)
13 17 216.58.212.162 15169 (GOOGLE)
2 2 35.212.212.222 15169 (GOOGLE)
4 8 34.249.70.28 16509 (AMAZON-02)
8 8 52.28.196.155 16509 (AMAZON-02)
3 4 213.19.147.151 3356 (LEVEL3)
1 104.19.217.61 13335 (CLOUDFLAR...)
1 104.16.221.74 13335 (CLOUDFLAR...)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
2 2 18.159.17.140 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 13.226.156.205 16509 (AMAZON-02)
1 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.162 15169 (GOOGLE)
3 69.173.144.138 26667 (RUBICONPR...)
4 4 69.173.144.165 26667 (RUBICONPR...)
2 3 2a00:1288:110... 34010 (YAHOO-IRD)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2 151.101.114.49 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:206... 16509 (AMAZON-02)
1 52.20.98.49 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.120.133.55 15169 (GOOGLE)
2 7 35.156.37.164 16509 (AMAZON-02)
4 11 104.108.145.8 16625 (AKAMAI-AS)
1 104.108.144.200 16625 (AKAMAI-AS)
2 104.108.144.214 16625 (AKAMAI-AS)
1 104.17.119.107 13335 (CLOUDFLAR...)
2 2 216.52.2.39 29791 (VOXEL-DOT...)
2 6 185.64.189.110 62713 (AS-PUBMATIC)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 4 52.46.130.13 16509 (AMAZON-02)
1 1 64.202.112.191 23352 (SERVERCEN...)
2 2 185.29.133.58 30419 (MEDIAMATH...)
1 1 2620:116:800d... 16509 (AMAZON-02)
4 4 37.157.4.23 198622 (ADFORM)
1 185.64.189.115 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
2 2 213.155.156.184 1299 (TELIANET ...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 159.253.128.188 36351 (SOFTLAYER)
4 185.64.190.80 62713 (AS-PUBMATIC)
2 2 52.50.99.220 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 54.81.207.173 14618 (AMAZON-AES)
1 1 3.126.56.137 16509 (AMAZON-02)
1 142.250.185.98 15169 (GOOGLE)
286 100
2    199.60.103.254 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com
1    54.166.249.156 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-249-156.compute-1.amazonaws.com
www.ibtimes.com
1    2600:9000:2038:f000:3:f9b0:4040:93a1 (United States)

ASN16509 (AMAZON-02, US)
ccpa-wrapper.privacymanager.io
32    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s1.ibtimes.com
d1.spcdn.ibt.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
js-na1.hs-scripts.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    52.85.115.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-115-11.hel50.r.cloudfront.net
frontend.1worldonline.com
6    104.160.77.202 (United States)

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: mta-1.ibt-mail.com
ibt-mail.com
3    35.190.48.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.48.190.35.bc.googleusercontent.com
stalesummer.com
1    2600:9000:206f:3c00:9:dc53:cc00:93a1 (United States)

ASN16509 (AMAZON-02, US)
ccpa.privacymanager.io
1    35.186.195.222 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 222.195.186.35.bc.googleusercontent.com
query.fqtag.com
3    13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net
c.amazon-adsystem.com
1    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
eu-u.openx.net
us-u.openx.net
1    35.158.194.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-194-251.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
9    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2a02:fa8:8806:16::1460 (United States)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
8    151.101.14.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cd.connatix.com
img.connatix.com
3    199.232.58.137 (London, United Kingdom)

ASN54113 (FASTLY, US)
cds.connatix.com
vid.connatix.com
43    104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
c.mgid.com
1    2600:9000:211e:9000:17:1429:b980:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.feeds.ibt.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    35.190.72.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
fqtag.com
6    52.53.123.199 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-53-123-199.us-west-1.compute.amazonaws.com
app.1worldonline.com
2    65.9.58.52 (United States)

ASN16509 (AMAZON-02, US)
geo.privacymanager.io
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.170.85.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
feeds.ibt.com
1    35.190.36.172 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 172.36.190.35.bc.googleusercontent.com
cdn.fqtag.com
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
4    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    23.37.53.17 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    52.85.115.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-115-98.hel50.r.cloudfront.net
api.pushnami.com
2    13.226.159.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-44.dus51.r.cloudfront.net
dau-prod.launch.liveramp.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
9    3.20.220.113 (Columbus, United States)

ASN16509 (AMAZON-02, US)
capi.connatix.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtcontent.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2600:1901:0:298e:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
aux.fqtag.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    199.232.58.110 (London, United Kingdom)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    184.30.212.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
17    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
cm.g.doubleclick.net
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
8    34.249.70.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-70-28.eu-west-1.compute.amazonaws.com
match.adsrvr.org
8    52.28.196.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-196-155.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    213.19.147.151 (United Kingdom)

ASN3356 (LEVEL3, US)
usermatch.targeting.unrulymedia.com
sync.1rx.io
sync.targeting.unrulymedia.com
1    104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
1    104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
ams.creativecdn.com
2    18.159.17.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
a.sportradarserving.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    13.226.156.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-205.dus51.r.cloudfront.net
d2fw4nb4g546bx.cloudfront.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pubads.g.doubleclick.net
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    2600:9000:206f:7c00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    52.20.98.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-98-49.compute-1.amazonaws.com
ping.chartbeat.net
3    2a00:1450:4009:815::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:57::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r2---sn-4g5ednle.googlevideo.com
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:400c:c1b::8b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
s.youtube.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
7    35.156.37.164 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-37-164.eu-central-1.compute.amazonaws.com
eb2.3lift.com
11    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    104.108.144.200 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-200.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
b1sync.zemanta.com
2    185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.184 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    52.50.99.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-99-220.eu-west-1.compute.amazonaws.com
r.scoota.co
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    54.81.207.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
43 mgid.com
jsc.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
c.mgid.com
472 KB
32 doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
googleads.g.doubleclick.net
142 KB
31 ibtimes.com
www.ibtimes.com
s1.ibtimes.com
730 KB
20 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
386 KB
15 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
image6.pubmatic.com
aud.pubmatic.com
simage2.pubmatic.com
33 KB
14 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
27 KB
10 adnxs.com
ib.adnxs.com
acdn.adnxs.com
23 KB
10 casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
10 KB
10 1worldonline.com
frontend.1worldonline.com
app.1worldonline.com
150 KB
9 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
45 KB
8 bidswitch.net
x.bidswitch.net
3 KB
8 adsrvr.org
match.adsrvr.org
3 KB
8 3lift.com
tlx.3lift.com
eb2.3lift.com
3 KB
7 gstatic.com
fonts.gstatic.com
csi.gstatic.com
67 KB
7 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
338 KB
7 openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
7 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
36 KB
6 fqtag.com
query.fqtag.com
fqtag.com
cdn.fqtag.com
aux.fqtag.com
91 KB
6 ibt-mail.com
ibt-mail.com
125 KB
5 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
3 KB
5 scorecardresearch.com
sb.scorecardresearch.com
4 KB
5 a-mo.net
prebid.a-mo.net
1 KB
4 adform.net
c1.adform.net
1 KB
4 google-analytics.com
www.google-analytics.com
38 KB
4 ibt.com
d1.spcdn.ibt.com
cdn.feeds.ibt.com
feeds.ibt.com
506 KB
4 privacymanager.io
ccpa-wrapper.privacymanager.io
ccpa.privacymanager.io
geo.privacymanager.io
47 KB
3 stalesummer.com
stalesummer.com
31 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
133 KB
2 scoota.co
r.scoota.co
1 KB
2 fiftyt.com
visitor.fiftyt.com
998 B
2 de17a.com
d5p.de17a.com
637 B
2 mathtag.com
sync.mathtag.com
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 youtube.com
s.youtube.com
2 googlevideo.com
r2---sn-4g5ednle.googlevideo.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
609 B
2 rlcdn.com
id.rlcdn.com
api.rlcdn.com
394 B
2 cloudfront.net
d2fw4nb4g546bx.cloudfront.net
63 KB
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 creativecdn.com
creativecdn.com
ams.creativecdn.com
691 B
2 1rx.io
sync.1rx.io
1007 B
2 unrulymedia.com
usermatch.targeting.unrulymedia.com
sync.targeting.unrulymedia.com
794 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
757 B
2 nr-data.net
bam-cell.nr-data.net
1005 B
2 google.com
www.google.com
adservice.google.com
648 B
2 liveramp.com
dau-prod.launch.liveramp.com
468 B
2 facebook.net
connect.facebook.net
61 KB
2 hs-scripts.com
js.hs-scripts.com
js-na1.hs-scripts.com
1 KB
2 silobreaker.com
info.silobreaker.com
3 KB
1 googleadservices.com
www.googleadservices.com
1 stackadapt.com
sync.srv.stackadapt.com
611 B
1 bttrack.com
bttrack.com
380 B
1 turn.com
ad.turn.com
425 B
1 simpli.fi
um.simpli.fi
608 B
1 semasio.net
uipglob.semasio.net
253 B
1 zeotap.com
mwzeom.zeotap.com
596 B
1 criteo.com
dis.criteo.com
326 B
1 quantserve.com
pixel.quantserve.com
497 B
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
414 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 ytimg.com
i.ytimg.com
14 KB
1 chartbeat.net
ping.chartbeat.net
169 B
1 chartbeat.com
static.chartbeat.com
14 KB
1 hubspot.com
track.hubspot.com
849 B
1 2mdn.net
s0.2mdn.net
17 KB
1 idealmedia.io
cm.idealmedia.io
555 B
1 lentainform.com
cm.lentainform.com
622 B
1 newrelic.com
js-agent.newrelic.com
11 KB
1 google.de
www.google.de
483 B
1 adtcontent.com
ghb.adtcontent.com
2 KB
1 pushnami.com
api.pushnami.com
62 KB
1 googletagmanager.com
www.googletagmanager.com
41 KB
1 hs-analytics.net
js.hs-analytics.net
19 KB
1 hs-banner.com
js.hs-banner.com
15 KB
1 dotomi.com
web.hb.ad.cpe.dotomi.com
659 B
1 emxdgt.com
hb.emxdgt.com
307 B
1 googletagservices.com
www.googletagservices.com
20 KB
286 79
Domain Requested by
30 s-img.mgid.com www.ibtimes.com
30 s1.ibtimes.com www.ibtimes.com
17 cm.g.doubleclick.net 13 redirects eb2.3lift.com
eu-u.openx.net
9 capi.connatix.com cd.connatix.com
9 ib.adnxs.com 4 redirects s1.ibtimes.com
eb2.3lift.com
acdn.adnxs.com
8 googleads.g.doubleclick.net 1 redirects
8 x.bidswitch.net 8 redirects
8 match.adsrvr.org 4 redirects www.ibtimes.com
eb2.3lift.com
eu-u.openx.net
ssum-sec.casalemedia.com
7 eb2.3lift.com 2 redirects s1.ibtimes.com
eb2.3lift.com
7 img.connatix.com www.ibtimes.com
7 cm.mgid.com jsc.mgid.com
www.ibtimes.com
6 image2.pubmatic.com 2 redirects image6.pubmatic.com
ads.pubmatic.com
6 pagead2.googlesyndication.com srcdoc
tpc.googlesyndication.com
6 app.1worldonline.com www.ibtimes.com
frontend.1worldonline.com
6 ibt-mail.com www.ibtimes.com
ibt-mail.com
5 sb.scorecardresearch.com 1 redirects www.ibtimes.com
jsc.mgid.com
www.googletagmanager.com
5 prebid.a-mo.net s1.ibtimes.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 simage2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 4 redirects
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 eu-u.openx.net 1 redirects s1.ibtimes.com
eu-u.openx.net
4 token.rubiconproject.com 4 redirects
4 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
s1.ibtimes.com
4 fonts.gstatic.com www.ibtimes.com
fonts.googleapis.com
4 www.google-analytics.com frontend.1worldonline.com
www.googletagmanager.com
www.google-analytics.com
www.ibtimes.com
4 fonts.googleapis.com www.ibtimes.com
frontend.1worldonline.com
4 frontend.1worldonline.com www.ibtimes.com
frontend.1worldonline.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 csi.gstatic.com imasdk.googleapis.com
3 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
3 pixel.rubiconproject.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 aux.fqtag.com cdn.fqtag.com
3 tpc.googlesyndication.com stalesummer.com
imasdk.googleapis.com
tpc.googlesyndication.com
3 cdn.mgid.com www.ibtimes.com
3 c.amazon-adsystem.com www.ibtimes.com
c.amazon-adsystem.com
3 stalesummer.com www.ibtimes.com
stalesummer.com
2 r.scoota.co 2 redirects
2 visitor.fiftyt.com 2 redirects
2 d5p.de17a.com 2 redirects
2 us-u.openx.net eu-u.openx.net
2 sync.mathtag.com 2 redirects
2 ap.lijit.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 ads.pubmatic.com s1.ibtimes.com
ads.pubmatic.com
2 js-sec.indexww.com s1.ibtimes.com
ssum-sec.casalemedia.com
2 s.youtube.com blank
2 r2---sn-4g5ednle.googlevideo.com 1 redirects
2 sync-tm.everesttech.net 2 redirects
2 d2fw4nb4g546bx.cloudfront.net frontend.1worldonline.com
www.ibtimes.com
2 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
2 a.sportradarserving.com 2 redirects
2 sync.1rx.io 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 bam-cell.nr-data.net js-agent.newrelic.com
2 dau-prod.launch.liveramp.com ccpa.privacymanager.io
2 connect.facebook.net www.ibtimes.com
connect.facebook.net
2 geo.privacymanager.io ccpa.privacymanager.io
2 securepubads.g.doubleclick.net www.googletagservices.com
cd.connatix.com
2 cds.connatix.com www.ibtimes.com
cd.connatix.com
2 d1.spcdn.ibt.com www.ibtimes.com
2 platform.twitter.com www.ibtimes.com
platform.twitter.com
2 info.silobreaker.com 1 redirects
1 www.googleadservices.com
1 ups.analytics.yahoo.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 uipglob.semasio.net ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 dis.criteo.com image6.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 biddr.brealtime.com s1.ibtimes.com
1 acdn.adnxs.com s1.ibtimes.com
1 api.rlcdn.com s1.ibtimes.com
1 i.ytimg.com
1 ping.chartbeat.net
1 static.chartbeat.com info.silobreaker.com
1 track.hubspot.com
1 js-na1.hs-scripts.com js.hs-analytics.net
1 ads.yahoo.com
1 id.rlcdn.com www.ibtimes.com
1 adservice.google.com imasdk.googleapis.com
1 pixel-eu.rubiconproject.com www.ibtimes.com
1 s0.2mdn.net imasdk.googleapis.com
1 ams.creativecdn.com 1 redirects
1 creativecdn.com 1 redirects
1 cm.idealmedia.io www.ibtimes.com
1 cm.lentainform.com www.ibtimes.com
1 sync.targeting.unrulymedia.com www.ibtimes.com
1 usermatch.targeting.unrulymedia.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 vid.connatix.com cd.connatix.com
1 c.mgid.com www.ibtimes.com
1 js-agent.newrelic.com ibt-mail.com
1 www.google.de www.ibtimes.com
1 www.google.com www.ibtimes.com
1 stats.g.doubleclick.net www.google-analytics.com
1 syndication.twitter.com platform.twitter.com
1 ghb.adtcontent.com jsc.mgid.com
1 servicer.mgid.com jsc.mgid.com
1 ajax.googleapis.com cdn.feeds.ibt.com
1 api.pushnami.com www.ibtimes.com
1 ad.doubleclick.net stalesummer.com
1 cdn.fqtag.com fqtag.com
1 feeds.ibt.com www.ibtimes.com
1 www.googletagmanager.com s1.ibtimes.com
1 fqtag.com www.ibtimes.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 cdn.feeds.ibt.com www.ibtimes.com
1 jsc.mgid.com www.ibtimes.com
1 cd.connatix.com 1 redirects
1 web.hb.ad.cpe.dotomi.com s1.ibtimes.com
1 fastlane.rubiconproject.com s1.ibtimes.com
1 tlx.3lift.com s1.ibtimes.com
1 u.openx.net s1.ibtimes.com
1 hbopenbid.pubmatic.com s1.ibtimes.com
1 htlb.casalemedia.com s1.ibtimes.com
1 hb.emxdgt.com s1.ibtimes.com
1 query.fqtag.com www.ibtimes.com
1 ccpa.privacymanager.io ccpa-wrapper.privacymanager.io
1 js.hs-scripts.com www.ibtimes.com
1 www.googletagservices.com www.ibtimes.com
1 ccpa-wrapper.privacymanager.io www.ibtimes.com
1 www.ibtimes.com info.silobreaker.com
286 132
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
*.ibtimes.com
Amazon		 2020-05-19 -
2021-06-19		 a year crt.sh
*.privacymanager.io
Amazon		 2020-10-24 -
2021-11-23		 a year crt.sh
s1.ibtimes.com
R3		 2021-01-21 -
2021-04-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.1worldonline.com
Amazon		 2021-02-02 -
2022-03-03		 a year crt.sh
ibt-mail.com
R3		 2021-01-27 -
2021-04-27		 3 months crt.sh
stalesummer.com
R3		 2021-01-21 -
2021-04-21		 3 months crt.sh
d1.spcdn.ibt.com
R3		 2021-01-20 -
2021-04-20		 3 months crt.sh
*.fqtag.com
R3		 2021-01-29 -
2021-04-29		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.a-mo.net
R3		 2021-03-12 -
2021-06-10		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2020-03-30 -
2022-06-25		 2 years crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2020-09-29 -
2021-10-19		 a year crt.sh
*.ibt.com
Amazon		 2020-07-10 -
2021-08-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.newsweek.com
Amazon		 2020-12-05 -
2022-01-03		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
*.pushnami.com
Amazon		 2020-05-16 -
2021-06-16		 a year crt.sh
*.launch.liveramp.com
Amazon		 2020-10-15 -
2021-11-14		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
ghb.adtcontent.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-11 -
2021-05-07		 2 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-21 -
2021-04-06		 a month crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2020-07-27 -
2021-07-27		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
edgestatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-03-11 -
2021-05-20		 2 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-19 -
2021-04-13		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh

This page contains 24 frames:

Primary Page: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Frame ID: F3E4F08124DCF01D6E8405FABD5E4D45
Requests: 141 HTTP requests in this frame

Frame: https://cds.connatix.com/p/108565/connatix.playspace.dc.js
Frame ID: 4F19FB0B515890AE104F14704DED947B
Requests: 15 HTTP requests in this frame

Frame: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720
Frame ID: B373717141EFE974045777E0DEBBEA4E
Requests: 17 HTTP requests in this frame

Frame: https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
Frame ID: BF213FDFEA1C61AB6336AC6B357BFD69
Requests: 7 HTTP requests in this frame

Frame: https://frontend.1worldonline.com/widget/smart3-9724ff1e.html
Frame ID: 3C38B5CA1B432B508E084E9F7F2A18B0
Requests: 23 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.ibtimes.com
Frame ID: ECD8AB0007A5BFFC7F022BB0DDC2482E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 60D8683A9F5FE63A98B48B18254FBFF4
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1616011573312666926429
Frame ID: 066DCDCA4AFE225D233452B07E7E8B4D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 32005CF025F493D3211ADB40D671DFC5
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: 35ACA705E7D1D21B5981D41D9A121BDA
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9900FF21B8399DF49CE3A62243E3C3D9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: FE3AC7950855B31791798F1D5A657368
Requests: 3 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44730612&el=adunit&cpn=SknepIjzDFa0oqHH&docid=KjbhA_CqJFg&ver=2&cmt=0.193&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.ibtimes.com%2F&len=29.048&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=27&rtn=10
Frame ID: 4137ABF5DC49BB3478F4C045748AFEF8
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 4328B12153239A1D4BA41F89A350BB93
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 34AD411C02FD2A4381A1915C4DB2D544
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1F16AEF5A11F3DFC627602FFC5AEFBDD
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
Frame ID: 2AE21DA146505BDBD168ACF4F0151572
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EE40C6A098489300781B35F4BBD9A4BA
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 49A8352073F2E9563F07D688C2171E65
Requests: 14 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 72CE10EA7B1016826CA5ADEB041A20BF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: BBD6757101767C36152B05315A8838A8
Requests: 10 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: EC7D12BF7A77BD8687192A524214E697
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7857381665673426333
Frame ID: 6350F2847A658EDBB04A325B02E23A23
Requests: 1 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.193&rtn=20.000&ns=yt&fexp=44730612&el=adunit&cpn=SknepIjzDFa0oqHH&docid=KjbhA_CqJFg&ver=2&cmt=10.193&fmt=18&rt=10.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.ibtimes.com%2F&len=29.048&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Frame ID: 03AF05AAF8A7A014D3D2C4B3B0B33B4E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7... HTTP 307
    https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=9696527... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

286
Requests

100 %
HTTPS

34 %
IPv6

79
Domains

132
Subdomains

100
IPs

9
Countries

3780 kB
Transfer

13114 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1?_ud=854f2820-5bd5-4baf-9b5c-36fd22569ad9&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/108565/connatix.playspace.dc.js
Request Chain 76
  • https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1616011572898&ns_c=UTF-8&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1616011572898&ns_c=UTF-8&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&c9=&cs_ak_ss=1
Request Chain 152
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 153
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDJoZG5yMjF5cTZk&muidn=l2hdnr21yq6d HTTP 302
  • https://cm.mgid.com/google?muidn=l2hdnr21yq6d&google_ula={guid},5&google_gid=CAESEOwZc7dzL3sldRhEUVyRByg&google_cver=1
Request Chain 154
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=d5f89ada-3253-4f28-bf96-d1e85fd55451
Request Chain 155
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=169dbcc8-7313-4c9d-ba6a-c872a2d470e1&ttl=1618603573
Request Chain 156
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l2hdnr21yq6d HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l2hdnr21yq6d HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/b89f4c30-9bb2-47ee-9c84-f6406603f384?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/b89f4c30-9bb2-47ee-9c84-f6406603f384?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/b89f4c30-9bb2-47ee-9c84-f6406603f384?zcc=1&dspret=0&cb=1616011573714 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-08457156-68e3-447a-b7c8-6d5e57e7c0c5-003
Request Chain 159
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=ZzlMlf2tXkZzE68Bz7Ky&pi=mgid&tc=1
Request Chain 160
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=99cd82d6-ed4b-4bd4-89eb-670fa6bb5f1d&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=b89f4c30-9bb2-47ee-9c84-f6406603f384&gdpr=&gdpr_consent=&us_privacy=
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENNLitcA0ZAbe5tzEfaWy5Y&google_cver=1
Request Chain 194
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01EVktET0gtMU8tQ0xDMg==
Request Chain 196
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTBjMGE5NjQxNjJjZTIwZmIyZWU5NTY2MDAxYzJlMWU4M2Q1MmIxZg
Request Chain 197
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/S14y2GuyrhlWcL8m3EQuK8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7605713413841921160
Request Chain 199
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMDVKDOH-1O-CLC2&sigv=1&esig=2~b8aa9582826521ed49c7431da175d22eadc1ff28
Request Chain 200
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YFJhNgAAAKMiVzoG HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFJhNgAAAKMiVzoG&_test=YFJhNgAAAKMiVzoG
Request Chain 215
  • https://r2---sn-4g5ednle.googlevideo.com/videoplayback?expire=1616040374&ei=NmFSYNbqH5mJ1gLU9JfIDQ&ip=37.120.217.220&id=2a36e103f0aa2458&itag=22&source=youtube&requiressl=yes&mh=We&mm=31&mn=sn-4g5ednle&ms=au&mv=m&mvi=2&pl=24&susc=gvp&acao=yes&ctier=L&xtags=tx=9430863&mime=video/mp4&vprv=1&dur=29.117&lmt=1615832486398400&mt=1616011290&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,xtags,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgRL_vfEG6eEG-6jxCtI5U4H-GPyKOKGMpi6PCkQKdZwQCIQCm9kuSaMxEsQ1RqyEKXzDjGN4GI0nAmcHV-2f5t7PdXA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAIHkcWM0pp6TSOVKzuNRKfIJnzW3Y1vm0RD0cLmC2y6iAiEA7Z99Q-7es9F3Bd_3CuTASpjeWA7nf151nzL5Eyuzecw=&cpn=SknepIjzDFa0oqHH HTTP 302
  • https://r2---sn-4g5ednle.googlevideo.com/videoplayback?expire=1616040374&ei=NmFSYNbqH5mJ1gLU9JfIDQ&ip=37.120.217.220&id=2a36e103f0aa2458&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&xtags=tx=9430863&mime=video/mp4&vprv=1&dur=29.117&lmt=1615832486398400&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,xtags,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgRL_vfEG6eEG-6jxCtI5U4H-GPyKOKGMpi6PCkQKdZwQCIQCm9kuSaMxEsQ1RqyEKXzDjGN4GI0nAmcHV-2f5t7PdXA==&cpn=SknepIjzDFa0oqHH&redirect_counter=1&rm=sn-4g5es67l&req_id=44553ea4d98e36e2&cms_redirect=yes&ipbypass=yes&mh=We&mip=2a01:4f8:121:131a::2&mm=31&mn=sn-4g5ednle&ms=au&mt=1616011529&mv=m&mvi=2&pl=42&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSVUwnh1q0KJPI2UAtlDaCxB7bacI_SpnrEQcNEfzsTQCIBE6HUpbYPj_fNlcQFcznyqUyvoMyiVT-_b7QBcVbOlE
Request Chain 233
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 236
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
Request Chain 240
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=index_rtb&uid=YFJhOMA6wKi-2d9..ECZzAAA%261135
Request Chain 241
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=appnexus&uid=7741423739414671057
Request Chain 242
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=sovrn&uid=9d531f50dad332ff31ec8d14
Request Chain 243
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=pubmatic&uid=C5F2D0F0-B122-49DC-A454-4755A7166E1D
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAnBOHgltyGzvXAkuqbCjN8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 247
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgzNjQ4NTcxNjA3NjI1NzYwNA%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgzNjQ4NTcxNjA3NjI1NzYwNA%3D%3D&google_tc=
Request Chain 249
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3836485716076257604?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-23uBuDZE2oSoOTFvoo6nVuqHUi5M41Kp4VgGrEcqtw--~A&dongle=0883
Request Chain 250
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7741423739414671057&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 251
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3836485716076257604 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3836485716076257604&dcc=t
Request Chain 252
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 255
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3c016052-6137-4300-a4dd-0da54c86a9a2
Request Chain 256
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=PKyAszythrknrYayMqWYtj6sgbAn-tOwPa0dyvAt
Request Chain 257
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=612320275772939960
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmQ4NjY0MzYtZjQ4YS02YmI0LTQzYzUtMmI5Y2VhYjI4Zjcy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmQ4NjY0MzYtZjQ4YS02YmI0LTQzYzUtMmI5Y2VhYjI4Zjcy&google_tc=
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGgydibdW8ec2z9148HcB6Y&google_cver=1
Request Chain 261
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 265
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7857381665673426333
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xfLQ8LEiSdykVEdVpxZuHQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 269
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C5F2D0F0-B122-49DC-A454-4755A7166E1D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C5F2D0F0-B122-49DC-A454-4755A7166E1D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C5F2D0F0-B122-49DC-A454-4755A7166E1D&addseg=19,36,42
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzVGMkQwRjAtQjEyMi00OURDLUE0NTQtNDc1NUE3MTY2RTFE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDhIqOrh3X2ZuEhALbnnW2E&google_cver=1
Request Chain 273
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e3f9fff1-a6e0-4c50-9c4e-add83a743e24
Request Chain 274
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5179577608679033172
Request Chain 275
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4c696052-6137-4000-9783-2c2bd62a8d5c&gdpr=0&gdpr_consent=
Request Chain 276
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7741423739414671057&gdpr=0&gdpr_consent=
Request Chain 277
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=90157d26-6a65-476f-bd5f-30d771814ab3&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f0f7e6b7-557f-4c95-b183-6bc4b0d1762b&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFJhOLFal40xIpvDO65bRgAABMEAAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEAgNLQEm_O1UteUPuzrnpzo&google_cver=1
Request Chain 279
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOLFal40xIpvDO65bRgAABMEAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOLFal40xIpvDO65bRgAABMEAAAIB&dcc=t
Request Chain 280
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFJhOLFal40xIpvDO65bRgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDe2LKUeAbA_qU1LN73_NU&google_cver=1
Request Chain 282
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3322345177487958455
Request Chain 284
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Cx70ICSZRwpSa93lnHCiGCV42dw
Request Chain 285
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YFJhOLFal40xIpvDO65bRgAABMEAAAIB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YFJhOLFal40xIpvDO65bRgAABMEAAAIB
Request Chain 294
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=Com4xNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT5A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9a2LAS8oiQt4I5T28-yKlGWLKhxJhNFrxqJU_ABLvzjPbGA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTExMDI0NzEwNTg0MDMyMLEJGv84k_A6PvSACgOYCwHICwHQCw64DAHYEw3iFgIIAQ&num=1&sig=AOD64_3HL4NkRzIoh3aWtgORT5jKvzevJQ&client=ca-pub-7379978810940306&adurl=https://hero-wars.com/%3Fhl%3Den%26l%3Dloot%26m%3Dregistration%26nx_source%3Dadx_adwordsyoutube.hw_wb_u7_-.cc-ww_en.g-m.a-2554.au-all.opt-purchase_unique.com-newac.lp-loot.cr-mightytower27c_h_29.dt-youtube.cid-12521386536.csd-110321.-%26l%3Dloot%26cp%3D-.cid-12521386536.agid-122117372347.tgid-.intgeo-.phgeo-1003854.ngr-vp.devt-c.devm-.gcid-%7Bgclid%7D.adId-505251459574.pt-www.ibtimes.com_pt.ptc-.-&ctype=110&label=video_10s_engaged_view&ad_mt=10193&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D1503,318,1829,898%26p0%3D1519,318,1845,898%26p1%3D1503,318,1829,898%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2233%26pst%3D422%26dur%3D29048%26vmtime%3D10193%26is%3D18%26i0%3D18%26i1%3D18%26cs%3D4114%26c%3D0%26c0%3D0%26c1%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D842%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D514422004%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1616011584946%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1616011574603 HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CKdsnNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT5A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9a2LAS8oiQt4I5T28-yKlGWLKhxJhNFrxqJU_ABLvzjPbGA-AEAcAFbqAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTExMDI0NzEwNTg0MDMyMJoJFmh0dHBzOi8vaGVyby13YXJzLmNvbS-xCRr_OJPwOj70gAoDmAsByAsB0AsOuAwB2BMN4hYCCAE&num=1&client=ca-pub-7379978810940306&ctype=110&label=video_10s_engaged_view&ad_mt=10193&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D1503,318,1829,898%26p0%3D1519,318,1845,898%26p1%3D1503,318,1829,898%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2233%26pst%3D422%26dur%3D29048%26vmtime%3D10193%26is%3D18%26i0%3D18%26i1%3D18%26cs%3D4114%26c%3D0%26c0%3D0%26c1%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D842%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D514422004%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1616011584946%26pngs%3D9,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1616011574603&cid=CAQSKQCNIrLMCQ8L99rHOuZjjPXuuxgDHADGEKDXFpnK386IS_iqLO5_UIEq&dblrd=1&val=ChAyMjFjYmU3OWNjYmEwMGRhEMDCyYIGGggpA83IFXLFxSABKAE&sig=AOD64_2ItDkRmOcBXdlm69NZwosnNoU5Sw&adurl=https://hero-wars.com/%3Fhl%3Den%26l%3Dloot%26m%3Dregistration%26nx_source%3Dadx_adwordsyoutube.hw_wb_u7_-.cc-ww_en.g-m.a-2554.au-all.opt-purchase_unique.com-newac.lp-loot.cr-mightytower27c_h_29.dt-youtube.cid-12521386536.csd-110321.-%26l%3Dloot%26cp%3D-.cid-12521386536.agid-122117372347.tgid-.intgeo-.phgeo-1003854.ngr-vp.devt-c.devm-.gcid-%7Bgclid%7D.adId-505251459574.pt-www.ibtimes.com_pt.ptc-.-

286 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk...
info.silobreaker.com/e2t/tc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:10 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d5e8d56522c96704d068ef908a6973f6e1616011570; expires=Fri, 16-Apr-21 20:06:10 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=f581280ec695bcd31527f82bb8cd1e0767c17ad2-1616011570; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray
6318d71bad68a8d9-CDG
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
08e364c5490000a8d9862f1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lDoblbaE8NfFEOHYKeWXwwZ0DK0RytgVJJXOhC%2BlAWOXWoJA0UfyLQtFfFj2vcmLJul7LD0tGkom1Wxu7YBvJPqKqkZZ9Aq%2FJ52IKuVTa2LE1%2B4ilA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
Primary Request who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369
www.ibtimes.com/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW...
  • https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqc...
152 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.249.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-249-156.compute-1.amazonaws.com
Software
/
Resource Hash
8d7745893aed0febf58197aa9e5a3e033d344aef7410398a32db42341ce6c770
Security Headers
Name Value
Strict-Transport-Security max-age=1000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.ibtimes.com
:scheme
https
:path
/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1

Response headers

date
Wed, 17 Mar 2021 20:06:11 GMT
content-type
text/html; charset=utf-8
x-content-type-options
nosniff nosniff
expires
Sun, 19 Nov 1978 05:00:00 GMT
cache-control
public, max-age=1800, public
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=1000; includeSubDomains
content-language
en
x-ua-compatible
IE=edge
etag
"1616011571-1"
last-modified
Wed, 17 Mar 2021 20:06:11 GMT
content-encoding
gzip
x-ua-device
pc
age
0
grace
none
x-cache
MISS
vary
Cookie,Accept-Encoding, User-Agent
x-geoip
RO
x-cache-hits
0
accept-ranges
bytes

Redirect headers

date
Wed, 17 Mar 2021 20:06:10 GMT
location
https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
cf-ray
6318d71c4e13a8d9-CDG
link
<https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
08e364c5b20000a8d95fbcc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AAQzSwcR8FD%2Fec7u38xuNXrGcgA2sqgKqb2dqiK%2Bj3O8GafNObul7FCH4Q4ff2cStFiR%2B9Iw%2Fs6%2BmbEAmvptgSqeA1broWlDclpv70x3K5QI4XjuNw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
ccpa-liveramp.js
ccpa-wrapper.privacymanager.io/ccpa/b048e9c3-ab54-4024-9fa6-983e6fcec56c/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa-wrapper.privacymanager.io/ccpa/b048e9c3-ab54-4024-9fa6-983e6fcec56c/ccpa-liveramp.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2038:f000:3:f9b0:4040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f2babf2cc23ba3832aa3c62c2d5f37e5ad0442c67d70405833112839dbb981a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ZjkGxWYkKNMBBjt4LKTRiSL8IrlYBWdE
content-encoding
gzip
etag
W/"5734e2bb4e0a3f2acb3ed189c8f93fab"
last-modified
Wed, 16 Dec 2020 15:56:39 GMT
server
AmazonS3
age
44806
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 f74ebd28d1b7fe154fb59d89abda909b.cloudfront.net (CloudFront)
date
Wed, 17 Mar 2021 07:39:27 GMT
content-disposition
attachment; filename="ccpa-liveramp.js"
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
Yu19ul-a7U2vC9eZYAVQ0rIMCEr-kk9rpEJ5AvU_awt8B_lAFdyDuA==
prebid.js
s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/ 		296 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b3d3a574ab858e578952465bff7f171e304726111d1cbfe9e156d27eb909088e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
93869
last-modified
Wed, 10 Feb 2021 16:10:47 GMT
etag
"4a1c7-5bafda55bb5bb-gzip"
x-hw
1616011571.cds007.fr8.hn,1616011571.cds212.fr8.c
content-type
application/javascript
x-geoip
PH
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
gpt.js
www.googletagservices.com/tag/js/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac87aeb266ffbb2d1bfddb63fb19c7c21e7705367767a9abc23da54a0fb591f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"815 / 641 of 1000 / last-modified: 1616010068"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19953
x-xss-protection
0
expires
Wed, 17 Mar 2021 20:06:12 GMT
5154892.js
js.hs-scripts.com/ 		835 B
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/5154892.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee810a5441d736733bfd99226ce18a7452222311fa715a8717611bf7b4ae059

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13
cf-polished
origSize=942
cf-request-id
08e364cc6d000097c6bd304000000001
cf-bgj
minify
server
cloudflare
x-trace
2BBFD8A2FA48E1D8EAFBEA2F9B7FD4C90FE9901795000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.ibtimes.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6318d7271b1f97c6-FRA
expires
Wed, 17 Mar 2021 20:07:12 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB0) /
Resource Hash
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 19:22:22 GMT
Server
ECS (amb/6BB0)
Age
79
Etag
"965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29026
js__4doaOVrHFXWtNkAxvpJErZYJegMxIyNI_v23DlFpHaU__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__4doaOVrHFXWtNkAxvpJErZYJegMxIyNI_v23DlFpHaU__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
1080
last-modified
Fri, 12 Feb 2021 14:46:46 GMT
etag
"1613141206"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds010.fr8.c
content-type
application/javascript
x-geoip
CA
cache-control
max-age=31449600, public, no-transform, public, immutable
accept-ranges
bytes
x-cache-hits
0
president-elect-joe-bidens-team-is-plowing-ahead.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/lg/public/2020/11/20/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/lg/public/2020/11/20/president-elect-joe-bidens-team-is-plowing-ahead.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
5e15e3a9dee94ae088448020979399786f324b6febda84f8cad07c5693d748d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
32071
last-modified
Mon, 07 Dec 2020 13:48:16 GMT
etag
"7d47-5b5e013fd5b8c"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds259.fr8.sc,1616011572.dop010.dc2.r,1616011572.cds067.dc2.sc,1616011572.cds067.dc2.p,1616011572.cds259.fr8.p
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
RO
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
poller-constructor.js
frontend.1worldonline.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend.1worldonline.com/poller-constructor.js?ncu=%%CLICK_URL_ESC%%
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.115.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-115-11.hel50.r.cloudfront.net
Software
nginx /
Resource Hash
69c990643c7074bc0d746c67d194ac10738d0eb522d9a183a94d0205bc0e9fcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 18:34:14 GMT
Content-Encoding
gzip
Age
5518
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4900
Last-Modified
Fri, 19 Feb 2021 12:26:48 GMT
Server
nginx
ETag
W/"602fae88-3642"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Via
1.1 f44b0401aa25ee4759a1c3f13a10909b.cloudfront.net (CloudFront)
Cache-Control
max-age=7200
X-Amz-Cf-Pop
HEL50-C2
X-Amz-Cf-Id
Nx7aLRkVNNxgkttI_TdylArSkUyHuuiXKyIcK480xhp2Xv73c_8uzg==
Expires
Wed, 17 Mar 2021 20:34:14 GMT
xyzwalensky.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/embed/public/2020/12/07/ 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/embed/public/2020/12/07/xyzwalensky.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
31d461edc2d67ca0cc50368c30ca486e59c21081935d28bd770ed665d096719f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
177712
last-modified
Mon, 07 Dec 2020 13:42:07 GMT
etag
"2b630-5b5dffe024088"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds054.fr8.sc,1616011572.dop013.dc2.r,1616011572.cds090.dc2.c,1616011572.cds054.fr8.p
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
view_webform_v2.js
ibt-mail.com/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibt-mail.com/view_webform_v2.js?u=t&webforms_id=12
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.77.202 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
mta-1.ibt-mail.com
Software
nginx /
Resource Hash
a65bdfa116f70a3576acdaf80dcce90304fc3e75112cea5cc6aef678eac9bdbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:12 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
sameorigin
Content-Type
application/x-javascript
X-XSS-Protection
1; mode=block
Feature-Policy
accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
Connection
keep-alive
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
v2jwa09-ea5JgtGMI8UDv_W4HlKfJLPJbfeNXviAWNmyjExu0se_D1bU_Pr8x9zyUiVxfGFG-_0hNq8v4c7qG8GBjE4T6vWc
stalesummer.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stalesummer.com/v2jwa09-ea5JgtGMI8UDv_W4HlKfJLPJbfeNXviAWNmyjExu0se_D1bU_Pr8x9zyUiVxfGFG-_0hNq8v4c7qG8GBjE4T6vWc
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.48.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.48.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e97172eeafae208c8e70f545468ab25a2e7b7f5590d6bc772b47532e5cf5760b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"3ca06ac232796fbba6a9c4a0b9d51fadd1943b97e7caa9e811a602b02de530b2"
vary
Accept-Encoding, Accept-Language
x-hostname
2c48c892
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 17 Mar 2021 20:06:12 GMT
timing-allow-origin
*
tech-stocks-saw-a-rebound-but-the-dow.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2020/11/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2020/11/11/tech-stocks-saw-a-rebound-but-the-dow.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
999a317fe987c0a75675786549148e6cf42cf80fa5792a7112f48f584a95b0a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
9777
last-modified
Thu, 12 Nov 2020 00:13:35 GMT
etag
"2631-5b3ddc8716f36"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds215.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
the-federal-reserve-sees-the-us-economy-growing.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/03/17/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/03/17/the-federal-reserve-sees-the-us-economy-growing.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
022c85c99594bcce2969f2fbba0c62fddd2e4f68e22caf1923321dd48271f349
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
16210
last-modified
Wed, 17 Mar 2021 18:38:17 GMT
etag
"3f52-5bdbfc9556854"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds218.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
grid.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2014/03/06/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2014/03/06/grid.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d38fbdb6187f4f180361c4dd2003df5884795580876cc1387bdbc7c48b4396b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
23166
last-modified
Mon, 18 Jan 2016 15:05:00 GMT
etag
"5a7e-5299d13ab51a3"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds276.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
blinken-is-expected-to-consult-on-the-biden.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/03/11/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/03/11/blinken-is-expected-to-consult-on-the-biden.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
30096654dc0397fbdeb7b5ec4e833d1d122aee2d2e3e15df6e3f4d7bc3a6ac67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
22759
last-modified
Wed, 17 Mar 2021 05:26:49 GMT
etag
"58e7-5bdb4bad10ec4"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds280.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
OTHER
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
match-the-group-that-includes-several-leading-apps.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/02/12/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/02/12/match-the-group-that-includes-several-leading-apps.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
04973666dbe1489efa6930ad564a96b3d35f63682884b09783ff54625d29abb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
8682
last-modified
Fri, 12 Feb 2021 09:02:44 GMT
etag
"21ea-5bb1fe6371469"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds002.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
ed-bastian.png
d1.spcdn.ibt.com/multiupload/2020/11/09/ 		278 KB
279 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1.spcdn.ibt.com/multiupload/2020/11/09/ed-bastian.png
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
68c1d03b672a14ea0457c097b0d8bfd921a9912692a24769c73a7951e05616df

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
last-modified
Mon, 09 Nov 2020 18:58:22 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"45884-5b3b1256cd7de"
x-hw
1616011572.cds005.fr8.hn,1616011572.cds257.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2720
accept-ranges
bytes
content-length
284804
mike-brady.png
d1.spcdn.ibt.com/multiupload/2021/01/20/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1.spcdn.ibt.com/multiupload/2021/01/20/mike-brady.png
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8808a5931f001093bc198f46814e282d41e0f953862b6933d3bca1da71ac1223

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
last-modified
Thu, 21 Jan 2021 03:51:26 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"377da-5b960fc72d2f3"
x-hw
1616011572.cds005.fr8.hn,1616011572.cds149.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3026
accept-ranges
bytes
content-length
227290
js__SlxZR0T0y0knhPGspoKKlEQqbk_RdNNsHwLrlCQRTSo__RgpPVro9wK40GN-tQHmx9y4C2ci20sAMPuS9ueFsEv8__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/ 		393 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__SlxZR0T0y0knhPGspoKKlEQqbk_RdNNsHwLrlCQRTSo__RgpPVro9wK40GN-tQHmx9y4C2ci20sAMPuS9ueFsEv8__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c73ef449cb85f7a0898f6447443b8caa54652092c26a8b188094537f6cf91180
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
305
last-modified
Fri, 12 Feb 2021 14:46:47 GMT
etag
"1613141207"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds101.fr8.c
content-type
application/javascript
x-geoip
CA
cache-control
max-age=31449600, public, no-transform, public, immutable
accept-ranges
bytes
x-cache-hits
0
js__qYFlv-TZh411Wk93sECex2Ssr9g-dQuZ-JCN1-mSGE0__GFcMVwA_8zYqqv3dYigkNwJmJBQm6DAlc8htDu-dGw4__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__qYFlv-TZh411Wk93sECex2Ssr9g-dQuZ-JCN1-mSGE0__GFcMVwA_8zYqqv3dYigkNwJmJBQm6DAlc8htDu-dGw4__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
faa9176f1e72f821d634cdba3537db7b771f7f2613a836532a437c7d967378ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
33590
last-modified
Fri, 12 Feb 2021 14:46:47 GMT
etag
"1613141207"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds219.fr8.c
content-type
application/javascript
x-geoip
CA
cache-control
max-age=31449600, public, no-transform, public, immutable
accept-ranges
bytes
x-cache-hits
0
js__L9T9MMhD4LjvhcuxbWhNp7dB0VOAKyD3X9nWHmhjY4Q__E-YCd_HO3bT_lM9iSiqLVO-fzD5c-3rTbipbwfZlqLA__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__L9T9MMhD4LjvhcuxbWhNp7dB0VOAKyD3X9nWHmhjY4Q__E-YCd_HO3bT_lM9iSiqLVO-fzD5c-3rTbipbwfZlqLA__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
daafa49c00ad71ec3477d7da2e14be1b14807f8d3178349239219e612e9dcecf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
21750
last-modified
Fri, 12 Feb 2021 14:46:47 GMT
etag
"1613141207"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds160.fr8.c
content-type
application/javascript
x-geoip
CA
cache-control
max-age=31449600, public, no-transform, public, immutable
accept-ranges
bytes
x-cache-hits
0
js__1ZH4HXRBj0RpPIs1EkDvvtiwRPVMfWh68N8L4Ebx7lo__EewC0LZ9o_k1ssvPCiRen8BavbUrtl8ds3SXtav3Nmk__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__1ZH4HXRBj0RpPIs1EkDvvtiwRPVMfWh68N8L4Ebx7lo__EewC0LZ9o_k1ssvPCiRen8BavbUrtl8ds3SXtav3Nmk__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
264802e7eced559d7164c6488bec1ffe244a86b1142f5604ea38125edb8c3218
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
15816
last-modified
Fri, 12 Feb 2021 14:46:47 GMT
etag
"1613141207"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds106.fr8.c
content-type
application/javascript
x-geoip
US
cache-control
max-age=31449600, public, no-transform, public, immutable
accept-ranges
bytes
x-cache-hits
0
js__X0dmw7TV66lm9S-IHqNsXopdcZA1L6D_HU_2NJtze4E__Qvf65xUKNq934U_BlWduljkqfljRT2Xp7FiX3F4cQII__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/ 		91 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__X0dmw7TV66lm9S-IHqNsXopdcZA1L6D_HU_2NJtze4E__Qvf65xUKNq934U_BlWduljkqfljRT2Xp7FiX3F4cQII__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
5b1f9c7002563abfa157220517f9af3021000f5d532160cf52ff74b6af127b05
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
21014
last-modified
Fri, 12 Feb 2021 14:46:47 GMT
etag
"1613141207"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds012.fr8.c
content-type
application/javascript
x-geoip
RO
cache-control
max-age=31449600, public, no-transform, public, immutable
accept-ranges
bytes
x-cache-hits
0
ccpa.bundle.js
ccpa.privacymanager.io/1/ 		131 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa.privacymanager.io/1/ccpa.bundle.js
Requested by
Host: ccpa-wrapper.privacymanager.io
URL: https://ccpa-wrapper.privacymanager.io/ccpa/b048e9c3-ab54-4024-9fa6-983e6fcec56c/ccpa-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3c00:9:dc53:cc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
598f942ac8bbb748ebecd3aba90e18bfccfc7687639960458dc2017e35dbc05f

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MpmbmSOrENPZooKOQDs56ZcYd79JwJy2
content-encoding
gzip
etag
W/"03bb4925642b7864794e3579ce416bb5"
last-modified
Tue, 09 Mar 2021 22:31:15 GMT
server
AmazonS3
age
82814
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
date
Wed, 17 Mar 2021 02:07:33 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
jaDKmGO5sqUPdY2tAneLpx_CEn-eKr0tPnVMG_pB3adyaHjJJ4J2tA==
b
query.fqtag.com/ 		82 B
163 B 		Script
General
Check archive.org
Download Go to
Full URL
https://query.fqtag.com/b?org=8adasewre3atrefrejuj&sk=Pd8JDmKG8eZNvkNzvGBX&callback=fq_callback&p=www.ibtimes.com_article&a=article&cmp=none&cb=1616011572302&url=none&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.195.222 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
222.195.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
via
1.1 google
alt-svc
clear
content-length
82
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:59:36 GMT
content-encoding
gzip
server
Server
age
395
etag
d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id
jboYUybiWMbuFY1ZzSBr7VZ71J9cwaL2KRkL_gq3DBUJUfoZMybRkg==
logo-md.svg
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/images/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/images/logo-md.svg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
efa977023c6486f558af30e428480972817e39f602b5ac0307f1e64f5fad5e91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
1560
last-modified
Thu, 16 Apr 2020 18:00:48 GMT
etag
"1766-5a36c366b5827-gzip"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds138.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
GothamNarrow-Light.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/GothamNarrow-Light.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66fac9123cbd9a55edc7720629d1442277db52c4a3e3d2f42854905e52022c8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
bot
content-length
20496
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"5010-56c0e692334d2"
x-hw
1616011572.cds051.fr8.hn,1616011572.cds220.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
FR
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
GothamNarrow-Medium.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/GothamNarrow-Medium.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
bf8c52fac4387f2c2892a116d6cd08de6c64061e88200df7ca256b1918db8a23
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
bot
content-length
20396
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"4fac-56c0e69234472"
x-hw
1616011572.cds051.fr8.hn,1616011572.cds244.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
FR
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
Genericons.woff
s1.ibtimes.com/sites/all/themes/lemon/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/all/themes/lemon/fonts/Genericons.woff
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
bot
content-length
13988
last-modified
Tue, 26 Jul 2016 03:18:10 GMT
etag
"36a4-52cba959d601d"
x-hw
1616011572.cds051.fr8.hn,1616011572.cds140.fr8.c
content-type
application/x-font-woff
access-control-allow-origin
*
x-geoip
FR
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
GothamNarrow-Book.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/GothamNarrow-Book.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d297ed5bc864561563c23526a7e616c5aa859c02eb00845dfae4439f83f09354
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
tablet
content-length
20328
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"4f68-56706dfe207d9"
x-hw
1616011572.cds051.fr8.hn,1616011572.cds277.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
GothamNarrow-Black.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/GothamNarrow-Black.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
0bf095b71113f5dce2d2fc47d5d8ae5ead9299bfd4ef43245fcd07b5de85a2a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
27792
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"6c90-5a06f881c936d"
x-hw
1616011572.cds051.fr8.hn,1616011572.cds245.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
GothamNarrow-BookItalic.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/GothamNarrow-BookItalic.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
4a52b999447dcaf18945438b2f1d286df991486a97fbe5b9baf5c6a112e2a063
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
21628
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"547c-56706dfe207d9"
x-hw
1616011572.cds051.fr8.hn,1616011572.cds161.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
GothamNarrow-Bold.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/GothamNarrow-Bold.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fa9d0382df6ffc1160364daa89169e6635cb1198d0ea46c5edbc483dba4f3024
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
bot
content-length
20268
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"4f2c-5a06f881cc24d"
x-hw
1616011572.cds051.fr8.hn,1616011572.cds041.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
FR
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
playfairdisplay-bold-webfont.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/playfairdisplay-bold-webfont.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d2e105942480e6ee58080096f754e3a6a81dfd1039eac5a559e70687c4783ef0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
bot
content-length
33664
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"8380-56c58400485ec"
x-hw
1616011572.cds051.fr8.hn,1616011572.cds006.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
FR
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
/
hb.emxdgt.com/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1616011572449&src=pbjs
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 17 Mar 2021 20:06:12 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://www.ibtimes.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
cygnus
htlb.casalemedia.com/ 		24 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=340178&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%226b4f02d2de8308%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A4%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2277366f94b8e6c7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22340178%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22889e82a9cfd3a5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22340179%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229cb612c63df05a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22340179%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210937a3fa3e6305%22%2C%22ext%22%3A%7B%22siteID%22%3A%22340180%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22110417d8b819cea%22%2C%22ext%22%3A%7B%22siteID%22%3A%22340180%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22127286c3cbd6dec%22%2C%22ext%22%3A%7B%22siteID%22%3A%22340181%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ab939179beb3dc0c23e445ac6c985c17ca7e02747eb68e56a7b49188602fb489

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[37.120.217.220], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ibtimes.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Wed, 17 Mar 2021 20:06:12 GMT
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ibtimes.com
date
Wed, 17 Mar 2021 20:06:11 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		776 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
3e59d1ae18b129a16868fed215deca0fb01702c7a7639513121313cc702a6c19

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ibtimes.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
144
content-length
334
arj
u.openx.net/w/1.0/ 		172 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9b152fe3-acad-4730-a41e-32c6f41812b8%2C6cedfdfe-3ef0-4db3-84e2-f6c22c4f1fb3%2C16872029-8485-477c-9ab1-fb1f77769d62%2Ccb461177-ed89-455e-9126-deb62e859c85&nocache=1616011572456&ph=c426afb7-9100-4325-a885-afed645e58b6&aus=728x90%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250&divIds=dfp-ad-top%2Cdfp-ad-right1%2Cdfp-ad-right2%2Cdfp-ad-right3&auid=540734349%2C540734343%2C540734346%2C540734347
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
d041bcba1767a29dfd3fafa43ae1d9499e3916e26161d69a18f15c579bc20f55

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ibtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.25.0&referrer=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&tmax=1000
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.194.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-194-251.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:12 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.ibtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		594 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19988&site_id=234676&zone_id=1157176%3B1157168%3B1157170%3B1157172&size_id=2%3B15%3B15%3B15&alt_size_ids=%3B10%3B10%3B&rf=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&tk_flint=pbjs_lite_v4.25.0&x_source.tid=9b152fe3-acad-4730-a41e-32c6f41812b8%3B6cedfdfe-3ef0-4db3-84e2-f6c22c4f1fb3%3B16872029-8485-477c-9ab1-fb1f77769d62%3Bcb461177-ed89-455e-9126-deb62e859c85&p_screen_res=1600x1200&rp_secure=1&slots=4&rand=0.43832683809143913
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d2e834faaffa0f78e07d8b1a2f1a6ab2855eae38e084659807d26cc7ffefbb44

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:12 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ibtimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
594
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		472 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
40dd69db1f048d72d448d01b67244b292ce93dcb8a137703ca9ca821aa354405
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:12 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.47:80
AN-X-Request-Uuid
077d41a2-7e52-4caa-bef0-f96300a325bf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ibtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
472
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		474 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
08035605ffad94985e87208336cdb10a16e01860818505d9f0421bac941800a4

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:12 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.ibtimes.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
474
expires
0
connatix.playspace.dc.js
cds.connatix.com/p/108565/ Frame 4F19
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/108565/connatix.playspace.dc.js
1 MB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/108565/connatix.playspace.dc.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.58.137 London, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5afc7cb2653cd5052a0240fec46bf157bc0d72ad75bb6594ec022cf8220e0ac1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Nq5d7BoX4x8PkufPnFmqeJR77BXBRVsF
via
1.1 varnish, 1.1 varnish
etag
"3064fd33bf1ed571ea3866ee11a6ed0b"
age
35861
x-cache
HIT, HIT
x-amz-replication-status
FAILED
content-encoding
br
content-length
227162
x-served-by
cache-dca17765-DCA, cache-lon4272-LON
last-modified
Wed, 17 Mar 2021 09:01:02 GMT
x-timer
S1616011573.567846,VS0,VE0
date
Wed, 17 Mar 2021 20:06:12 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
2, 2118

Redirect headers

date
Wed, 17 Mar 2021 20:06:12 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-fra19173-FRA
x-cache
HIT
location
https://cds.connatix.com/p/108565/connatix.playspace.dc.js
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1616011572.484162,VS0,VE2
content-length
0
retry-after
0
x-cache-hits
0
ibtimes.com.307820.js
jsc.mgid.com/i/b/ Frame B373 		421 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb621bc87b6dcb6416bfbc33fc8d11fc8fa8d72a8cf64fedfe071eea83901968

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
br
cf-cache-status
HIT
age
2647
cf-polished
origSize=579247
last-modified
Wed, 17 Mar 2021 11:06:53 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
J2Y7AN0YAXM2GA6G
x-amz-id-2
nYqIuYIt4InYrG5RGQjspHjb7XvYbrLxuc+8eCO+7HCc/7QHJMvW52cOygC7JL+PokRdXD9ctEo=
cf-bgj
minify
server
cloudflare
etag
W/"4c50fb3d0328e519cb0eb2ddd54f58e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
08e364cd20000004978c0c7000000001
cf-ray
6318d7283f020497-CDG
expires
Wed, 17 Mar 2021 23:06:12 GMT
Cookie set /
ibt-mail.com/site2/ibt_us_2021/ Frame BF21 		76 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
Requested by
Host: ibt-mail.com
URL: https://ibt-mail.com/view_webform_v2.js?u=t&webforms_id=12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.77.202 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
mta-1.ibt-mail.com
Software
nginx /
Resource Hash
174a65c7fe238fcc38670cbbc3057d32b96723ebe261079c4765017e389623de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ibt-mail.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Server
nginx
Date
Wed, 17 Mar 2021 20:06:12 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
timeout=logout_43200; expires=Thu, 18-Mar-2021 08:06:12 GMT; Max-Age=43200; path=/; domain=ibt-mail.com webformv2_opened_12=0; expires=Fri, 16-Jul-2021 20:06:12 GMT; Max-Age=10454400; path=/; domain=.ibt-mail.com webformv2_opened_12=0; expires=Fri, 16-Jul-2021 20:06:12 GMT; Max-Age=10454400; path=/; domain=.ibt-mail.com
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Feature-Policy
accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
Content-Encoding
gzip
gr_wf_v2.css
ibt-mail.com/stylesheets/core/pages/webFormV2/public/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibt-mail.com/stylesheets/core/pages/webFormV2/public/gr_wf_v2.css
Requested by
Host: ibt-mail.com
URL: https://ibt-mail.com/view_webform_v2.js?u=t&webforms_id=12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.77.202 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
mta-1.ibt-mail.com
Software
nginx /
Resource Hash
0c9ac233a87095c82fb409d77e1e8214461f3cffad4ddf119072b3f37caff6b1

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Server
nginx
ETag
W/"1dc09d84-1fd8"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=14400
Connection
keep-alive
Expires
Thu, 18 Mar 2021 00:06:12 GMT
tm-hits-widget.js
cdn.feeds.ibt.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.feeds.ibt.com/tm-hits-widget.js?story_type=analysis%2Carticle%2Ccolumn%2Ceditorial%2Cinterview%2Cop_ed%2Copinion%2Cpulse%2Cslideshow%2Cblog_entry&created=1615752371&syndication=1&numbered=0&numbered2=1&placeholder_id=most_popular_widget&include_categories=0&exclude_cateids=1060003%7C26%7C1630%7C19%7C12%7C34%7C1060006%7C2%7C1059213%7C315%7C38%7C6%7C10%7C35%7C14&include_images=1&include_shares=0&limit=5&sponsor=&include_spons1=&include_spons2=&include_spons3=&site=www.ibtimes.com
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9000:17:1429:b980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
2db5cf80d922a2444cece582ba124ba0dee0476ee5eb25f4dc02abc442be1023
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
via
1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
x-content-type-options
nosniff, nosniff
server
Apache/2.4.18 (Ubuntu)
x-amz-cf-pop
FRA56-C2
etag
"2b31cfbac0f4b09f116b9c6de9d01428"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
text/javascript; utf-8;charset=UTF-8
cache-control
public, max-age=900
x-drupal-cache
MISS
content-length
4633
x-amz-cf-id
sLRH6suR9drrm4tXVnl48WDndLnbBYE9G1YZzirC5xxi_vVzxTPBkA==
expires
Sun, 19 Nov 1978 05:00:00 GMT
pubads_impl_2021031601.js
securepubads.g.doubleclick.net/gpt/ 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 08:39:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102421
x-xss-protection
0
expires
Wed, 17 Mar 2021 20:06:12 GMT
5154892.js
js.hs-banner.com/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/5154892.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5154892.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a6a2855f33b803d6785165a5a70a17fb3d2b8a9a5c0b0403c87b438182f2182

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
9MACYEXSSGBQA3AX
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
XnbJxs39nGZyBVm68EYlPswNkO40cwofeNU7GdrkKNApacGoTg/Uk5jQPVcJx/1JgK+RmW3dcqU=
timing-allow-origin
*
last-modified
Tue, 09 Mar 2021 21:37:29 GMT
server
cloudflare
etag
W/"2669a9f5a8bac5f845a5f60c81b7b760"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
crbblsWX0h0eYZxLmK.RceB67Fwltvmg
access-control-allow-origin
https://www.ibtimes.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-request-id
08e364cd4300004e6217b51000000001
cf-ray
6318d72869d64e62-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Wed, 17 Mar 2021 20:11:12 GMT
5154892.js
js.hs-analytics.net/analytics/1616011500000/ 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1616011500000/5154892.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5154892.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
697d1279d73b958fd39429e9d0cbc92b511747ed4cd5cd83927f7934d4dc713b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
br
cf-cache-status
HIT
age
12
x-guploader-uploadid
ABg5-UxsfnESKzEy8fk4b3sf7moZxoDz6wJHFkmFOLaOD7Up6swP0ctnkdcoOdaW4U4_J6FQepSpvrhu28evQgfKqjZ_vCp3RA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
08e364cd420000d7095f2a7000000001
last-modified
Tue, 23 Feb 2021 22:41:23 GMT
server
cloudflare
etag
W/"a40cab4299dcb1b7ec1eb5c7ed2726af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=tahVIw==, md5=pAyrQpncsbfsHrXH7Scmrw==
x-goog-generation
1614120083221590
cache-control
max-age=300, public
access-control-allow-credentials
false
x-goog-stored-content-length
62506
cf-ray
6318d7286884d709-FRA
expires
Wed, 17 Mar 2021 20:11:00 GMT
implement-r.js
fqtag.com/tag/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fqtag.com/tag/implement-r.js?org=8adasewre3atrefrejuj&p=www.ibtimes.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
81bc4088c69ca9a56d7ede925d5dd13d748d1cb2266867e1e644e4832b3b710b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:12 GMT
via
1.1 google
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2481
x-xss-protection
0
expires
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
10352
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
date
Wed, 17 Mar 2021 17:21:25 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
7l4FDdcXwNFY-Hx98_MF0BE5tKQdAO0FRGdZ4MYGx4dVSvnm6l86-g==
smart3-9724ff1e.html
frontend.1worldonline.com/widget/ Frame 3C38 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frontend.1worldonline.com/widget/smart3-9724ff1e.html
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/poller-constructor.js?ncu=%%CLICK_URL_ESC%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.115.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-115-11.hel50.r.cloudfront.net
Software
nginx /
Resource Hash
22acc148ce6309dec7d1e5ad61cb9c8007b904321d3cd20d546a5229b90184ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
frontend.1worldonline.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Content-Type
text/html
Content-Length
7151
Connection
keep-alive
Cache-Control
max-age=604800
Content-Encoding
gzip
Date
Thu, 11 Mar 2021 00:14:18 GMT
ETag
W/"602fae87-3e9c"
Expires
Thu, 18 Mar 2021 00:14:18 GMT
Last-Modified
Fri, 19 Feb 2021 12:26:47 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Cache
Hit from cloudfront
Via
1.1 f44b0401aa25ee4759a1c3f13a10909b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HEL50-C2
X-Amz-Cf-Id
Gva04yYJrxZQzcfaP5mJaHbj81gaJ6L-O4TAXl_9CeU6fEGeGQmGBQ==
Age
589914
start-load
app.1worldonline.com/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401/view/ 		24 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.1worldonline.com/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401/view/start-load?deviceType=desktop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.53.123.199 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-123-199.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
p3p
CP="CAO PSA OUR"
Cache-Control
no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
24
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ccpa.privacymanager.io
URL: https://ccpa.privacymanager.io/1/ccpa.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

Accept
application/json
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 Mar 2021 05:13:58 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront), 1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
age
53534
x-amzn-requestid
3e267588-9ee5-4017-80bc-6b38f33108f8
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60519016-6c63598b07729bcf4d86fa2b;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1, FRA56-C1
x-amz-apigw-id
cUNzgE41joEFtQQ=
content-length
30
x-amz-cf-id
UmMqCqjXrrFWE2sOyrAET3iMopWVTmdQ-p-RAmEUu47bp7h-13odaw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Server
65.9.58.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.ibtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Wed, 17 Mar 2021 20:06:12 GMT
x-amzn-requestid
deed80b4-3480-4723-908a-1d2bf586fde0
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
cWQgQEcsDoEFqBg=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront), 1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1 FRA56-C1
x-cache
Miss from cloudfront
x-amz-cf-id
iveCq22hWdnRwyTcPY6iBiUGFpF1XWgTFy7XtpoCpnAZ08PHRAlU_w==
totop.png
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/images/ 		599 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/images/totop.png
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
240981ff82edee24ab6fec83feeff0b7eed77153d92802cb6cd63cc2cd812ab8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
599
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"257-569c3899d108d"
x-hw
1616011572.cds007.fr8.hn,1616011572.cds131.fr8.c
content-type
image/png
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e1d6d4ef3de197768bf26a1e8639dff63212cdffbcac49406f6bd4045790cc20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
JrQyHB5kmptxaUSKlQY1Dg==
cross-origin-resource-policy
cross-origin
expires
Wed, 17 Mar 2021 20:19:05 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
ff8uLfPkN10a/bal6RdImdBZONItoBHHqxJyuD+Ruxh4bkowQ3Z+VLZb+FVhHfFFv7coDrs80rvb9eo6I7jkDg==
x-fb-trip-id
686109401
x-fb-content-md5
0cc9539f2a83c4ce67fc76961ca22807
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 17 Mar 2021 20:06:12 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"31b6cb711d35a92a820477ee60843613"
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
gtm.js
www.googletagmanager.com/ 		128 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5F22G6
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__SlxZR0T0y0knhPGspoKKlEQqbk_RdNNsHwLrlCQRTSo__RgpPVro9wK40GN-tQHmx9y4C2ci20sAMPuS9ueFsEv8__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c53879d513f7788d1efd1c2855c75b746416d2a3a7397f1a024b069d2190adc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42376
x-xss-protection
0
last-modified
Wed, 17 Mar 2021 18:15:10 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Mar 2021 20:06:12 GMT
widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html
platform.twitter.com/widgets/ Frame ECD8 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.ibtimes.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC3) /
Resource Hash
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
602124
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 17 Mar 2021 20:06:12 GMT
Etag
"e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified
Wed, 03 Mar 2021 19:20:25 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BC3)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105690
playfairdisplay-regular-webfont.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/playfairdisplay-regular-webfont.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
0b5735b14f45d2be0b5aa6c83855e88d323751ee3855d87aea82c81c501c0731
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
31820
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"7c4c-56c5840bb838d"
x-hw
1616011572.cds051.fr8.hn,1616011572.cds260.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
track.gif
feeds.ibt.com/ 		35 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feeds.ibt.com/track.gif?type=tm_hits&id=3096369&site=www.ibtimes.com&title=Biden+Names+Dr.+Rochelle+Walensky+As+CDC+Director&category=National&category_id=1059213&category_url=https%3A%2F%2Fwww.ibtimes.com%2Fnational&story_type=article&syndication=1&created=1607348289&uid=1311719&image=https%3A%2F%2Fs1.ibtimes.com%2Fsites%2Fwww.ibtimes.com%2Ffiles%2Fstyles%2Fthumbnail%2Fpublic%2F2020%2F11%2F20%2Fpresident-elect-joe-bidens-team-is-plowing-ahead.jpg&url=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369&t=1616011572616&st=1616011571
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.85.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jan 2019 20:06:08 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"23-57ef7e047b920"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
35
expires
0
pixel.js
cdn.fqtag.com/1.27.339-ccfb11a/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by
Host: fqtag.com
URL: https://fqtag.com/tag/implement-r.js?org=8adasewre3atrefrejuj&p=www.ibtimes.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.36.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:24:28 GMT
age
2504
x-guploader-uploadid
ABg5-UxL6QL6n0DkIUwiHamrdxSOiymDy9Yd88WxoXjlv8MVr9CWo5lG3jjd-RpbIqlPayRBoKimNP739pKif164MJa5YJXcSQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89647
last-modified
Wed, 27 Jan 2021 19:48:44 GMT
server
UploadServer
etag
"e0eff30579598f76147c9ea12f490d21"
x-goog-hash
crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
content-language
en
x-goog-generation
1611776924905378
x-goog-expiration
Sun, 11 Nov 2294 19:48:44 GMT
cache-control
public, max-age=3600
x-goog-stored-content-length
89647
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 17 Mar 2021 20:24:28 GMT
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bef68150a61b79f71c0f81f23efe27a78da8f6e60e0f188d378b407f9276225a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 17 Mar 2021 19:05:53 GMT
server
ESF
date
Wed, 17 Mar 2021 20:06:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Mar 2021 20:06:12 GMT
css
fonts.googleapis.com/ 		2 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 17 Mar 2021 19:07:34 GMT
server
ESF
date
Wed, 17 Mar 2021 20:06:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Mar 2021 20:06:12 GMT
connatix.playspace.css
cds.connatix.com/p/108565/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/108565/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.58.137 London, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e1d09387f62774dbb03e6b7c8404f8ccadb06a747b60571f8f080213820cab9

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_sjL0cU5ORRIOzsmjYyrYujaDmmquMbm
via
1.1 varnish, 1.1 varnish
etag
"a2e4815b59a14d0ee11b3bde797ef7e0"
age
35862
x-cache
HIT, HIT
x-amz-replication-status
FAILED
content-encoding
br
content-length
14290
x-served-by
cache-dca17763-DCA, cache-lon4272-LON
last-modified
Wed, 17 Mar 2021 09:01:02 GMT
x-timer
S1616011573.778063,VS0,VE0
date
Wed, 17 Mar 2021 20:06:12 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 2205
sdk.js
connect.facebook.net/en_US/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=999be0e66295ecb204433b8856331d8a&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b9172e57a543be175ba701cc8d65040b208ba3e2458e83fb557c2a454a05379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
4+DURIchuxgn4OgoNAOPew==
cross-origin-resource-policy
cross-origin
expires
Thu, 17 Mar 2022 17:42:57 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60837
x-fb-rlafr
0
x-fb-debug
2yaOyUxbkfxscdnxgnRZpXTUiQs/H4Y+6nBHXcx4aar8u8pm5fz7e2Fi78+ppbgSSKt8cXz14bAOChSIeA7wpg==
x-fb-trip-id
2050670934
x-fb-content-md5
75b50bc982cee66d60ceb599f2147b5f
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 17 Mar 2021 20:06:12 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"09f63a7731fbe954be896f2398c20794"
timing-allow-origin
*
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3794&u=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&pid=CCh97ISXAFfQ4&cb=0&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right3%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22id%22%3A%22IBT_videoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22cmp-timeout%22%2C%22cmpTimeout%22%3A200%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ibtimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
oM53QIcuX6jxvn3WM53J-e3dQiY21lKZjmHUR3K2-GP4U--iLmjN7A==
Brrhha
ad.doubleclick.net/ddm/adj/Bsrmnm/ 		11 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/Bsrmnm/Brrhha
Requested by
Host: stalesummer.com
URL: https://stalesummer.com/v2jwa09-ea5JgtGMI8UDv_W4HlKfJLPJbfeNXviAWNmyjExu0se_D1bU_Pr8x9zyUiVxfGFG-_0hNq8v4c7qG8GBjE4T6vWc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget-smart.min-73559509.js
frontend.1worldonline.com/widget/js/static/ Frame 3C38 		296 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend.1worldonline.com/widget/js/static/widget-smart.min-73559509.js
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/smart3-9724ff1e.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.115.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-115-11.hel50.r.cloudfront.net
Software
nginx /
Resource Hash
e00dae9452cf6023e1b1eb9991a4f106fa01ad559dff02fd894a3fd9838180a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://frontend.1worldonline.com/widget/smart3-9724ff1e.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Mar 2021 09:55:20 GMT
Content-Encoding
gzip
Age
209452
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 19 Feb 2021 12:26:47 GMT
Server
nginx
ETag
W/"602fae87-49e11"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Via
1.1 f44b0401aa25ee4759a1c3f13a10909b.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
X-Amz-Cf-Pop
HEL50-C2
X-Amz-Cf-Id
P2XDcSfN2Z4nzwYdYdUTzpYvAo6tCF10GCsElM1IgZngSfphcqDB1A==
Expires
Mon, 22 Mar 2021 09:55:20 GMT
overall-widget-smart-6d706e12.css
frontend.1worldonline.com/widget/js/static/css/ Frame 3C38 		91 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frontend.1worldonline.com/widget/js/static/css/overall-widget-smart-6d706e12.css
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/smart3-9724ff1e.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.115.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-115-11.hel50.r.cloudfront.net
Software
nginx /
Resource Hash
d29fc70c009998bb03e1b9d37a7df7796c49deea722c717e4231637113bed3d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://frontend.1worldonline.com/widget/smart3-9724ff1e.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Mar 2021 19:26:53 GMT
Content-Encoding
gzip
Age
175159
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 19 Feb 2021 12:26:47 GMT
Server
nginx
ETag
W/"602fae87-16ab4"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Via
1.1 ead12ea8a5dacf72daa302814186069d.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
X-Amz-Cf-Pop
HEL50-C2
X-Amz-Cf-Id
BCBthJHpLmGUkjj169VJlyps2ZTsl4MZV2D-65HyoQvCPq9hRpDm4g==
Expires
Mon, 22 Mar 2021 19:26:53 GMT
analytics.js
www.google-analytics.com/ Frame 3C38 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/smart3-9724ff1e.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
217
date
Wed, 17 Mar 2021 20:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Wed, 17 Mar 2021 22:02:35 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F22G6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
217
date
Wed, 17 Mar 2021 20:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Wed, 17 Mar 2021 22:02:35 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1616011572898&ns_c=UTF-8&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ib...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1616011572898&ns_c=UTF-8&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.i...
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1616011572898&ns_c=UTF-8&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&c9=&cs_ak_ss=1
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:12 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1616011572898&ns_c=UTF-8&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:12 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
5eff8cfa4b5f601334e201d0
api.pushnami.com/scripts/v1/pushnami-adv/ 		255 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5eff8cfa4b5f601334e201d0
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.115.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-115-98.hel50.r.cloudfront.net
Software
/
Resource Hash
9763e853e3362aaedf7c6460e117de4b65d6c08f4f33cec2fddcff420fb1d86d

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:56:24 GMT
via
1.1 9267231a1fec2f141a931c8dc694fe1d.cloudfront.net (CloudFront)
age
589
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-pop
HEL50-C2
content-encoding
gzip
x-amz-cf-id
43sfX-1IsFQzwKwZ4DTGDk-PSjIWoO29JZ4tyV46GhD9eSCuOyyR7A==
records
dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/ 		110 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/records
Requested by
Host: ccpa.privacymanager.io
URL: https://ccpa.privacymanager.io/1/ccpa.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-44.dus51.r.cloudfront.net
Software
/
Resource Hash
ad9125528034c335ff5fd9dbe6f5020aef36b3586e602ad2b3b6966bb2e6109a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amzn-requestid
212cb278-717c-4cdb-946a-08c2addbed0c
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60526135-1c6bbf62301b72062082fdd8
x-amz-apigw-id
cWQgXEN-oAMF7og=
content-length
110
x-amz-cf-id
ptpHFZ7wEmJdpmU5eTA0vprSexiXt94tknF_80h-fCV-qJXhYbKOEQ==
records
dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/records
Protocol
H2
Server
13.226.159.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-44.dus51.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.ibtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Wed, 17 Mar 2021 20:06:13 GMT
x-amzn-requestid
6fbd1dfd-113e-467b-9ec0-7d38df4db7b1
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
cWQgUFBqoAMFxtw=
access-control-allow-methods
GET,OPTIONS,POST
x-cache
Miss from cloudfront
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
bQiLf4AFmfVyA3n8dYKI1GgrGgMFpuIqdD9baeAIUgbinv1GOI0EFg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: cdn.feeds.ibt.com
URL: https://cdn.feeds.ibt.com/tm-hits-widget.js?story_type=analysis%2Carticle%2Ccolumn%2Ceditorial%2Cinterview%2Cop_ed%2Copinion%2Cpulse%2Cslideshow%2Cblog_entry&created=1615752371&syndication=1&numbered=0&numbered2=1&placeholder_id=most_popular_widget&include_categories=0&exclude_cateids=1060003%7C26%7C1630%7C19%7C12%7C34%7C1060006%7C2%7C1059213%7C315%7C38%7C6%7C10%7C35%7C14&include_images=1&include_shares=0&limit=5&sponsor=&include_spons1=&include_spons2=&include_spons3=&site=www.ibtimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 20:05:07 GMT
story
capi.connatix.com/core/ Frame 4F19 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=108565
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bead81c931f2b1bfa985aa951ac5045a052f5bd379ce28b5db1f9d297c98bb7b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
br
cf-cache-status
HIT
age
2815
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08e364cecd0000049778bb4000000001
cf-ray
6318d72add080497-CDG
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:12 GMT
content-encoding
br
cf-cache-status
HIT
age
5440
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08e364cecc000004977b04e000000001
cf-ray
6318d72aed0a0497-CDG
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3C38 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 60D8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Requested by
Host: stalesummer.com
URL: https://stalesummer.com/v2jwa09-ea5JgtGMI8UDv_W4HlKfJLPJbfeNXviAWNmyjExu0se_D1bU_Pr8x9zyUiVxfGFG-_0hNq8v4c7qG8GBjE4T6vWc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-23/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1479
date
Wed, 17 Mar 2021 12:44:45 GMT
expires
Thu, 17 Mar 2022 12:44:45 GMT
last-modified
Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
26487
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
manifest.35779c62dedb17e0486d.js
ibt-mail.com/javascripts/core/webforms/dist/ Frame BF21 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibt-mail.com/javascripts/core/webforms/dist/manifest.35779c62dedb17e0486d.js
Requested by
Host: ibt-mail.com
URL: https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.77.202 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
mta-1.ibt-mail.com
Software
nginx /
Resource Hash
47f1eb008ae9ca3984834143fa71106a1c727579fe8feeb6de781bc73bd2393c

Request headers

Referer
https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Server
nginx
ETag
W/"1dc09d84-62e"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=14400
Connection
keep-alive
Expires
Thu, 18 Mar 2021 00:06:13 GMT
show_webform_shared.chunk.4f2131e1335f21364591.js
ibt-mail.com/javascripts/core/webforms/dist/ Frame BF21 		283 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibt-mail.com/javascripts/core/webforms/dist/show_webform_shared.chunk.4f2131e1335f21364591.js
Requested by
Host: ibt-mail.com
URL: https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.77.202 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
mta-1.ibt-mail.com
Software
nginx /
Resource Hash
3caba2da9c187422fc8ffbb92c358eb403247a2682aeee6135d8cc08d5837797

Request headers

Referer
https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Server
nginx
ETag
W/"1dc09d84-46d62"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=14400
Connection
keep-alive
Expires
Thu, 18 Mar 2021 00:06:13 GMT
show.chunk.a5855b50ebcbf46d1a92.js
ibt-mail.com/javascripts/core/webforms/dist/ Frame BF21 		809 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibt-mail.com/javascripts/core/webforms/dist/show.chunk.a5855b50ebcbf46d1a92.js
Requested by
Host: ibt-mail.com
URL: https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.77.202 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
mta-1.ibt-mail.com
Software
nginx /
Resource Hash
45f92bbf5a332e21942b857e1d46dcf673618bbb09ad8b77387962cec82fa136

Request headers

Referer
https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Server
nginx
ETag
"1dc09d84-329"
Content-Type
application/javascript
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
809
Expires
Thu, 18 Mar 2021 00:06:13 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
888 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:22:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2630
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Wed, 17 Mar 2021 20:22:23 GMT
1
servicer.mgid.com/307820/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/307820/1?w=736&h=1487&p2_w=235&p2_h=184&cols=3&pv=5&cbuster=1616011573022509706197&ogtitle=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&childs=725222,863739,947807,1086935&consentData=&gdprApplies=false&uspString=&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369&lu=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&pageView=1&pvid=17841cbb71f9b390bba&implVersion=10&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99cd79a75424ea01a9f6e0dbc9f10eb128eb655ef22a6068c9d96b45aaae99db

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6318d72b7eca0497-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e364cf2900000497a59ea000000001
ibtimes.com.js
ghb.adtcontent.com/prebidmg/448892/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ghb.adtcontent.com/prebidmg/448892/ibtimes.com.js?cb=448892
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3e6e911ca5ae5349773b4e6ac092d6399c837aced1c38bbc186f0bdf8babe87

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:12 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Length
1572
Content-Type
application/javascript; charset=UTF-8
css
fonts.googleapis.com/ Frame 3C38 		2 KB
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700&amp;subset=cyrillic
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/css/overall-widget-smart-6d706e12.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d3b19b5e8f21c96321e4fb9f6eae461d1a37a7e0ff32246456c9e9ad7100e3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 17 Mar 2021 19:07:51 GMT
server
ESF
date
Wed, 17 Mar 2021 20:06:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Mar 2021 20:06:13 GMT
css2
fonts.googleapis.com/ Frame 3C38 		2 KB
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro&display=swap
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/css/overall-widget-smart-6d706e12.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f837e34ead3df38437a99751739937715d9e7af680fd3c15f348227649bedb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 17 Mar 2021 19:11:00 GMT
server
ESF
date
Wed, 17 Mar 2021 20:06:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Mar 2021 20:06:13 GMT
former-us-president-donald-trump-repeated-his-claims.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/03/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/03/04/former-us-president-donald-trump-repeated-his-claims.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
accc20d3c7dd8b9b5ecd29f095cbfdd9eb7553fe73bf7f57e7d554e909b04dc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
2932
last-modified
Thu, 04 Mar 2021 16:32:51 GMT
etag
"b74-5bcb884c4a668"
x-hw
1616011573.cds007.fr8.hn,1616011573.cds227.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
OTHER
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
democratic-speaker-of-the-us-house-nancy-pelosi.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/01/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/01/03/democratic-speaker-of-the-us-house-nancy-pelosi.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6553a953f08a19e3ce3566bace0afa8d1b22bf181e5d7ef38e774146838edf2b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
tablet
content-length
4650
last-modified
Sun, 03 Jan 2021 15:35:19 GMT
etag
"122a-5b800b88e4504"
x-hw
1616011573.cds007.fr8.hn,1616011573.cds003.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
CA
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
former-us-president-donald-trump-will-address-cpac.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/02/28/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/02/28/former-us-president-donald-trump-will-address-cpac.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7ddac39f40f8c684f7e7c22b41c8f61148ca2f8d0c6222e0bd5b761c21b01a07
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
3976
last-modified
Sun, 28 Feb 2021 15:06:54 GMT
etag
"f88-5bc66da13640c"
x-hw
1616011573.cds007.fr8.hn,1616011573.cds264.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
republican-senate-minority-leader-mitch-mcconnell-arrives-at.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/02/13/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/02/13/republican-senate-minority-leader-mitch-mcconnell-arrives-at.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b84667d4384c89c4af4b8fcfae5310d5ce39dfb19c0a8c5942fee0591ebfcae7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
2807
last-modified
Sat, 13 Feb 2021 22:16:31 GMT
etag
"af7-5bb3f1ae1f7b9"
x-hw
1616011573.cds007.fr8.hn,1616011573.cds252.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
PH
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
tesla-ceo-elon-musk-owns-nearly-20-percent.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2020/07/13/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2020/07/13/tesla-ceo-elon-musk-owns-nearly-20-percent.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
45ddf6856b9d1dccab1cc60723a04b9ca210dfdc588ef85a9777e907dfd1ad22
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
bot
content-length
2775
last-modified
Mon, 13 Jul 2020 22:55:07 GMT
etag
"ad7-5aa5a94ffe4e6"
x-hw
1616011573.cds007.fr8.hn,1616011573.cds041.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
GB
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
settings
syndication.twitter.com/ Frame ECD8 		183 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=a92e7049b9b009baab7fb911b89461503c716831
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.ibtimes.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
112
date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 20:06:13 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
800b45b5a7b845ca0fdcbc762318a3cc
strict-transport-security
max-age=631138519
content-length
152
8ad38099-acf3-4953-9aa9-dd5c847fe401
app.1worldonline.com/widget/ Frame 3C38 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.1worldonline.com/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/widget-smart.min-73559509.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.53.123.199 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-123-199.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
103f402bb27a0375e282773ad2b4d2ceb58296da49daaa105876f778ad681ccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json
Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://frontend.1worldonline.com
Access-Control-Expose-Headers
Content-Disposition, Cache-Control
Cache-Control
max-age=600, public
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
collect
stats.g.doubleclick.net/j/ 		4 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-5652780-46&cid=1085766742.1616011573&jid=569429634&gjid=340884904&_gid=318032857.1616011573&_u=aGBAgEAjAAAAAE~&z=1335084532
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 17 Mar 2021 20:06:13 GMT
content-type
text/plain
access-control-allow-origin
https://www.ibtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=8720806&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&ul=en-us&de=UTF-8&dt=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=569429634&gjid=340884904&cid=1085766742.1616011573&tid=UA-5652780-46&_gid=318032857.1616011573&gtm=2wg3305F22G6&cd1=Dawn%20Geske&cd2=national&cd3=IBTimes&cd4=us&cd5=en&cd6=article&cd7=3096369&cd8=20201207&cd9=202012&cd10=us.ibtimes%2Fnational%2Farticles&cd12=No&cd13=N&cd14=Y&cd15=N&cd17=Coronavirus%2CUS%20News%2CHealth%2CNews&cd18=No&cd19=web&cd20=10&cd21=4&cd22=article&cd23=web&cd25=Coronavirus&cd26=Y&cd27=nonpromoted&z=1814543414
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 12:41:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26660
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
d
aux.fqtag.com/aux/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/d
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 17 Mar 2021 20:06:13 GMT
via
1.1 google
alt-svc
clear
ga-audiences
www.google.com/ads/ 		42 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-5652780-46&cid=1085766742.1616011573&jid=569429634&_u=aGBAgEAjAAAAAE~&z=2009230679
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-5652780-46&cid=1085766742.1616011573&jid=569429634&_u=aGBAgEAjAAAAAE~&z=2009230679
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1198.min.js
js-agent.newrelic.com/ Frame BF21 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1198.min.js
Requested by
Host: ibt-mail.com
URL: https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.58.110 London, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6

Request headers

Referer
https://ibt-mail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
gzip
x-amz-request-id
36AC7195CB1DCB43
x-cache
HIT
content-length
10682
x-amz-id-2
CtLbCrFp4sIgdvK3uiKDhPy8VMIaGKrNFuMkrc3m0lrqKyxSU7vswY/NI8HWRMCsGyE68Lsht9w=
x-served-by
cache-lon4276-LON
last-modified
Fri, 29 Jan 2021 19:19:08 GMT
server
AmazonS3
x-timer
S1616011573.280426,VS0,VE0
etag
"59c98195ba35e0b45cbe2e5beebd1ac8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
160
en
app.1worldonline.com/poll/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401/ Frame 3C38 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.1worldonline.com/poll/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401/en?pageSize=10&location=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/widget-smart.min-73559509.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.53.123.199 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-123-199.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bf1030cd6698f0ee3cdbc8c6228a3ff2e0bd3c578ebeebc7dfb1f0fb41d00133
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://frontend.1worldonline.com
Access-Control-Expose-Headers
Content-Disposition, Cache-Control
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
account
app.1worldonline.com/ Frame 3C38 		140 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.1worldonline.com/account
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/widget-smart.min-73559509.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.53.123.199 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-123-199.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ddc1c6b0a09ff8a52117ea025adf47129f91823369f9c899cc2f3fcaf523591f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json
Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://frontend.1worldonline.com
Access-Control-Expose-Headers
Content-Disposition, Cache-Control
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
i.js
cm.mgid.com/ 		1 KB
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?consentData=&gdprApplies=0&cbuster=1616011573309745196257
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07fb70a0aae31cec73bf102e35d65aedbca413e14011bc86fb09dcb52bb21efe

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
966ae8d3-b776-42c9-a999-8d970d5e4b7b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6318d72d3b1e0497-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e364d04600000497853d1000000001
server
cloudflare
i-noref.js
cm.mgid.com/ Frame 066D 		19 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1616011573312666926429
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
f9845665-50fb-4665-8ecb-f32348d035fa
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6318d72d4b280497-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e364d048000004979ab0c000000001
server
cloudflare
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Thu, 18 Mar 2021 20:06:13 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp
s-img.mgid.com/g/8164911/492x277/32x5x928x618/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164911/492x277/32x5x928x618/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp?v=1616011573-UVQf0DE8B8Z3RR8IBUeO5BKpaHiBS4Y8wiVzYG4gcxo
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076ae70c9d36b3f858b446ed0d9d36e506399b50d58392a70615d9dea078926d

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
e88ffd98-e1e3-479d-99df-c2de6fadd873
age
3231833
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6206
cf-request-id
08e364d05000000497853d2000000001
last-modified
Mon, 08 Feb 2021 10:20:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72d4b470497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x277/0x0x1081x720/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164912/492x277/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1616011573-IMHbnx9HeuSNddPwmvNEsLhfsjX6OB-UuPMHA_lEpOc
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b157d25b2620c6a59a6ed469adcc741ce36e24b7a134a466ab95bfece785c7

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
2cc41e5f-7148-4c9e-b3b6-a6b81ac70d71
age
3231773
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10786
cf-request-id
08e364d050000004972a97d000000001
last-modified
Mon, 08 Feb 2021 10:20:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72d4b460497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzZkZDExYzI5ZWFhNzViYmU1NTUyNWNkNzYxMTQwNWY5LmpwZWc.webp
s-img.mgid.com/g/8164859/492x277/0x0x899x599/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164859/492x277/0x0x899x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzZkZDExYzI5ZWFhNzViYmU1NTUyNWNkNzYxMTQwNWY5LmpwZWc.webp?v=1616011573-U4n9rHwkzYvqkIuXSDJVbzGffR427tbm3k-CpvDn2zs
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc4d1be57bd9522ed6d89990d21a04c42491f9f3b522bc6624f6ee0c465ae698

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
fc936c55-05e8-4c34-b7aa-b12eeaefc11e
age
3231834
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19220
cf-request-id
08e364d0500000049778bdc000000001
last-modified
Mon, 08 Feb 2021 10:20:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72d4b450497-CDG
aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDMvMTIvdXMtcHJlc2lkZW50LWpvZS1iaWRlbnMtbmFtZS13aWxsLW5vdC1hcHBlYXIuanBn.webp
s-img.mgid.com/g/0/492x277/0x0x0x0/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/0/492x277/0x0x0x0/aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDMvMTIvdXMtcHJlc2lkZW50LWpvZS1iaWRlbnMtbmFtZS13aWxsLW5vdC1hcHBlYXIuanBn.webp?v=1616011573-Wu14dZOsMmW7MMX9YlfpZuXbQFhAIB2Hu3ZPHERYCUQ
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1afbb5768374749e5d55cf81d2ac952ec144570777bd28a0e5fbf471ed2a117

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
f7a2455a-8da0-439c-b099-4d06a21144d6
age
2766
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14770
cf-request-id
08e364d050000004978ab68000000001
last-modified
Wed, 17 Mar 2021 19:12:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72d4b440497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTEtMDYvMTAxOTI0LzgyNzNlNDE2YjU0YThjNTEyYTc1YTEzODQ0NTk0MWUwLmpwZWc_dD0xNTQxNTIyODc3NDIz.webp
s-img.mgid.com/g/8164839/492x277/21x11x492x328/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164839/492x277/21x11x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTEtMDYvMTAxOTI0LzgyNzNlNDE2YjU0YThjNTEyYTc1YTEzODQ0NTk0MWUwLmpwZWc_dD0xNTQxNTIyODc3NDIz.webp?v=1616011573-4a5uGqEtHLOKC7I1hN5uu3gbAiTFu3phVOHYDSTu_FM
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65848c733b944f74defe77cab47a83582f9d0888606ec68f345263ddd63e67a5

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
2d349c7f-ea9a-4c0f-ac12-80cfbfab6e15
age
3231810
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6472
cf-request-id
08e364d04f000004979b850000000001
last-modified
Mon, 08 Feb 2021 10:20:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72d4b410497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2QwZGE1NGNmMmY1ZTg3YmY5NGE3YTZhOGFhZjJiZWMyLmpwZWc.webp
s-img.mgid.com/g/8164838/492x277/0x0x2049x1366/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164838/492x277/0x0x2049x1366/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2QwZGE1NGNmMmY1ZTg3YmY5NGE3YTZhOGFhZjJiZWMyLmpwZWc.webp?v=1616011573-GQqPCjCJfp22c6ORGRA_o2oQV4iwPWrOXEvsDESwzh0
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c79d105d05df2684fa4ccbd03d00a8258c11e1db815e6b7577aadf7e6edfe1

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
4c041aa0-598d-4a71-8c77-09ea449c42f5
age
3231561
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10998
cf-request-id
08e364d04f00000497543ea000000001
last-modified
Mon, 08 Feb 2021 10:20:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72d4b430497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp
s-img.mgid.com/g/8164890/492x277/0x0x900x600/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164890/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp?v=1616011573-A8E6Smt4oBsnYNtHovLdehk3UDdbGoYs0cHgOy1icqs
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b89f6f8287ac19597821934089278793ff78ed66a158955cc0141617a1b21e98

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
833d9e26-ec9d-46e0-9648-ab9c3f40eb34
age
3231757
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8536
cf-request-id
08e364d06800000497a1379000000001
last-modified
Mon, 08 Feb 2021 10:20:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72d7b840497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.mgid.com/g/8164889/492x277/0x124x565x376/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164889/492x277/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1616011573-FOXMGpkNj1ieR8k_5Zd4mMd586bdrYtW4fKO8oPOndE
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
defdc955e936cb660fb097886c7e9629ff16d594d54d48621a30151c729c9a0a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
dd3e4134-0b0a-45ac-899a-6ca164e38f9b
age
3231874
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14122
cf-request-id
08e364d06c00000497a0abd000000001
last-modified
Mon, 08 Feb 2021 10:20:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72d7b950497-CDG
aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDMvMTcvdXMtcHJlc2lkZW50LWpvZS1iaWRlbi1zYWlkLXJ1c3NpYS13aWxsLXBheS5qcGc.webp
s-img.mgid.com/g/0/492x277/0x0x0x0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/0/492x277/0x0x0x0/aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDMvMTcvdXMtcHJlc2lkZW50LWpvZS1iaWRlbi1zYWlkLXJ1c3NpYS13aWxsLXBheS5qcGc.webp?v=1616011573-guOqBs5Tlb-j7GEfNMwsgp7cwp8MJX1M6qA1rL4v1aE
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e77e31defbe42329d58c6e693a58ab172b65cc66a6050c425259466c29ee5932

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
ca967525-bb77-4946-8b7d-decb8de75cce
age
434
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6348
cf-request-id
08e364d06d00000497853d4000000001
last-modified
Wed, 17 Mar 2021 19:33:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72d7b980497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.mgid.com/g/8193525/492x277/0x311x684x456/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193525/492x277/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1616011573-bmb3DJiVRN3jYWQqrk0XWD6YK7WNlQgnxuhtAyyqmmE
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aae7f67b0a890728d141dd89c222472429682a0f2fc6273eb92dfc2f58126d6

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
eaf15120-bd53-4115-abd7-2d1c1ff713ce
age
3069751
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13282
cf-request-id
08e364d06d000004975d0cc000000001
last-modified
Wed, 10 Feb 2021 07:15:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72d7b9a0497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x277/0x0x1001x667/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164884/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1616011573-pnJRKxBnYSRbCK6IcE_o9ZP0gWlToFxRegjZEoiK5hg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521650f230fb40fdbfa06b56e8c084f9347fbf2a2e9fccd8216080f56cfb638b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
6747c35f-08e7-4b7b-b8bf-78ef28a914d2
age
3231812
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17234
cf-request-id
08e364d07200000497a137a000000001
last-modified
Mon, 08 Feb 2021 10:20:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72d8bb00497-CDG
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2RlM2Y5MmY0NmU3OTk0Y...
s-img.mgid.com/g/8164840/492x277/-/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164840/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2RlM2Y5MmY0NmU3OTk0Y2VlZjQ2NTAwOTM4YTMxYzMuanBn.webp?v=1616011573-HIE0oEGYIUfbQP1AXWPMLf2KayZ7wjSgoifaCNuY0LU
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef5b36ccbdec33b7bce73a0ecd576dce20937cedf180223bd4eb52e5a8168a46

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
f788a246-0762-4813-b563-6781b75fba9d
age
3231851
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
cf-request-id
08e364d08000000497378d0000000001
last-modified
Mon, 08 Feb 2021 10:20:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72d9be50497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp
s-img.mgid.com/g/8193499/492x277/125x507x492x328/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193499/492x277/125x507x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp?v=1616011573-rsVbqjF5oaT8oc0z8IVfjKADhLDorDr4VAihsq27Mx8
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac60840041656e58395c840c23018db25c1c4e8af88040c2cb2615235ea54d0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
8580a207-9402-405f-b7c4-8e9fe227d942
age
3069635
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26552
cf-request-id
08e364d0880000049759336000000001
last-modified
Wed, 10 Feb 2021 07:15:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72dac140497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/492x277/0x89x1080x720/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164857/492x277/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1616011573-IOMSvmZWsdXSE1kUq0RjEjpAnOT8vyRUS2E_bow5nRU
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48051e4b1aa3d6ed46f83b00f861735ae4b367785242a14882c420143401288e

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
c021fbc8-ad0f-47f6-bca7-4dafde137f45
age
3231883
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6240
cf-request-id
08e364d089000004976d9a2000000001
last-modified
Mon, 08 Feb 2021 10:20:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72dac150497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2YwOGJiYTYyZTZiNTczY2MzZThhMzY1ZTUyMjU2ZWQ0LmpwZWc.webp
s-img.mgid.com/g/8164910/492x277/0x9x612x408/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164910/492x277/0x9x612x408/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2YwOGJiYTYyZTZiNTczY2MzZThhMzY1ZTUyMjU2ZWQ0LmpwZWc.webp?v=1616011573-b_0Dc3Rn4UBQfxr5M0f3rkm_TW0alxywGXHAIsuJLQA
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7aba06fbd0493aae4d0d9d6c9571c898aca7401a628dcb16c9030e2279b4b1

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
09726fb8-2254-4968-baef-fc49e5e96afa
age
3231729
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12270
cf-request-id
08e364d0890000049760135000000001
last-modified
Mon, 08 Feb 2021 10:20:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72dac180497-CDG
int_exchange_wages_ad.svg
cdn.mgid.com/images/mgid/ 		1 KB
756 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 12:16:53 GMT
server
cloudflare
age
5421
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-id-2
AGTEZwBxGbSWoaniCgxSch6mKkvdXP64eVSHfRIUTfWOYpOMeRmk0rEpV385mnCS06k3FCX5380=
content-type
image/svg+xml
cf-ray
6318d72d4b4a0497-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
F1D81C6AA14B284C
cf-request-id
08e364d0510000049733095000000001
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp
s-img.mgid.com/g/8164911/492x277/32x5x928x618/ Frame B373 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164911/492x277/32x5x928x618/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp?v=1616011573-UVQf0DE8B8Z3RR8IBUeO5BKpaHiBS4Y8wiVzYG4gcxo
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076ae70c9d36b3f858b446ed0d9d36e506399b50d58392a70615d9dea078926d

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
e88ffd98-e1e3-479d-99df-c2de6fadd873
age
3231833
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6206
cf-request-id
08e364d08f000004972e244000000001
last-modified
Mon, 08 Feb 2021 10:20:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72dbc2c0497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x277/0x0x1081x720/ Frame B373 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164912/492x277/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1616011573-IMHbnx9HeuSNddPwmvNEsLhfsjX6OB-UuPMHA_lEpOc
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b157d25b2620c6a59a6ed469adcc741ce36e24b7a134a466ab95bfece785c7

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
2cc41e5f-7148-4c9e-b3b6-a6b81ac70d71
age
3231773
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10786
cf-request-id
08e364d098000004973f31e000000001
last-modified
Mon, 08 Feb 2021 10:20:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72dbc4a0497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzZkZDExYzI5ZWFhNzViYmU1NTUyNWNkNzYxMTQwNWY5LmpwZWc.webp
s-img.mgid.com/g/8164859/492x277/0x0x899x599/ Frame B373 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164859/492x277/0x0x899x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzZkZDExYzI5ZWFhNzViYmU1NTUyNWNkNzYxMTQwNWY5LmpwZWc.webp?v=1616011573-U4n9rHwkzYvqkIuXSDJVbzGffR427tbm3k-CpvDn2zs
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc4d1be57bd9522ed6d89990d21a04c42491f9f3b522bc6624f6ee0c465ae698

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
fc936c55-05e8-4c34-b7aa-b12eeaefc11e
age
3231834
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19220
cf-request-id
08e364d099000004974a9cc000000001
last-modified
Mon, 08 Feb 2021 10:20:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72dcc550497-CDG
aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDMvMTIvdXMtcHJlc2lkZW50LWpvZS1iaWRlbnMtbmFtZS13aWxsLW5vdC1hcHBlYXIuanBn.webp
s-img.mgid.com/g/0/492x277/0x0x0x0/ Frame B373 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/0/492x277/0x0x0x0/aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDMvMTIvdXMtcHJlc2lkZW50LWpvZS1iaWRlbnMtbmFtZS13aWxsLW5vdC1hcHBlYXIuanBn.webp?v=1616011573-Wu14dZOsMmW7MMX9YlfpZuXbQFhAIB2Hu3ZPHERYCUQ
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1afbb5768374749e5d55cf81d2ac952ec144570777bd28a0e5fbf471ed2a117

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
f7a2455a-8da0-439c-b099-4d06a21144d6
age
2766
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14770
cf-request-id
08e364d0a1000004978e842000000001
last-modified
Wed, 17 Mar 2021 19:12:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72dcc7d0497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTEtMDYvMTAxOTI0LzgyNzNlNDE2YjU0YThjNTEyYTc1YTEzODQ0NTk0MWUwLmpwZWc_dD0xNTQxNTIyODc3NDIz.webp
s-img.mgid.com/g/8164839/492x277/21x11x492x328/ Frame B373 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164839/492x277/21x11x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTEtMDYvMTAxOTI0LzgyNzNlNDE2YjU0YThjNTEyYTc1YTEzODQ0NTk0MWUwLmpwZWc_dD0xNTQxNTIyODc3NDIz.webp?v=1616011573-4a5uGqEtHLOKC7I1hN5uu3gbAiTFu3phVOHYDSTu_FM
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65848c733b944f74defe77cab47a83582f9d0888606ec68f345263ddd63e67a5

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
2d349c7f-ea9a-4c0f-ac12-80cfbfab6e15
age
3231810
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6472
cf-request-id
08e364d0aa00000497a2aa8000000001
last-modified
Mon, 08 Feb 2021 10:20:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72ddcb10497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2QwZGE1NGNmMmY1ZTg3YmY5NGE3YTZhOGFhZjJiZWMyLmpwZWc.webp
s-img.mgid.com/g/8164838/492x277/0x0x2049x1366/ Frame B373 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164838/492x277/0x0x2049x1366/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2QwZGE1NGNmMmY1ZTg3YmY5NGE3YTZhOGFhZjJiZWMyLmpwZWc.webp?v=1616011573-GQqPCjCJfp22c6ORGRA_o2oQV4iwPWrOXEvsDESwzh0
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c79d105d05df2684fa4ccbd03d00a8258c11e1db815e6b7577aadf7e6edfe1

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
4c041aa0-598d-4a71-8c77-09ea449c42f5
age
3231561
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10998
cf-request-id
08e364d0ad000004973cbe8000000001
last-modified
Mon, 08 Feb 2021 10:20:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72decc20497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp
s-img.mgid.com/g/8164890/492x277/0x0x900x600/ Frame B373 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164890/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp?v=1616011573-A8E6Smt4oBsnYNtHovLdehk3UDdbGoYs0cHgOy1icqs
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b89f6f8287ac19597821934089278793ff78ed66a158955cc0141617a1b21e98

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
833d9e26-ec9d-46e0-9648-ab9c3f40eb34
age
3231757
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8536
cf-request-id
08e364d0b500000497400fc000000001
last-modified
Mon, 08 Feb 2021 10:20:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72decf60497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.mgid.com/g/8164889/492x277/0x124x565x376/ Frame B373 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164889/492x277/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1616011573-FOXMGpkNj1ieR8k_5Zd4mMd586bdrYtW4fKO8oPOndE
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
defdc955e936cb660fb097886c7e9629ff16d594d54d48621a30151c729c9a0a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
dd3e4134-0b0a-45ac-899a-6ca164e38f9b
age
3231874
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14122
cf-request-id
08e364d0b80000049745ae4000000001
last-modified
Mon, 08 Feb 2021 10:20:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72dfd000497-CDG
aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDMvMTcvdXMtcHJlc2lkZW50LWpvZS1iaWRlbi1zYWlkLXJ1c3NpYS13aWxsLXBheS5qcGc.webp
s-img.mgid.com/g/0/492x277/0x0x0x0/ Frame B373 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/0/492x277/0x0x0x0/aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDMvMTcvdXMtcHJlc2lkZW50LWpvZS1iaWRlbi1zYWlkLXJ1c3NpYS13aWxsLXBheS5qcGc.webp?v=1616011573-guOqBs5Tlb-j7GEfNMwsgp7cwp8MJX1M6qA1rL4v1aE
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e77e31defbe42329d58c6e693a58ab172b65cc66a6050c425259466c29ee5932

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
ca967525-bb77-4946-8b7d-decb8de75cce
age
434
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6348
cf-request-id
08e364d0b90000049728180000000001
last-modified
Wed, 17 Mar 2021 19:33:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72dfd020497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.mgid.com/g/8193525/492x277/0x311x684x456/ Frame B373 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193525/492x277/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1616011573-bmb3DJiVRN3jYWQqrk0XWD6YK7WNlQgnxuhtAyyqmmE
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aae7f67b0a890728d141dd89c222472429682a0f2fc6273eb92dfc2f58126d6

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
eaf15120-bd53-4115-abd7-2d1c1ff713ce
age
3069751
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13282
cf-request-id
08e364d0bd0000049775193000000001
last-modified
Wed, 10 Feb 2021 07:15:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72dfd100497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x277/0x0x1001x667/ Frame B373 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164884/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1616011573-pnJRKxBnYSRbCK6IcE_o9ZP0gWlToFxRegjZEoiK5hg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521650f230fb40fdbfa06b56e8c084f9347fbf2a2e9fccd8216080f56cfb638b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
6747c35f-08e7-4b7b-b8bf-78ef28a914d2
age
3231812
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17234
cf-request-id
08e364d0c7000004976d9a6000000001
last-modified
Mon, 08 Feb 2021 10:20:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72e0d250497-CDG
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2RlM2Y5MmY0NmU3OTk0Y...
s-img.mgid.com/g/8164840/492x277/-/ Frame B373 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164840/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2RlM2Y5MmY0NmU3OTk0Y2VlZjQ2NTAwOTM4YTMxYzMuanBn.webp?v=1616011573-HIE0oEGYIUfbQP1AXWPMLf2KayZ7wjSgoifaCNuY0LU
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef5b36ccbdec33b7bce73a0ecd576dce20937cedf180223bd4eb52e5a8168a46

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
f788a246-0762-4813-b563-6781b75fba9d
age
3231851
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
cf-request-id
08e364d0ce000004977b086000000001
last-modified
Mon, 08 Feb 2021 10:20:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72e1d3f0497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp
s-img.mgid.com/g/8193499/492x277/125x507x492x328/ Frame B373 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193499/492x277/125x507x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp?v=1616011573-rsVbqjF5oaT8oc0z8IVfjKADhLDorDr4VAihsq27Mx8
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac60840041656e58395c840c23018db25c1c4e8af88040c2cb2615235ea54d0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
8580a207-9402-405f-b7c4-8e9fe227d942
age
3069635
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26552
cf-request-id
08e364d0d4000004973f327000000001
last-modified
Wed, 10 Feb 2021 07:15:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72e1d5b0497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/492x277/0x89x1080x720/ Frame B373 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164857/492x277/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1616011573-IOMSvmZWsdXSE1kUq0RjEjpAnOT8vyRUS2E_bow5nRU
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48051e4b1aa3d6ed46f83b00f861735ae4b367785242a14882c420143401288e

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
c021fbc8-ad0f-47f6-bca7-4dafde137f45
age
3231883
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6240
cf-request-id
08e364d0d2000004978e845000000001
last-modified
Mon, 08 Feb 2021 10:20:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72e1d680497-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2YwOGJiYTYyZTZiNTczY2MzZThhMzY1ZTUyMjU2ZWQ0LmpwZWc.webp
s-img.mgid.com/g/8164910/492x277/0x9x612x408/ Frame B373 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164910/492x277/0x9x612x408/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2YwOGJiYTYyZTZiNTczY2MzZThhMzY1ZTUyMjU2ZWQ0LmpwZWc.webp?v=1616011573-b_0Dc3Rn4UBQfxr5M0f3rkm_TW0alxywGXHAIsuJLQA
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7aba06fbd0493aae4d0d9d6c9571c898aca7401a628dcb16c9030e2279b4b1

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
09726fb8-2254-4968-baef-fc49e5e96afa
age
3231729
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12270
cf-request-id
08e364d0d6000004974b390000000001
last-modified
Mon, 08 Feb 2021 10:20:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6318d72e1d6b0497-CDG
widget-ssp-performance
c.mgid.com/ Frame B373 		43 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=236
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6318d72d8bb90497-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e364d073000004979e102000000001
ee0b9c04dc
bam-cell.nr-data.net/1/ Frame BF21 		57 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/ee0b9c04dc?a=363164778&v=1198.fe6ec20&to=NQQGNhBXV0BZVkJdDgxOJxcRQlZeF3hZUDYHAyINEFtvAQIPZVwOFTYBACRZS14YGAgUEgsVAVA%3D&rst=831&ck=1&ref=https://ibt-mail.com/site2/ibt_us_2021/&ap=116&be=471&fe=769&dc=769&perf=%7B%22timing%22:%7B%22of%22:1616011572498,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:1,%22rp%22:322,%22rpe%22:323,%22dl%22:350,%22di%22:768,%22ds%22:768,%22de%22:769,%22dc%22:769,%22l%22:769,%22le%22:769%7D,%22navigation%22:%7B%7D%7D&at=GUMRQFhNG0BdRkVdDgw%2BFwsYUxsJCBkURwQREg0NDGlQVxoPFBZNQBEFDAdaZkdBRVMWW0AOCAZAGhtQSkxGQA5AW0YLAEIbThQXVxZbGRwZ&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://ibt-mail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
6318d72d5bdfedbb-CDG
cf-request-id
08e364d0590000edbb4f2d3000000001
b
sb.scorecardresearch.com/ 		0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1616011573330&ns_c=UTF-8&cv=3.5&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&c9=
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:13 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
sr
capi.connatix.com/tr/ Frame 4F19 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=108565
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
be54ec1474ad1493a9db2d2ec0f0d6bb38df3ed2fc1c3a336c8efe2eee3d0b65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"815 / 153 of 1000 / last-modified: 1616009968"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19955
x-xss-protection
0
expires
Wed, 17 Mar 2021 20:06:13 GMT
abd59527-f7b7-439a-9adf-e1906f0b4902.bin
vid.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ Frame 4F19 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/abd59527-f7b7-439a-9adf-e1906f0b4902.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.58.137 London, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
940042ff2f26496092cf9197b9ad6f0935762aaccb0e950e7fcdcfa6dee57c02

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 01:56:33 GMT
age
65249
etag
"21ccdf3d8a6925d5cc74ed6a8701676b"
x-served-by
cache-bwi5145-BWI, cache-lon4226-LON
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1616011573.479941,VS0,VE0
content-length
810
x-cache-hits
1, 2
1.png
img.connatix.com/31e6619b-4bfe-49be-9083-d8ec2c6b8340/ 		22 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/31e6619b-4bfe-49be-9083-d8ec2c6b8340/1.png
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
675c6f677b3cb70247991150c36e460ccbaf94546161828f759d11a0709c2d2a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
br
age
642317
x-cache
HIT, HIT
fastly-io-info
ifsz=41633 idim=838x589 ifmt=png ofsz=22314 odim=838x589 ofmt=png
fastly-stats
io=1
content-length
20898
x-served-by
cache-dca17749-DCA, cache-fra19173-FRA
access-control-allow-origin
*
x-timer
S1616011573.429324,VS0,VE1
etag
"6YGbQefqA1BXk+1uT8hMf76vaxxnFV3rHv5HJMDDGWw"
x-amz-request-id
7XZWYBGJDX7D6TNY
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
x-cache-hits
1, 1
mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
fonts.gstatic.com/s/roboto/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 10:21:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jan 2015 22:48:53 GMT
server
sffe
age
380675
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19684
x-xss-protection
0
expires
Sun, 13 Mar 2022 10:21:38 GMT
usync.html
eus.rubiconproject.com/ Frame 3200
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?consentData=&gdprApplies=0&cbuster=1616011573309745196257
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.212.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-30-212-16.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMDVKDOH-1O-CLC2; rsid=1|HtC7NkcHr+vRXCfuzNEvJhnvpsxMOKmt0RpqCfqlbmAn/eqVO2zhQcPyY76PiuakRhivsz3GAAuzFkbJMy/+K1uqnlcKuQw1qy8pecDeQU51/D/GC6NBOKqTS6LHMFv/BdTLwVQPPUDx; ses2=; vis2=234676^1; audit=1|SDziDG3X/EgpPFjNbRZbb58Kcx/hEla9cZcHmYOeeLC0wf6q5TIrDfx9lJ9bi1t7Pv1CeJBev9QLwBteZaBaVX8c2ol0zsAX; ses15=; vis15=234676^1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Mar 2021 20:06:13 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Wed, 17 Mar 2021 20:06:13 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDJoZG5yMjF5cTZk&muidn=l2hdnr21yq6d
  • https://cm.mgid.com/google?muidn=l2hdnr21yq6d&google_ula={guid},5&google_gid=CAESEOwZc7dzL3sldRhEUVyRByg&google_cver=1
0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l2hdnr21yq6d&google_ula={guid},5&google_gid=CAESEOwZc7dzL3sldRhEUVyRByg&google_cver=1
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6318d72eef460497-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e364d14f00000497318af000000001

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l2hdnr21yq6d&google_ula={guid},5&google_gid=CAESEOwZc7dzL3sldRhEUVyRByg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=d5f89ada-3253-4f28-bf96-d1e85fd55451
43 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=d5f89ada-3253-4f28-bf96-d1e85fd55451
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
afea1da1-220c-4da7-9fac-5469d232fd04
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6318d7326fa60497-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e364d37e000004978e1b9000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=d5f89ada-3253-4f28-bf96-d1e85fd55451
date
Wed, 17 Mar 2021 20:06:14 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=169dbcc8-7313-4c9d-ba6a-c872a2d470e1&ttl=1618603573
43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=169dbcc8-7313-4c9d-ba6a-c872a2d470e1&ttl=1618603573
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
9c0be8cd-81b8-41ea-9b69-052c5d1eef53
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6318d72f1fe40497-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e364d17200000497660ba000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=169dbcc8-7313-4c9d-ba6a-c872a2d470e1&ttl=1618603573
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
RX-08457156-68e3-447a-b7c8-6d5e57e7c0c5-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l2hdnr21yq6d
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l2hdnr21yq6d
  • https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/b89f4c30-9bb2-47ee-9c84-f6406603f384?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/b89f4c30-9bb2-47ee-9c84-f6406603f384?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/b89f4c30-9bb2-47ee-9c84-f6406603f384?zcc=1&dspret=0&cb=1616011573714
  • https://sync.targeting.unrulymedia.com/csync/RX-08457156-68e3-447a-b7c8-6d5e57e7c0c5-003
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-08457156-68e3-447a-b7c8-6d5e57e7c0c5-003
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.147.151 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:13 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-08457156-68e3-447a-b7c8-6d5e57e7c0c5-003
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
/
cm.lentainform.com/setmuidn/ 		0
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l2hdnr21yq6d
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6318d72e9d6f047a-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e364d11d0000047ad0283000000001
/
cm.idealmedia.io/setmuidn/ 		0
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l2hdnr21yq6d
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6318d72e7f0c145a-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
cf-request-id
08e364d1070000145ab59c1000000001
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=ZzlMlf2tXkZzE68Bz7Ky&pi=mgid&tc=1
43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=ZzlMlf2tXkZzE68Bz7Ky&pi=mgid&tc=1
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
8080d760-003d-4b6a-ae47-2ed32257acc1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6318d72f1fd10497-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e364d16c000004976b81f000000001
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=ZzlMlf2tXkZzE68Bz7Ky&pi=mgid&tc=1
pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT, Wed, 17 Mar 2021 20:06:13 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=99cd82d6-ed4b-4bd4-89eb-670fa6bb5f1d&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=b89f4c30-9bb2-47ee-9c84-f6406603f384&gdpr=&gdpr_consent=&us_privacy=
43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=b89f4c30-9bb2-47ee-9c84-f6406603f384&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:13 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
9fb2fef6-87e0-473b-af6e-4e53ce6cd24c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6318d72f78c80497-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e364d1aa0000049751871000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=b89f4c30-9bb2-47ee-9c84-f6406603f384&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 17 Mar 2021 20:06:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
822
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Thu, 17 Mar 2022 19:52:31 GMT
ao
capi.connatix.com/tr/ Frame 4F19 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=108565
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
g
capi.connatix.com/rtb/ Frame 4F19 		509 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=108565
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
58f1916cb8dce18625baca4f479e6c5c5e7d1d8805c08e266c4f3014abe861f4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 17 Mar 2021 20:06:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
ps
capi.connatix.com/tr/ Frame 4F19 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=108565
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
933bcb7c-1397-41c6-b46b-a980946db10b.jpg
img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ 		34 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/933bcb7c-1397-41c6-b46b-a980946db10b.jpg?crop=580:398,smart&width=580&height=398&format=jpeg&quality=60&fit=crop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f62c9a49d72d81de7f1a4ff8c4294eb63f60d1b14f4b6d86c64ad0e4781087ec

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
br
age
65355
x-cache
HIT, HIT
fastly-io-info
ifsz=139234 idim=1024x682 ifmt=jpeg ofsz=34465 odim=580x398 ofmt=jpeg
fastly-stats
io=1
content-length
33929
x-served-by
cache-dca17778-DCA, cache-fra19173-FRA
access-control-allow-origin
*
x-timer
S1616011574.572423,VS0,VE2
etag
"J0ZRjXM6Yt1vhQwFUhFdPz+7Ie7WoXfmdhJd4X5F9qY"
x-amz-request-id
CSX15BETCBFWRYXX
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4F19 		330 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116759
x-xss-protection
0
expires
Wed, 17 Mar 2021 20:06:13 GMT
933bcb7c-1397-41c6-b46b-a980946db10b.jpg
img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/933bcb7c-1397-41c6-b46b-a980946db10b.jpg?crop=580:326,smart&width=580&height=326&format=jpeg&quality=60&fit=crop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a9996b0faa7b01a88c2452067b07c1109c0835bc683354c40d7a35945cfd850b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
br
age
65355
x-cache
HIT, HIT
fastly-io-info
ifsz=139234 idim=1024x682 ifmt=jpeg ofsz=30588 odim=580x326 ofmt=jpeg
fastly-stats
io=1
content-length
30133
x-served-by
cache-dca17758-DCA, cache-fra19173-FRA
access-control-allow-origin
*
x-timer
S1616011574.586787,VS0,VE1
etag
"6Xlsf6TALDE9C6C8f4DjGgXC4BrjNutS+pNZmF9QWKY"
x-amz-request-id
CSX15BETCBFWRYXX
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1
9f9855f4-a8ec-40e6-93cd-02b2d2b4445d.jpg
img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/9f9855f4-a8ec-40e6-93cd-02b2d2b4445d.jpg?crop=580:326,smart&width=580&height=326&format=jpeg&quality=60&fit=crop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
944df86ebef787cc7857e167743f5a70f21538c1f73fbf27af8425c6720ff855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
br
age
65354
x-cache
HIT, HIT
fastly-io-info
ifsz=76482 idim=1024x698 ifmt=jpeg ofsz=16112 odim=580x326 ofmt=jpeg
fastly-stats
io=1
content-length
15738
x-served-by
cache-dca17727-DCA, cache-fra19173-FRA
access-control-allow-origin
*
x-timer
S1616011574.587556,VS0,VE1
etag
"UOf/4hE8J5RaRIwyD0xuK3OSbfc+VFN5fq2LpRFayoA"
x-amz-request-id
5Q7017RKX85B018G
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1
6261d4ef-4a04-4c47-9c3f-22f5ec68d37d.jpg
img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/6261d4ef-4a04-4c47-9c3f-22f5ec68d37d.jpg?crop=580:326,smart&width=580&height=326&format=jpeg&quality=60&fit=crop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
45a63bbe77d0bcdbdd3bc18561c994f2a5cd10913f31bbced17cede23e73604e

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
br
age
65354
x-cache
HIT, HIT
fastly-io-info
ifsz=86795 idim=1024x656 ifmt=jpeg ofsz=18467 odim=580x326 ofmt=jpeg
fastly-stats
io=1
content-length
18007
x-served-by
cache-dca17749-DCA, cache-fra19173-FRA
access-control-allow-origin
*
x-timer
S1616011574.600025,VS0,VE1
etag
"spNqrImXLYZxQjGB0Nlf+XqMJDvyJPaf0/bzPnZzcxI"
x-amz-request-id
5Q715HX49BVGEKQ4
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1
987bb3b8-82e3-4909-aff5-e1dd662eb439.jpg
img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/987bb3b8-82e3-4909-aff5-e1dd662eb439.jpg?crop=580:326,smart&width=580&height=326&format=jpeg&quality=60&fit=crop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ee9f2fab39df1fb600a576ac7c1bc66ea89be69279074ff2967d98747bc399b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
br
age
65354
x-cache
HIT, HIT
fastly-io-info
ifsz=45028 idim=1024x682 ifmt=jpeg ofsz=12649 odim=580x326 ofmt=jpeg
fastly-stats
io=1
content-length
12257
x-served-by
cache-dca17782-DCA, cache-fra19173-FRA
access-control-allow-origin
*
x-timer
S1616011574.600304,VS0,VE1
etag
"JhyYfhsZ2wnOpgViYxbfdDbftN3roAw6/HQAkjcJRzU"
x-amz-request-id
5Q78NA192S5DA9E9
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
2, 1
d12fc755-8737-42d5-b349-f7305b9e4a29.jpg
img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/d12fc755-8737-42d5-b349-f7305b9e4a29.jpg?crop=580:326,smart&width=580&height=326&format=jpeg&quality=60&fit=crop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9aac35b5757a7fb48132c6a19b463d6e5c1135870780fff822af2f05cf6227fe

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
br
age
65353
x-cache
HIT, HIT
fastly-io-info
ifsz=54843 idim=1024x682 ifmt=jpeg ofsz=15301 odim=580x326 ofmt=jpeg
fastly-stats
io=1
content-length
14911
x-served-by
cache-dca17731-DCA, cache-fra19173-FRA
access-control-allow-origin
*
x-timer
S1616011574.609790,VS0,VE1
etag
"rm2yCrcDK3XJlxj4iK4KbXOTPDwWF4j5EvCfaf+6vOU"
x-amz-request-id
5Q78R2N3WGCSFJ2A
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1
usync.js
eus.rubiconproject.com/ Frame 3200 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.212.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-30-212-16.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54781
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Thu, 18 Mar 2021 11:19:14 GMT
bridge3.447.1_en.html
imasdk.googleapis.com/js/core/ Frame 35AC 		576 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.447.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192496
date
Sun, 14 Mar 2021 13:29:38 GMT
expires
Mon, 14 Mar 2022 13:29:38 GMT
last-modified
Sun, 14 Mar 2021 13:23:56 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
282995
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 4F19 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 17 Mar 2021 20:06:13 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9900 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2328
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 17 Mar 2021 20:27:25 GMT
truncated
/ Frame 3C38 		252 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d36f71a98a5d73163c3aa0294b646abe665218ab260c1cf38d764907b5576c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3C38 		492 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2f9850085a3507e901365d8b841808d71cf4c31d1a8df9ea332ddec2971be72

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3C38 		460 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92ad5b045b4bf2f1a4235164a9ad2a3ba3a360ea6eeed76a717143333acea0b9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3C38 		518 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03a24c1310b8410132d9ae5050ec0382090ee6897a7502b176b511073f826926

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ Frame 3C38 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700&amp;subset=cyrillic
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://frontend.1worldonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:19:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:37 GMT
server
sffe
age
593228
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16256
x-xss-protection
0
expires
Thu, 10 Mar 2022 23:19:05 GMT
truncated
/ Frame 3C38 		241 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f4399b4bcb57c4a56592d088bdf643dd39de6110c484510cf136fa691a6fcf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3C38 		497 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcf99dd22e9e501cb0cbf359b98c05554c98c69b76b50f3a279c92137f9087d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3C38 		375 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e4e6d7711f0bda0c536407684f91e403f7f4df81daa9576ab010fc82ee5a0bb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3C38 		340 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50bdaa8b5540c2c86d0f9c281d25ab06d9bc47b277eabfc9a7c7ac88958cac58

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
poll_icondb2a69c6-0797-440e-93c7-1a4740156c1f-0-900x300
d2fw4nb4g546bx.cloudfront.net/ Frame 3C38 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2fw4nb4g546bx.cloudfront.net/poll_icondb2a69c6-0797-440e-93c7-1a4740156c1f-0-900x300
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/smart3-9724ff1e.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-205.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18ff0e435eee078467b91879d2439c1a54b26f608c05501ce864b3d7e9ebc579

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 17:37:33 GMT
Via
1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 17 Mar 2021 17:35:49 GMT
Server
AmazonS3
Age
8921
ETag
"c6ad1efb212d8903610c840295d27a99"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
public,max-age=172800
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
62181
X-Amz-Cf-Id
3-b0ubQQf5fyhH25H5GWTkKSprC6YbQjY-6cJZhU3KlCdOVpO4RW_Q==
score
app.1worldonline.com//account/ Frame 3C38 		147 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.1worldonline.com//account/score
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/widget-smart.min-73559509.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.53.123.199 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-123-199.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
81d638bdb497b8b3284fad4fa2e5bc18c6957a7ff95d6b04954aa292615d3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://frontend.1worldonline.com
Access-Control-Expose-Headers
Content-Disposition, Cache-Control
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
location
app.1worldonline.com/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401/ Frame 3C38 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.1worldonline.com/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401/location?location=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&deviceType=desktop
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/widget-smart.min-73559509.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.53.123.199 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-123-199.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://frontend.1worldonline.com
Access-Control-Expose-Headers
Content-Disposition, Cache-Control
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
partner_logod2865420-db84-4769-b24a-d8cd9d159ebc-0
d2fw4nb4g546bx.cloudfront.net/ Frame 3C38 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2fw4nb4g546bx.cloudfront.net/partner_logod2865420-db84-4769-b24a-d8cd9d159ebc-0
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-205.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18957da19be7c8e169e12ecdc59cb682438d17ae338ffa77effdcd550fbb3303

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:55:53 GMT
Via
1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Mon, 11 Nov 2019 17:02:45 GMT
Server
AmazonS3
Age
151821
ETag
"33a82aa538cef392057465de9fbb9018"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public,max-age=172800
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
1490
X-Amz-Cf-Id
qQcmgpKifjxvhmA2NnvDTvykef_u2gF6mEi3mrtrFm7sRSL3DpYJCw==
p
aux.fqtag.com/aux/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/p
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 17 Mar 2021 20:06:13 GMT
via
1.1 google
alt-svc
clear
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3200 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=mgid
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif
integrator.js
adservice.google.com/adsid/ Frame 4F19 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Mar 2021 20:06:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 35AC 		81 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6650&description_url=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3986633849153957&cust_params=domains%3Dwww.ibtimes.com&sdkv=h.3.447.1&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2978421690&sdk_apis=2%2C8&sid=26DE61BB-AD98-4B66-BAD5-5030E2F9BB32&eid=44730612&url=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&dlt=1616011572462&idt=1308&dt=1616011574192&cookie_enabled=1&scor=3450130723354950&ged=ve4_td2_tt0_pd2_la2000_er1519.318.1672.618_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
03c6ebd1cf12e5f666d2fa45d53c69ab61a50a5811b93ec7f1c3f8c3378a47f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14918
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3200
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENNLitcA0ZAbe5tzEfaWy5Y&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENNLitcA0ZAbe5tzEfaWy5Y&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENNLitcA0ZAbe5tzEfaWy5Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3200
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01EVktET0gtMU8tQ0xDMg==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01EVktET0gtMU8tQ0xDMg==
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01EVktET0gtMU8tQ0xDMg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 3200 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-70-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3200
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTBjMGE5NjQxNjJjZTIwZmIyZWU5NTY2MDAxYzJlMWU4M2Q1MmIxZg
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTBjMGE5NjQxNjJjZTIwZmIyZWU5NTY2MDAxYzJlMWU4M2Q1MmIxZg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTBjMGE5NjQxNjJjZTIwZmIyZWU5NTY2MDAxYzJlMWU4M2Q1MmIxZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3200
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/S14y2GuyrhlWcL8m3EQuK8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7605713413841921160
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7605713413841921160
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

date
Wed, 17 Mar 2021 20:06:14 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7605713413841921160
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame 3200 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:14 GMT
via
1.1 google
alt-svc
clear
content-length
0
v1
ads.yahoo.com/cms/ Frame 3200
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMDVKDOH-1O-CLC2&sigv=1&esig=2~b8aa9582826521ed49c7431da175d22eadc1ff28
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMDVKDOH-1O-CLC2&sigv=1&esig=2~b8aa9582826521ed49c7431da175d22eadc1ff28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:14 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMDVKDOH-1O-CLC2&sigv=1&esig=2~b8aa9582826521ed49c7431da175d22eadc1ff28
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3200
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YFJhNgAAAKMiVzoG
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFJhNgAAAKMiVzoG&_test=YFJhNgAAAKMiVzoG
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFJhNgAAAKMiVzoG&_test=YFJhNgAAAKMiVzoG
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616011575.858960,VS0,VE0
x-served-by
cache-hhn4047-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFJhNgAAAKMiVzoG&_test=YFJhNgAAAKMiVzoG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
5154892.js
js-na1.hs-scripts.com/ 		835 B
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-na1.hs-scripts.com/5154892.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1616011500000/5154892.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee810a5441d736733bfd99226ce18a7452222311fa715a8717611bf7b4ae059

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
9
cf-polished
origSize=942
cf-request-id
08e364d3de000097c6cf8db000000001
cf-bgj
minify
server
cloudflare
x-trace
2BBE43F094E855872F03DAAB1EDAE120BD2FB7C876000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.ibtimes.com
cache-control
public, max-age=30
access-control-allow-credentials
true
cf-ray
6318d732fa4997c6-FRA
__ptq.gif
track.hubspot.com/ 		45 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2176140176&v=1.1&a=5154892&rcu=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369&pu=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ&t=Who+Is+Dr.+Rochelle+Walensky%3F+Meet+Biden%E2%80%99s+CDC+Director+Pick&cts=1616011574228&vi=b6a0018523190ecdeafe112f1815a9d3&nc=true&ce=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:14 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
6318d7330e804a91-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
cf-request-id
08e364d3e800004a9126b28000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AQZu4mR6O7k6TfF3VRnpiQU8SbUJNcngwGZpViokG6LT7RENrqqEuXcsL9oefUd0%2BnvXWd06xBQBoLO2TeQWlJN4l4jPQOPVq0vydnO7wdLW9fqjvA65bhIMD6mOLw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
cs.js
sb.scorecardresearch.com/c2/7922264/ 		0
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/c2/7922264/cs.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F22G6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2011 23:11:26 GMT
ETag
"d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=259200
Connection
keep-alive
Content-Length
20
Expires
Sat, 20 Mar 2021 20:06:14 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7c00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
53b6415b1677dad175c81c0eb4a847adf92497ba0e17426ba719ea1da278a170

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 20:19:17 GMT
content-encoding
gzip
last-modified
Fri, 12 Mar 2021 02:13:48 GMT
server
nginx
age
85617
etag
W/"604ace5c-8e8f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 e39402e2cf62b31f7774452c905f38f3.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
diQrnmnSP7wrtk_1T5mHcnzl1ekPF8BiLMud6k8KR5o1-dXY9v0_Mg==
expires
Wed, 17 Mar 2021 20:19:17 GMT
v2ywxhUWyowOECoXlp0CTzaahB7sOvzDemG2GGG9TqYRQxlJ9WVe12RiIKaZBGO7mK-ZNPFYNpy9cxd9kr6M00dvUuZJmyfKEOoxwFpaHYoASrNE
stalesummer.com/ 		216 B
613 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stalesummer.com/v2ywxhUWyowOECoXlp0CTzaahB7sOvzDemG2GGG9TqYRQxlJ9WVe12RiIKaZBGO7mK-ZNPFYNpy9cxd9kr6M00dvUuZJmyfKEOoxwFpaHYoASrNE
Requested by
Host: stalesummer.com
URL: https://stalesummer.com/v2jwa09-ea5JgtGMI8UDv_W4HlKfJLPJbfeNXviAWNmyjExu0se_D1bU_Pr8x9zyUiVxfGFG-_0hNq8v4c7qG8GBjE4T6vWc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.48.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.48.190.35.bc.googleusercontent.com
Software
/
Resource Hash
a2ca5ee3390ecbb183cb6c5dec95b6bcf171474b226893f2c0ed2fedded6ba26
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 17 Mar 2021 20:06:14 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ibtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
2c48c892
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Wed, 17 Mar 2021 20:06:13 GMT
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=ibtimes.com&p=%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369&u=Cykm5nDIyyUlKSIEB&d=ibtimes.com&g=23870&g0=national&g1=Dawn%20Geske&n=1&f=00001&c=0&x=0&m=0&y=5060&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3622&t=DsHKjKC1s6_nCoTWW2DFHMqxCeYtUe&V=124&i=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&tz=-60&sn=1&sv=B2gy5dB7E2WgDd18CAB9P32jDi7sTm&sd=1&im=067b2ef0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.98.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-98-49.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
v2xbw6VSSofPNSWEZ9gv_QoH1Jy3yVQqFWNXdo3Ae03xTx513ML8X-ERaIMXJwRMZG3ECl4qPrzugDsuuql7I0Y4GXqzpgJPokKwj9CloE9GFIDM
stalesummer.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stalesummer.com/v2xbw6VSSofPNSWEZ9gv_QoH1Jy3yVQqFWNXdo3Ae03xTx513ML8X-ERaIMXJwRMZG3ECl4qPrzugDsuuql7I0Y4GXqzpgJPokKwj9CloE9GFIDM
Requested by
Host: stalesummer.com
URL: https://stalesummer.com/v2jwa09-ea5JgtGMI8UDv_W4HlKfJLPJbfeNXviAWNmyjExu0se_D1bU_Pr8x9zyUiVxfGFG-_0hNq8v4c7qG8GBjE4T6vWc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.48.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.48.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 17 Mar 2021 20:06:14 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ibtimes.com
access-control-allow-credentials
true
x-hostname
2c48c892
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
csi
csi.gstatic.com/ Frame 35AC 		0
331 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kmdvkemb&c=5962602916696&slotId=2981301458348&qqid=CP6t2J6QuO8CFeFM5Qod6cwDcg&gqid=NmFSYKSUDv_J7_UP7r-fsAI&fb=ima-html5&sdkv=h.3.447.1&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44730612&met.4=ghmsh_s.kmdvkf8t~ghmsh_s.kmdvkf8u&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=SknepIjzDFa0oqHH
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:815::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 35AC 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Com4xNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT5A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9a2LAS8oiQt4I5T28-yKlGWLKhxJhNFrxqJU_ABLvzjPbGA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTExMDI0NzEwNTg0MDMyMLEJGv84k_A6PvSACgOYCwHICwHQCw64DAHYEw3iFgIIAQ&sigh=MyQC-e_CgkI&label=show_ad&acvw=&sdkv=h.3.447.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ2OTQ4NTM3MTUxNDIMNTA1MjUxNDU5NTc0QPICUh0QDyUAAPBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 35AC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CkMo7NmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT2A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9agLGgmIC6V4yrhJinlkbfYG49u0r5WKbABLvzjPbGA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG9gHAfIHBBC1_SKoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTExMTAyNDcxMDU4NDAzMjCACgPICwHCEwYYnK_7qALYEw3iFgIIAbIXGgoYCAASFHB1Yi0xOTI5NjE1Njk0MzczMTAz&sigh=e9azX3QcAHg&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&vt=10&sdkv=h.3.447.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ2OTQ4NTM3MTUxNDIMNTA1MjUxNDU5NTc0QPICUh0QDyUAAPBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
hqdefault.jpg
i.ytimg.com/vi/KjbhA_CqJFg/ Frame 35AC 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/KjbhA_CqJFg/hqdefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95720565a8d6c2bdc7c9c8c133a5c6755e32022778f1781a2f495dc1d948b095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:53:03 GMT
x-content-type-options
nosniff
server
sffe
age
791
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14224
x-xss-protection
0
expires
Wed, 17 Mar 2021 21:53:03 GMT
truncated
/ Frame 35AC 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
csi
csi.gstatic.com/ Frame 4F19 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kmdvkeiv&c=5962602916696&slotId=2981301458348&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:815::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 35AC 		0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.447.1&e=44730612&id=ima_html5&c=4480501069443662&domain=www.ibtimes.com
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r2---sn-4g5ednle.googlevideo.com/
Redirect Chain
  • https://r2---sn-4g5ednle.googlevideo.com/videoplayback?expire=1616040374&ei=NmFSYNbqH5mJ1gLU9JfIDQ&ip=37.120.217.220&id=2a36e103f0aa2458&itag=22&source=youtube&requiressl=yes&mh=We&mm=31&mn=sn-4g5e...
  • https://r2---sn-4g5ednle.googlevideo.com/videoplayback?expire=1616040374&ei=NmFSYNbqH5mJ1gLU9JfIDQ&ip=37.120.217.220&id=2a36e103f0aa2458&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctie...
5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednle.googlevideo.com/videoplayback?expire=1616040374&ei=NmFSYNbqH5mJ1gLU9JfIDQ&ip=37.120.217.220&id=2a36e103f0aa2458&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&xtags=tx=9430863&mime=video/mp4&vprv=1&dur=29.117&lmt=1615832486398400&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,xtags,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgRL_vfEG6eEG-6jxCtI5U4H-GPyKOKGMpi6PCkQKdZwQCIQCm9kuSaMxEsQ1RqyEKXzDjGN4GI0nAmcHV-2f5t7PdXA==&cpn=SknepIjzDFa0oqHH&redirect_counter=1&rm=sn-4g5es67l&req_id=44553ea4d98e36e2&cms_redirect=yes&ipbypass=yes&mh=We&mip=2a01:4f8:121:131a::2&mm=31&mn=sn-4g5ednle&ms=au&mt=1616011529&mv=m&mvi=2&pl=42&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSVUwnh1q0KJPI2UAtlDaCxB7bacI_SpnrEQcNEfzsTQCIBE6HUpbYPj_fNlcQFcznyqUyvoMyiVT-_b7QBcVbOlE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:57::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15 Mar 2021 18:21:26 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-4986244/4986245
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4986245
Expires
Wed, 17 Mar 2021 20:06:14 GMT

Redirect headers

Date
Wed, 17 Mar 2021 20:06:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://r2---sn-4g5ednle.googlevideo.com/videoplayback?expire=1616040374&ei=NmFSYNbqH5mJ1gLU9JfIDQ&ip=37.120.217.220&id=2a36e103f0aa2458&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&xtags=tx=9430863&mime=video/mp4&vprv=1&dur=29.117&lmt=1615832486398400&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,xtags,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgRL_vfEG6eEG-6jxCtI5U4H-GPyKOKGMpi6PCkQKdZwQCIQCm9kuSaMxEsQ1RqyEKXzDjGN4GI0nAmcHV-2f5t7PdXA==&cpn=SknepIjzDFa0oqHH&redirect_counter=1&rm=sn-4g5es67l&req_id=44553ea4d98e36e2&cms_redirect=yes&ipbypass=yes&mh=We&mip=2a01:4f8:121:131a::2&mm=31&mn=sn-4g5ednle&ms=au&mt=1616011529&mv=m&mvi=2&pl=42&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSVUwnh1q0KJPI2UAtlDaCxB7bacI_SpnrEQcNEfzsTQCIBE6HUpbYPj_fNlcQFcznyqUyvoMyiVT-_b7QBcVbOlE
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Wed, 17 Mar 2021 20:06:14 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 35AC 		42 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Com4xNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT5A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9a2LAS8oiQt4I5T28-yKlGWLKhxJhNFrxqJU_ABLvzjPbGA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTExMDI0NzEwNTg0MDMyMLEJGv84k_A6PvSACgOYCwHICwHQCw64DAHYEw3iFgIIAQ&sigh=MyQC-e_CgkI&label=video_ad_loaded&acvw=&sdkv=h.3.447.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ2OTQ4NTM3MTUxNDIMNTA1MjUxNDU5NTc0QPICUh0QDyUAAAxCKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 35AC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 05:35:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52245
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 05:35:29 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 35AC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CkMo7NmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT2A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9agLGgmIC6V4yrhJinlkbfYG49u0r5WKbABLvzjPbGA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG9gHAfIHBBC1_SKoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTExMTAyNDcxMDU4NDAzMjCACgPICwHCEwYYnK_7qALYEw3iFgIIAbIXGgoYCAASFHB1Yi0xOTI5NjE1Njk0MzczMTAz&sigh=e9azX3QcAHg&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&tpd=AGWhJmtueoGH3jjMSrVGelCt8aIRggvvyeE-xuYQvkSsu8sWMA&sdkv=h.3.447.1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 35AC 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1sMmNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT2A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9agLGgmIC6V4yrhJinlkbfYG49u0r5WKbABLvzjPbGA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTExMDI0NzEwNTg0MDMyMIAKA8gLAdgTDeIWAggB&sigh=5a6r5a9hChI&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1519,318,1845,898%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D29048%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D842%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D514422004%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1616011574705%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1616011574603&sdkv=h.3.447.1&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ2OTQ4NTM3MTUxNDIMNTA1MjUxNDU5NTc0QPICUh8QDyUAAAxCKAE6B3Vua25vd25CB3Vua25vd25IV1AAGAE.
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 35AC 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbzb762yNXA-juoMhSeyU-lU67R8AKdvkE9hYaakmN6ImQoKqt6SEiggN6C9uD0ems9E9zjgdl7d_51DKpQFoPdDwDjZDuX7fzd-obpq9rc5h5lSazbJGjzRdC6w&sai=AMfl-YQ_x-WENX9wlJxS6-PlR-xmbCFr_EkjIgeOWkzRXCBD48fI4zYeLpGaaojwiKp5dAc_6zTQKV8sz77OeXx6YjrkwFcSTs5wokUtMZdBgV5I6LQaH6OUAqgwybMp&sig=Cg0ArKJSzIsLG44aZRfZEAE&cid=CAASF-RoqVeGhHTqeoj2K7uILomPYB5BSxfm&id=lidarv&acvw=sv%3D889%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1519,318,1845,898%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D29048%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D842%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D514422004%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1616011574707%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1616011574603&avm=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 35AC 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1sMmNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT2A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9agLGgmIC6V4yrhJinlkbfYG49u0r5WKbABLvzjPbGA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTExMDI0NzEwNTg0MDMyMIAKA8gLAdgTDeIWAggB&sigh=5a6r5a9hChI&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1519,318,1845,898%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D29048%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D842%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D514422004%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1616011574709%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1616011574603&sdkv=h.3.447.1&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ2OTQ4NTM3MTUxNDIMNTA1MjUxNDU5NTc0QPICUh8QDyUAAAxCKAE6B3Vua25vd25CB3Vua25vd25IV1AAGAE.
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 35AC 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.447.1&e=44730612&id=ima_html5&c=4480501069443662&domain=www.ibtimes.com
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 35AC 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1sMmNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT2A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9agLGgmIC6V4yrhJinlkbfYG49u0r5WKbABLvzjPbGA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTExMDI0NzEwNTg0MDMyMIAKA8gLAdgTDeIWAggB&sigh=5a6r5a9hChI&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&label=admute&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1519,318,1845,898%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D19%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D19%26pst%3D-1%26dur%3D29048%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D19%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D842%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D514422004%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1616011574720%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1616011574603&sdkv=h.3.447.1&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ2OTQ4NTM3MTUxNDIMNTA1MjUxNDU5NTc0QPICUh8QDyUAAAxCKAE6B3Vua25vd25CB3Vua25vd25IV1AAGAE.
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:27:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
178715
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:27:39 GMT
ai
capi.connatix.com/tr/ Frame 4F19 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ai?v=108565
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 17 Mar 2021 20:06:15 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame FE3A 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/hhrtBw21.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://imasdk.googleapis.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Tue, 16 Mar 2021 13:13:53 GMT
expires
Wed, 16 Mar 2022 13:13:53 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
111141
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js
pagead2.googlesyndication.com/bg/ Frame FE3A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JceIw9a1pfWTHvRavFZArymxbzecLhY03DLGwiUyfzg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25c788c3d6b5a5f5931ef45abc5640af29b16f379c2e1634dc32c6c225327f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
99657
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5657
x-xss-protection
0
expires
Wed, 16 Mar 2022 16:25:17 GMT
csi
csi.gstatic.com/ Frame 35AC 		0
318 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kmdvkf96&c=5962602916696&slotId=2981301458348&qqid=CP6t2J6QuO8CFeFM5Qod6cwDcg&gqid=NmFSYKSUDv_J7_UP7r-fsAI&fb=ima-html5&sdkv=h.3.447.1&mrd=4&aab=1&itv=1&met.4=ghmsh_s.kmdvkf98~vss_tr.qr
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:815::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
aux.fqtag.com/aux/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/a
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 17 Mar 2021 20:06:14 GMT
via
1.1 google
alt-svc
clear
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE3A 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.447.1&bgai=BKBhnNmFSYP66D-GZlQfpmY-QBwAAAAA4AboFEwikh9eekLjvAhX_5LsIHe7fByY&bg=!urmluf3NAAbUo7L91KM7ACkAdvg8Wveq87apw5wbWlI_nmrN3WNnZ8EVizcZW0YNVu86l5YO7ea0VgIAAABUUgAAAAtoAQcKAZNCqiYYYGENQP28NuG2yyUDLlVbwScLKUuygQRdGQKaMzdQJvUkdpDQohy2PToz00eC32pFUslZAn_o1jjrmr65L4ZjgM1b3bhyUzwc1Bf1xlgJYUM3zsaGbFS6CHm6ornALD857Ei2DfdglFrVsDUto_t3_AnNievlmEGY2rTVJAB9W7IScV7YM1w2XmDdPh7sOF6xPM5U6lkQv_ebOLHPbWcOwADBQrpKFYb2OpinjpRSTmzgN7NnfCCt74e5oMuYa93kU9Uq2JCNAWe-7mMMtf4z9Fb8_eFqQGkzDTyjUBrfX9uy659d2cs4EEyIhi4t3KVu6DQMvU1V_LmbhwoxwLZN221EUkXtyJqWaLOr0PoRS3deE5kfZlaTN0BsI9ZYRYZxDtPF3AosC52lWX-xFaA3RFlX1N0L5AaSJGu7xPg3uVyk0nHIbJOaKxU1nEZ8Q1F3Auy3oKLTzEeq2xczTiX0LKxNTEsBndC1kFZn3oON2oF5nlpmbw2EBZzGRq-TTrzjpIpyWDAX8Bwxti8DFvyrmQHtkcVP-bf0xCy6cON9MH80CjNeYLBjneuY7zZWwh3DKDBXdMnxD0g451Y6hJ5IjrKRw_kpn470JVIdxcirdP79BgDjH0lEBcYUerpaLgbYEgIWd-XwpR1tqZ54B5dsCa32N50lVIyEp6Ybc_r7oZ6pkksVDUQFP5URN2ejZ_NKhuCBM_j3v8lDLykRkLPuHgqE10r5AyxAY4ynBhRwss2VAb5alm4KWFfJya9WmWD94acjCATj8aX_EBzSpScIVkWO9r7NQqydGmjNXsttwJztF1SOD0Eh_2CB6enkGLvyWvq4EHMv46ghM3bW5UrKkViu3ssNLByHuBfHZGYEKKqrmzfyHOHJD3MXOjHze6STt1qDzqXj9KopImAbT5LdaUGH-LV184G2gncbybglXPe4NqQR7X7PrDM6QRbCy3gc7OaHmz7Pozx2j1CFhz7tHDI0AhBfLRjtigDKpF3gjiO5Tr0zqZSU_JQWLuIkfMlWAwXU8qlo-U-dGmVtdMC4Wpmilv6abaGxcFzMLr5LDmiqW7LfmCGqPksY-9HY7PIGHaI1iwgWrn8nTy7u8y9Q6XjUBBV7_jqTkCzXwNm1Ae2vlODbGJtF6jniWnKFM8_09q9FdWQ3mPBfADDKpHx276AUgI7LIq1W4XILXV9fMg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playback
s.youtube.com/api/stats/ Frame 4137 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44730612&el=adunit&cpn=SknepIjzDFa0oqHH&docid=KjbhA_CqJFg&ver=2&cmt=0.193&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.ibtimes.com%2F&len=29.048&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=27&rtn=10
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
envelope
api.rlcdn.com/api/identity/ 		44 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=56
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Mar 2021 20:06:16 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.ibtimes.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
sync
eb2.3lift.com/ Frame 4328
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.37.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-37-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
05552824cec1f945a4edc58e48e6f5a06ca9d0c5e7044d7bf47d79b1e490dc5e

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=3836485716076257604
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

date
Wed, 17 Mar 2021 20:06:16 GMT
content-type
text/html; charset=utf-8
content-length
478
set-cookie
sync=CgoIgQIQ6oWvjoQvCgoIkQIQ6oWvjoQvCgoI4gEQ6oWvjoQvCgoIkgIQ6oWvjoQvCgoI5gEQ6oWvjoQvCgoIhwIQ6oWvjoQvCgkIOhDqha-OhC8KCQgLEOqFr46ELwoJCF8Q6oWvjoQvCgkIHxDqha-OhC8=; Max-Age=7776000; Expires=Tue, 15 Jun 2021 20:06:16 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=3836485716076257604; Max-Age=7776000; Expires=Tue, 15 Jun 2021 20:06:16 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Wed, 17 Mar 2021 20:06:16 GMT
content-length
0
set-cookie
tluid=3836485716076257604; Max-Age=7776000; Expires=Tue, 15 Jun 2021 20:06:16 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 34AD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.212.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-30-212-16.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Mar 2021 20:06:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 1F16 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Wed, 17 Mar 2021 20:06:16 GMT
Content-Length
1151
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 2AE2
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
668 B
729 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
c118a7fdc7bd3c119ea381d7a453f2d6d8972228bf8c968f478ffed345a545d1

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=924588a5-947a-0ae7-0cf3-b9cd447772ef|1616011576
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=924588a5-947a-0ae7-0cf3-b9cd447772ef|1616011576; Version=1; Expires=Thu, 17-Mar-2022 20:06:16 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616011576|gekin0vNiygu; Version=1; Expires=Thu, 01-Apr-2021 20:06:16 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 17 Mar 2021 20:06:16 GMT
content-type
text/html
content-length
418
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=924588a5-947a-0ae7-0cf3-b9cd447772ef|1616011576; Version=1; Expires=Thu, 17-Mar-2022 20:06:16 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
date
Wed, 17 Mar 2021 20:06:16 GMT
content-length
0
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame EE40 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 18 Mar 2021 20:06:18 GMT
Date
Wed, 17 Mar 2021 20:06:16 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 49A8 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=117737
Expires
Fri, 19 Mar 2021 04:48:33 GMT
Date
Wed, 17 Mar 2021 20:06:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set check.html
biddr.brealtime.com/ Frame 72CE 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Date
Wed, 17 Mar 2021 20:06:16 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=ddd7b38dd694bf0f84cdf57d137f8a1621616011576; expires=Fri, 16-Apr-21 20:06:16 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
2TD5OEfqfjS9CNHZUGEUedwrWQtgI/Xd5RpLYgs6EBR8ltTENExU73kcWKY926avuCfxE3nwZRQ=
x-amz-request-id
54CCC725FBDDCF53
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
823
Expires
Wed, 17 Mar 2021 20:07:16 GMT
Cache-Control
public, max-age=60
cf-request-id
08e364daf60000faeee0367000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6318d73e5833faee-DUS
Content-Encoding
gzip
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1
  • https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=index_rtb&uid=YFJhOMA6wKi-2d9..ECZzAAA%261135
0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=index_rtb&uid=YFJhOMA6wKi-2d9..ECZzAAA%261135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:15 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=index_rtb&uid=YFJhOMA6wKi-2d9..ECZzAAA%261135
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Wed, 17 Mar 2021 20:06:16 GMT
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID
  • https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=appnexus&uid=7741423739414671057
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=appnexus&uid=7741423739414671057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:15 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.133:80
AN-X-Request-Uuid
48e118c0-b18b-4d13-9917-1fb677b1485e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=appnexus&uid=7741423739414671057
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=sovrn&uid=9d531f50dad332ff31ec8d14
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=sovrn&uid=9d531f50dad332ff31ec8d14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:15 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Date
Wed, 17 Mar 2021 20:06:16 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=sovrn&uid=9d531f50dad332ff31ec8d14
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc2999de8-fbf1-4a8b-96cd-031431e29c6d%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=pubmatic&uid=C5F2D0F0-B122-49DC-A454-4755A7166E1D
0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=pubmatic&uid=C5F2D0F0-B122-49DC-A454-4755A7166E1D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:15 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Location
https://prebid.a-mo.net/setuid?A=c2999de8-fbf1-4a8b-96cd-031431e29c6d&D=&bidder=pubmatic&uid=C5F2D0F0-B122-49DC-A454-4755A7166E1D
Date
Wed, 17 Mar 2021 20:06:15 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 34AD 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.212.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-30-212-16.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54778
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Thu, 18 Mar 2021 11:19:14 GMT
generic
match.adsrvr.org/track/cmf/ Frame 4328 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-70-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 4328
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAnBOHgltyGzvXAkuqbCjN8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAnBOHgltyGzvXAkuqbCjN8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.37.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-37-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEAnBOHgltyGzvXAkuqbCjN8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4328
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgzNjQ4NTcxNjA3NjI1NzYwNA%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgzNjQ4NTcxNjA3NjI1NzYwNA%3D%3D&google_tc=
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgzNjQ4NTcxNjA3NjI1NzYwNA%3D%3D&google_tc=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgzNjQ4NTcxNjA3NjI1NzYwNA%3D%3D&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.bing.com/ Frame 4328 		42 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3836485716076257604&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:15 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 04F7599ACE3249CE8454A5ADB5681C4C Ref B: FRAEDGE1416 Ref C: 2021-03-17T20:06:16Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 4328
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3836485716076257604?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-23uBuDZE2oSoOTFvoo6nVuqHUi5M41Kp4VgGrEcqtw--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-23uBuDZE2oSoOTFvoo6nVuqHUi5M41Kp4VgGrEcqtw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.37.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-37-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 17 Mar 2021 20:06:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-23uBuDZE2oSoOTFvoo6nVuqHUi5M41Kp4VgGrEcqtw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4328
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7741423739414671057&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7741423739414671057&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.37.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-37-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.153:80
AN-X-Request-Uuid
d2791800-1516-4cde-b343-54efa8bea388
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=7741423739414671057&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 4328
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3836485716076257604
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3836485716076257604&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3836485716076257604&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3836485716076257604&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4328
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.37.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-37-164.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 4328 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=3836485716076257604
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 4328 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=3836485716076257604
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sd
eu-u.openx.net/w/1.0/ Frame 2AE2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3c016052-6137-4300-a4dd-0da54c86a9a2
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3c016052-6137-4300-a4dd-0da54c86a9a2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 17 Mar 2021 20:06:11 GMT
Server
MT3 3611 f10363c master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3c016052-6137-4300-a4dd-0da54c86a9a2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 Mar 2021 20:06:10 GMT
sd
us-u.openx.net/w/1.0/ Frame 2AE2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=PKyAszythrknrYayMqWYtj6sgbAn-tOwPa0dyvAt
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=PKyAszythrknrYayMqWYtj6sgbAn-tOwPa0dyvAt
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=PKyAszythrknrYayMqWYtj6sgbAn-tOwPa0dyvAt
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 2AE2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=612320275772939960
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=612320275772939960
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=612320275772939960
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 2AE2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=41e9b7fc-3dfd-3510-5625-712520504112&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-70-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2AE2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmQ4NjY0MzYtZjQ4YS02YmI0LTQzYzUtMmI5Y2VhYjI4Zjcy
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmQ4NjY0MzYtZjQ4YS02YmI0LTQzYzUtMmI5Y2VhYjI4Zjcy&google_tc=
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmQ4NjY0MzYtZjQ4YS02YmI0LTQzYzUtMmI5Y2VhYjI4Zjcy&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmQ4NjY0MzYtZjQ4YS02YmI0LTQzYzUtMmI5Y2VhYjI4Zjcy&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2AE2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGgydibdW8ec2z9148HcB6Y&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGgydibdW8ec2z9148HcB6Y&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c426afb7-9100-4325-a885-afed645e58b6&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGgydibdW8ec2z9148HcB6Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame BBD6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
643784d86d401f77c473474dd1e0214aa7f34aa600c57664ca29a5fccf51aa8f

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5186; CMID=YFJhOLFal40xIpvDO65bRgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|45|39|4|156|123|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1624
Expires
Wed, 17 Mar 2021 20:06:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
Connection
keep-alive
Set-Cookie
CMID=YFJhOLFal40xIpvDO65bRgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 17 Mar 2022 20:06:16 GMT CMPS=5186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 20:06:16 GMT CMPRO=1217;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 20:06:16 GMT CMST=YFJhOGBSYTgA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 18 Mar 2021 20:06:16 GMT CMRUM3=9c6052613805a00&ce6052613805a00&046052613805a0&e66052613827600&7b6052613805a00&f16052613805a00&27605261380b40&2d6052613805a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 17 Mar 2022 20:06:16 GMT

Redirect headers

Server
Apache
Content-Length
338
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 17 Mar 2021 20:06:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
Connection
keep-alive
Set-Cookie
CMID=YFJhOLFal40xIpvDO65bRgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 17 Mar 2022 20:06:16 GMT CMPS=5186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 20:06:16 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 49A8 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=2459021&p=158003&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3e35f0d75e688c86bd3e079d6d67610a572bc9ee68a4222d01cb43ee05bd2c38

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:14 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame EE40 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.232:80
AN-X-Request-Uuid
0aced7cb-bd68-48a7-baf1-3ce4c8769cc3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame EC7D 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=2459021&p=158003&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 17 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1068
x-powered-by
ASP.NET
date
Wed, 17 Mar 2021 20:06:17 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 6350
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7857381665673426333
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7857381665673426333
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=2459021&p=158003&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pi=158003:2; KTPCACOOKIE=true; KADUSERCOOKIE=C5F2D0F0-B122-49DC-A454-4755A7166E1D; chkChromeAb67Sec=1; DPSync3=1617148800%3A201_227_226_221; SyncRTB3=1617148800%3A54_56_7_3_220_13_161_21%7C1616803200%3A63%7C1617235200%3A35; KRTBCOOKIE_80=16514-CAESEDhIqOrh3X2ZuEhALbnnW2E&KRTB&22987-CAESEDhIqOrh3X2ZuEhALbnnW2E&KRTB&23025-CAESEDhIqOrh3X2ZuEhALbnnW2E; PUBMDCID=3; KRTBCOOKIE_57=22776-7741423739414671057; PugT=1616011575
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 17 Mar 2021 20:06:14 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-7857381665673426333; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 16-Apr-2021 20:06:14 GMT; path=/ PugT=1616011574; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 16-Apr-2021 20:06:14 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 15-Jun-2021 20:06:14 GMT; path=/
X-lat
amspug011:0:370
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7857381665673426333
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 49A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xfLQ8LEiSdykVEdVpxZuHQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=122277
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 19 Mar 2021 06:04:13 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 49A8 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C5F2D0F0-B122-49DC-A454-4755A7166E1D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6318d73eed7b074a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08e364db500000074a5d399000000001
info
uipglob.semasio.net/pubmatic/1/ Frame 49A8 		42 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C5F2D0F0-B122-49DC-A454-4755A7166E1D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
uip-response-status
FallbackResponse
date
Wed, 17 Mar 2021 20:06:13 GMT
frontend-id
9
content-length
42
routing-server-id
-1
content-type
image/gif
Artemis
aud.pubmatic.com/AdServer/ Frame 49A8
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C5F2D0F0-B122-49DC-A454-4755A7166E1D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C5F2D0F0-B122-49DC-A454-4755A7166E1D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C5F2D0F0-B122-49DC-A454-4755A7166E1D&addseg=19,36,42
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C5F2D0F0-B122-49DC-A454-4755A7166E1D&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:18 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Wed, 17 Mar 2021 20:06:17 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C5F2D0F0-B122-49DC-A454-4755A7166E1D&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 49A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzVGMkQwRjAtQjEyMi00OURDLUE0NTQtNDc1NUE3MTY2RTFE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:14 GMT
X-lat
amspug004:0:472
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 49A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDhIqOrh3X2ZuEhALbnnW2E&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDhIqOrh3X2ZuEhALbnnW2E&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:13 GMT
X-lat
amspug002:0:422
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDhIqOrh3X2ZuEhALbnnW2E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 49A8 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 16 Mar 2021 20:06:17 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 49A8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e3f9fff1-a6e0-4c50-9c4e-add83a743e24
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e3f9fff1-a6e0-4c50-9c4e-add83a743e24
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:17 GMT
X-lat
lhrpug014:0:363
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e3f9fff1-a6e0-4c50-9c4e-add83a743e24
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 49A8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5179577608679033172
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5179577608679033172
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:17 GMT
X-lat
lhrpug009:0:400
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5179577608679033172
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 49A8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4c696052-6137-4000-9783-2c2bd62a8d5c&gdpr=0&gdpr_consent=
42 B
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4c696052-6137-4000-9783-2c2bd62a8d5c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:17 GMT
X-lat
lhrpug004:0:1688
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Wed, 17 Mar 2021 20:06:11 GMT
Server
MT3 3611 f10363c master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4c696052-6137-4000-9783-2c2bd62a8d5c&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 Mar 2021 20:06:10 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 49A8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7741423739414671057&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7741423739414671057&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:15 GMT
X-lat
amspug016:0:357
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.123:80
AN-X-Request-Uuid
205864ec-03ce-4163-9646-4148021ea02c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7741423739414671057&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 49A8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=90157d26-6a65-476f-bd5f-30d771814ab3&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f0f7e6b7-557f-4c95-b183-6bc4b0d1762b&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f0f7e6b7-557f-4c95-b183-6bc4b0d1762b&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:17 GMT
X-lat
lhrpug007:0:606
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f0f7e6b7-557f-4c95-b183-6bc4b0d1762b&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 17 Mar 2021 20:06:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame BBD6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFJhOLFal40xIpvDO65bRgAABMEAAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEAgNLQEm_O1UteUPuzrnpzo&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEAgNLQEm_O1UteUPuzrnpzo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 17 Mar 2021 20:06:16 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEAgNLQEm_O1UteUPuzrnpzo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame BBD6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOLFal40xIpvDO65bRgAABMEAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOLFal40xIpvDO65bRgAABMEAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOLFal40xIpvDO65bRgAABMEAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJhOLFal40xIpvDO65bRgAABMEAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BBD6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFJhOLFal40xIpvDO65bRgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDe2LKUeAbA_qU1LN73_NU&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDe2LKUeAbA_qU1LN73_NU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Mar 2021 20:06:16 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDe2LKUeAbA_qU1LN73_NU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BBD6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_user_id=YFJhOLFal40xIpvDO65bRgAA&gdpr=1&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-70-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame BBD6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3322345177487958455
43 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3322345177487958455
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Mar 2021 20:06:16 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3322345177487958455
pragma
no-cache
date
Wed, 17 Mar 2021 20:06:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cookiesync
bttrack.com/pixel/ Frame BBD6 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:07 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rum
dsum-sec.casalemedia.com/ Frame BBD6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Cx70ICSZRwpSa93lnHCiGCV42dw
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Cx70ICSZRwpSa93lnHCiGCV42dw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Mar 2021 20:06:17 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Cx70ICSZRwpSa93lnHCiGCV42dw
Date
Wed, 17 Mar 2021 20:06:17 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
YFJhOLFal40xIpvDO65bRgAABMEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BBD6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YFJhOLFal40xIpvDO65bRgAABMEAAAIB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YFJhOLFal40xIpvDO65bRgAABMEAAAIB
43 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YFJhOLFal40xIpvDO65bRgAABMEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:06:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Wed, 17 Mar 2021 20:06:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YFJhOLFal40xIpvDO65bRgAABMEAAAIB
Connection
keep-alive
Content-Length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame BBD6 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFJhOLFal40xIpvDO65bRgAA%261217
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 20:06:17 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2748
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Mar 2021 20:52:05 GMT
async_usersync
ib.adnxs.com/ Frame EE40 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 20:06:17 GMT
X-Proxy-Origin
37.120.217.220; 37.120.217.220; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.133:80
AN-X-Request-Uuid
98a8ea2e-9b20-437d-bcf5-9de4033b981c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abt
capi.connatix.com/tr/ Frame 4F19 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=108565
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 17 Mar 2021 20:06:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 35AC 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1sMmNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT2A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9agLGgmIC6V4yrhJinlkbfYG49u0r5WKbABLvzjPbGA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTExMDI0NzEwNTg0MDMyMIAKA8gLAdgTDeIWAggB&sigh=5a6r5a9hChI&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&label=video_skip_shown&ad_mt=5193&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D1503,318,1829,898%26p0%3D1519,318,1845,898%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1029%26pst%3D422%26dur%3D29048%26vmtime%3D5193%26is%3D18%26i0%3D18%26cs%3D4114%26c%3D0%26c0%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D842%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D514422004%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1616011579946%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1616011574603&sdkv=h.3.447.1&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ2OTQ4NTM3MTUxNDIMNTA1MjUxNDU5NTc0QPICUh8QDyUAAAxCKAE6B3Vua25vd25CB3Vua25vd25IV1AAGAE.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
st
capi.connatix.com/tr/ Frame 4F19 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=108565
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 17 Mar 2021 20:06:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 35AC 		42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1sMmNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT2A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9agLGgmIC6V4yrhJinlkbfYG49u0r5WKbABLvzjPbGA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTExMDI0NzEwNTg0MDMyMIAKA8gLAdgTDeIWAggB&sigh=5a6r5a9hChI&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&label=videoplaytime25&ad_mt=7443&acvw=sv%3D889%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1503,318,1829,898%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7496%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1631%26pst%3D422%26dur%3D29048%26vmtime%3D7443%26dvs%3D0%26dfvs%3D0%26dvpt%3D7477%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D842%26femvt%3D0%26emc%3D38%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D514422004%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1616011582196%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1616011574603&sdkv=h.3.447.1&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ2OTQ4NTM3MTUxNDIMNTA1MjUxNDU5NTc0QPICUh8QDyUAAAxCKAE6B3Vua25vd25CB3Vua25vd25IV1AAGAE.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aq
capi.connatix.com/tr/ Frame 4F19 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/aq?v=108565
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.220.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Wed, 17 Mar 2021 20:06:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
ee0b9c04dc
bam-cell.nr-data.net/events/1/ Frame BF21 		24 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/ee0b9c04dc?a=363164778&v=1198.fe6ec20&to=NQQGNhBXV0BZVkJdDgxOJxcRQlZeF3hZUDYHAyINEFtvAQIPZVwOFTYBACRZS14YGAgUEgsVAVA%3D&rst=10831&ck=1&ref=https://ibt-mail.com/site2/ibt_us_2021/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://ibt-mail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 17 Mar 2021 20:06:23 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://ibt-mail.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-Ray
6318d76be9a14e1f-FRA
Content-Length
24
cf-request-id
08e364f77400004e1f38839000000001
aclk
www.googleadservices.com/pagead/ Frame 35AC
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=Com4xNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT5A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1l...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CKdsnNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT5A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7y...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CKdsnNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT5A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9a2LAS8oiQt4I5T28-yKlGWLKhxJhNFrxqJU_ABLvzjPbGA-AEAcAFbqAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTExMDI0NzEwNTg0MDMyMJoJFmh0dHBzOi8vaGVyby13YXJzLmNvbS-xCRr_OJPwOj70gAoDmAsByAsB0AsOuAwB2BMN4hYCCAE&num=1&client=ca-pub-7379978810940306&ctype=110&label=video_10s_engaged_view&ad_mt=10193&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D1503,318,1829,898%26p0%3D1519,318,1845,898%26p1%3D1503,318,1829,898%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2233%26pst%3D422%26dur%3D29048%26vmtime%3D10193%26is%3D18%26i0%3D18%26i1%3D18%26cs%3D4114%26c%3D0%26c0%3D0%26c1%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D842%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D514422004%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1616011584946%26pngs%3D9,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1616011574603&cid=CAQSKQCNIrLMCQ8L99rHOuZjjPXuuxgDHADGEKDXFpnK386IS_iqLO5_UIEq&dblrd=1&val=ChAyMjFjYmU3OWNjYmEwMGRhEMDCyYIGGggpA83IFXLFxSABKAE&sig=AOD64_2ItDkRmOcBXdlm69NZwosnNoU5Sw&adurl=https://hero-wars.com/%3Fhl%3Den%26l%3Dloot%26m%3Dregistration%26nx_source%3Dadx_adwordsyoutube.hw_wb_u7_-.cc-ww_en.g-m.a-2554.au-all.opt-purchase_unique.com-newac.lp-loot.cr-mightytower27c_h_29.dt-youtube.cid-12521386536.csd-110321.-%26l%3Dloot%26cp%3D-.cid-12521386536.agid-122117372347.tgid-.intgeo-.phgeo-1003854.ngr-vp.devt-c.devm-.gcid-%7Bgclid%7D.adId-505251459574.pt-www.ibtimes.com_pt.ptc-.-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 20:06:24 GMT
x-content-type-options
nosniff
server
adclick_server
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CKdsnNmFSYP66D-GZlQfpmY-QB-SP7udh-oCJ_NQNtJv6g7YJEAEg0pbmOGCV-vCBjAegAZyv-6gCyAEF4AIAqAMBmAQAqgT5A0_Q6lvrJ_dUFC_SGEE2d01MZWmINVPS7k7JP-UKrm4Np7yzF1lxg0mbH5LiVBFq2dhbhljErKas-JlSBW6ZgUGwEDDHmLHCi4GTOCB7PC-7STAzww56ytUDpB-1osWmVRs3bYHet1GBCUmdoU7BzQQtBV8Dx8a57JMU_zY3CbvNx6aomq-zKaFLViMEjdzW85N9rlN4nMjhSKVkrCo9uQ-bsaTGqCA9YaIZpK1zSBQL58wDNlrnjSVRo3AqJNXmSS7MSgreoficwP4MpGHJAanVAcdV30awws8DvMD4sTuXGgjvzpf3FPuvwoM6dDdx8anfn611jzaIHRxLPAOppsOGhdeYmeE6A4FUFNVHVDKkZ4c2kgEN736KKkZ_WEoNW6Wu55yCvkoA_DtgnP3SpevkB9gFOU4lxvmP7wE3GoPgKRFHfxljKcA5rrJ8I-QuvfnNV9MAzcAMAcY57rR7R0So34vAUkTPeO2LjU5AasimVJumJ9Hat8yum1lMVG7wBvKiKREdaC0w6Q33q-qtlPMJYFB07h-wgZwLzlbWrAh82b92tAHGxP3_BaNOVwrsy1cSTXRjs7r_X4-4XnER9NgBv6bDNHSCLZ7WO8gwH9k2_tep9RcwniFZrr1uXu9a2LAS8oiQt4I5T28-yKlGWLKhxJhNFrxqJU_ABLvzjPbGA-AEAcAFbqAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTExMDI0NzEwNTg0MDMyMJoJFmh0dHBzOi8vaGVyby13YXJzLmNvbS-xCRr_OJPwOj70gAoDmAsByAsB0AsOuAwB2BMN4hYCCAE&num=1&client=ca-pub-7379978810940306&ctype=110&label=video_10s_engaged_view&ad_mt=10193&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D1503,318,1829,898%26p0%3D1519,318,1845,898%26p1%3D1503,318,1829,898%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2233%26pst%3D422%26dur%3D29048%26vmtime%3D10193%26is%3D18%26i0%3D18%26i1%3D18%26cs%3D4114%26c%3D0%26c0%3D0%26c1%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D842%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D514422004%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1616011584946%26pngs%3D9,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1616011574603&cid=CAQSKQCNIrLMCQ8L99rHOuZjjPXuuxgDHADGEKDXFpnK386IS_iqLO5_UIEq&dblrd=1&val=ChAyMjFjYmU3OWNjYmEwMGRhEMDCyYIGGggpA83IFXLFxSABKAE&sig=AOD64_2ItDkRmOcBXdlm69NZwosnNoU5Sw&adurl=https://hero-wars.com/%3Fhl%3Den%26l%3Dloot%26m%3Dregistration%26nx_source%3Dadx_adwordsyoutube.hw_wb_u7_-.cc-ww_en.g-m.a-2554.au-all.opt-purchase_unique.com-newac.lp-loot.cr-mightytower27c_h_29.dt-youtube.cid-12521386536.csd-110321.-%26l%3Dloot%26cp%3D-.cid-12521386536.agid-122117372347.tgid-.intgeo-.phgeo-1003854.ngr-vp.devt-c.devm-.gcid-%7Bgclid%7D.adId-505251459574.pt-www.ibtimes.com_pt.ptc-.-
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watchtime
s.youtube.com/api/stats/ Frame 03AF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.193&rtn=20.000&ns=yt&fexp=44730612&el=adunit&cpn=SknepIjzDFa0oqHH&docid=KjbhA_CqJFg&ver=2&cmt=10.193&fmt=18&rt=10.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.ibtimes.com%2F&len=29.048&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

357 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated number| _sf_startpt object| dataLayer number| timerStart boolean| gdprAppliesGlobally function| __cmp function| ibtGetCookie number| hb_debug function| nw_log object| xuaInfo function| __uspapi string| site_name string| site_id string| site_domain string| ibtmedia_device string| is_uxab string| is_video_embed string| ibp1 string| ibp2 string| is_slideshow string| s_layout string| is_slideshow_firstpage string| s_player string| enable_sponsor_logo string| sponsor_logo_slot string| is_prod number| numPr number| rf string| dfp_cat string| group_cat string| excl_label string| amzn_video_bid number| amzn_video_bid_flag string| prebid_video_bid string| prebid_cust_param string| NoPassFQ string| fbprom string| fbpromoc string| otherpromoc object| keyEx string| keyExC number| wo_on string| gdpr_video string| npa_consent string| consent_string number| is_gdpr boolean| ccpa_status object| dfpSlots boolean| fl string| fls string| w1200 string| referrer function| nwsetCookie string| pageRefresh number| fqv string| ts function| parseQueryString string| urlToParse object| utm_result string| utm_source number| nonPersonalizedAds function| getBrowser function| setDfpRefreshKV function| setDfpRefreshKey function| clearDfpRefreshKey number| win_w number| win_h string| wo_browser string| wo_pageurl string| win_size string| wo_placement string| wo_section string| wo_layout string| wo_pagetype string| fq_pagetype string| wo_devicetype string| wo_domint string| wo_adblock string| ic11_morph undefined| il_geo string| wo_geocode string| wo_ip string| pageFocus function| TrafficSource string| trsource string| dfp_adunit function| admiral object| googletag object| cmp object| ccpaConfiguration object| node function| __ccpa boolean| fqs_loaded boolean| fqsp_loaded boolean| fqs_load_timeout boolean| pbjs_loaded boolean| amznads2_loaded boolean| is_bot number| abt_rand string| abt string| purlen string| fq_ref function| extractHostname string| fq_ref_source string| doc_hostname string| fq_source string| pb_videos object| dfpEx object| fqtag object| PWT function| fq_callback object| fqs function| amznVideoAPS function| amznVideoAPS_refresh number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| pbjs function| initAdserver number| hb_timeout_var function| verification_callback object| adUnits function| prebidVideoAd_refresh object| videoAdUnit object| apstag object| fonts object| font number| pos undefined| current_time undefined| key function| pbjsChunk object| _pbjsGlobals function| cnxps function| GRAPP function| CE object| GRWF2 object| DATAFILE object| webformId_12 function| advagg_run_check function| advagg_run_check_inner function| advagg_font_add_font_classes_on_load function| advagg_font_check object| ggeac object| google_js_reporting_queue object| _hsp object| wpJsonpLiverampCcpaCmp function| setImmediate function| clearImmediate object| core object| __twttrll object| twttr object| __twttr boolean| apstagLOADED object| __cmpBuffer function| OneWorldPollerClass object| oneWorldPoller function| init_drupal_core_settings function| advagg_mod_2 function| advagg_mod_2_check undefined| $ function| jQuery object| Drupal object| jQuery17201845326209089766 function| DataLayerHelper function| ibtmediaDfp string| adblock_status function| socialnewsletterValidateEmail function| analyticsEvent function| BlockAdBlock object| blockAdBlock function| Swipe undefined| ie boolean| moved function| FontFaceObserver object| lazySizesConfig object| lazySizes object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded object| _mgIntExchangeNews object| onClickExcludes function| mgReject307820 function| mgLoadAds307820 function| MarketGidCReject307820 function| MarketGidLoadGoods307820 function| AdskeeperCReject307820 function| AdskeeperLoadGoods307820 function| LentaInformCReject307820 function| LentaInformLoadGoods307820 function| IdealMediaCReject307820 function| IdealMediaLoadGoods307820 function| mgReject317456 function| mgLoadAds317456 function| MarketGidCReject317456 function| MarketGidLoadGoods317456 function| AdskeeperCReject317456 function| AdskeeperLoadGoods317456 function| LentaInformCReject317456 function| LentaInformLoadGoods317456 function| IdealMediaCReject317456 function| IdealMediaLoadGoods317456 function| mgReject725222 function| mgLoadAds725222 function| MarketGidCReject725222 function| MarketGidLoadGoods725222 function| AdskeeperCReject725222 function| AdskeeperLoadGoods725222 function| LentaInformCReject725222 function| LentaInformLoadGoods725222 function| IdealMediaCReject725222 function| IdealMediaLoadGoods725222 function| mgReject740745 function| mgLoadAds740745 function| MarketGidCReject740745 function| MarketGidLoadGoods740745 function| AdskeeperCReject740745 function| AdskeeperLoadGoods740745 function| LentaInformCReject740745 function| LentaInformLoadGoods740745 function| IdealMediaCReject740745 function| IdealMediaLoadGoods740745 function| mgReject757863 function| mgLoadAds757863 function| MarketGidCReject757863 function| MarketGidLoadGoods757863 function| AdskeeperCReject757863 function| AdskeeperLoadGoods757863 function| LentaInformCReject757863 function| LentaInformLoadGoods757863 function| IdealMediaCReject757863 function| IdealMediaLoadGoods757863 function| mgReject863739 function| mgLoadAds863739 function| MarketGidCReject863739 function| MarketGidLoadGoods863739 function| AdskeeperCReject863739 function| AdskeeperLoadGoods863739 function| LentaInformCReject863739 function| LentaInformLoadGoods863739 function| IdealMediaCReject863739 function| IdealMediaLoadGoods863739 function| mgReject947807 function| mgLoadAds947807 function| MarketGidCReject947807 function| MarketGidLoadGoods947807 function| AdskeeperCReject947807 function| AdskeeperLoadGoods947807 function| LentaInformCReject947807 function| LentaInformLoadGoods947807 function| IdealMediaCReject947807 function| IdealMediaLoadGoods947807 function| mgReject1086935 function| mgLoadAds1086935 function| MarketGidCReject1086935 function| MarketGidLoadGoods1086935 function| AdskeeperCReject1086935 function| AdskeeperLoadGoods1086935 function| LentaInformCReject1086935 function| LentaInformLoadGoods1086935 function| IdealMediaCReject1086935 function| IdealMediaLoadGoods1086935 function| 4dm1r11545242527 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| cnx_usr_storage object| FB object| __uspapiBuffer object| google_tag_manager function| fqPixel boolean| gaLoaded boolean| domLoaded function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm object| google_tag_data string| GoogleAnalyticsObject function| ga object| _sf_async_config object| gascrolldepth boolean| _hspb_loaded object| gaplugins object| gaGlobal object| gaData string| _mgCanonicalUri boolean| _mgPageView48526 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| vpb object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule boolean| isOSXSafari undefined| safariScript undefined| o object| regeneratorRuntime boolean| _babelPolyfill function| bowser object| mailnami object| Pushnami function| LoadCriteoAllPlaces307820 boolean| i.js.loaded boolean| i-noref.js.loaded object| _comscore function| udm_ object| ns_p object| COMSCORE object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval number| google_global_correlator object| closure_lm_698295 boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| e number| _sf_endpt boolean| _hspb_ran object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| cnxAddEventListener

22 Cookies

Domain/Path Name / Value
eus.rubiconproject.com/ Name: pux
Value: 2249%3D98253%262307%3D98253%262974%3D98253%263778%3D98253%26goog%3D98253%262249-DV360-Hosted%3D98253%26idl%3D98253%26brx%3D98253%26
.rubiconproject.com/ Name: ses15
Value:
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EgpPFjNbRZbb58Kcx/hEla9cZcHmYOeeLC0wf6q5TIrDfx9lJ9bi1t7Pv1CeJBev9QLwBteZaBaVX8c2ol0zsAX
.rubiconproject.com/ Name: vis2
Value: 234676^1
.rubiconproject.com/ Name: rsid
Value: 1|HtC7NkcHr+vRXCfuzNEvJhnvpsxMOKmt0RpqCfqlbmAn/eqVO2zhQcPyY76PiuakRhivsz3GAAuzFkbJMy/+K1uqnlcKuQw1qy8pecDeQU51/D/GC6NBOKqTS6LHMFv/BdTLwVQPPUDx
.1worldonline.com/ Name: 1wSession
Value: false
.1worldonline.com/ Name: 1w_supports_cookies
Value: true
.ibtimes.com/ Name: __hssc
Value: 190406516.1.1616011574226
.ibtimes.com/ Name: __hssrc
Value: 1
.ibtimes.com/ Name: hubspotutk
Value: b6a0018523190ecdeafe112f1815a9d3
.ibtimes.com/ Name: __hstc
Value: 190406516.b6a0018523190ecdeafe112f1815a9d3.1616011574226.1616011574226.1616011574226.1
.ibtimes.com/ Name: _dc_gtm_UA-5652780-46
Value: 1
www.ibtimes.com/ Name: ccpa-dau
Value: true
.ibtimes.com/ Name: _gid
Value: GA1.2.318032857.1616011573
.rubiconproject.com/ Name: khaos
Value: KMDVKDOH-1O-CLC2
www.ibtimes.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C307820%22%3A%7B%22page%22%3A1%2C%22time%22%3A1616011573297%7D%7D
.ibtimes.com/ Name: _ga
Value: GA1.2.1085766742.1616011573
www.ibtimes.com/ Name: geo-location
Value: {"country":"DE","region":"BE"}
.rubiconproject.com/ Name: ses2
Value:
www.ibtimes.com/ Name: has_js
Value: 1
.rubiconproject.com/ Name: vis15
Value: 234676^1
www.ibtimes.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770

55 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1(Line 13)
Message:
toS
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ(Line 103)
Message:
ts: nonpromoted
console-api warning URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ(Line 300)
Message:
prebid_ads_pb_video_slots N 141
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ(Line 175)
Message:
prebid_ads prebid.js loaded 159
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ(Line 175)
Message:
prebid_ads gpt.js loaded 219
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ(Line 211)
Message:
excl_label2:
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ(Line 212)
Message:
prebid_ads_fq_callback 500 220
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ(Line 213)
Message:
prebid_ads_NoPassFQ Y 220
console-api log URL: https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__X0dmw7TV66lm9S-IHqNsXopdcZA1L6D_HU_2NJtze4E__Qvf65xUKNq934U_BlWduljkqfljRT2Xp7FiX3F4cQII__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js(Line 2413)
Message:
Font2 is available
console-api log URL: https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__X0dmw7TV66lm9S-IHqNsXopdcZA1L6D_HU_2NJtze4E__Qvf65xUKNq934U_BlWduljkqfljRT2Xp7FiX3F4cQII__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js(Line 2420)
Message:
Font3 is available
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterInitHooks hook SubnetsBlock start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterInitHooks hook initAntiFraud start
console-api log URL: https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__X0dmw7TV66lm9S-IHqNsXopdcZA1L6D_HU_2NJtze4E__Qvf65xUKNq934U_BlWduljkqfljRT2Xp7FiX3F4cQII__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js(Line 2406)
Message:
Font1 is available
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterPreRenderNewsHooks hook calcPreRenderingBlock start
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-_xOUh79W1lN3wcoBZMTw9wilXVd5-gN2EamMJrD2-a_IZiH9hGQw_wuiVCmC1st_VZ-novk04PKprOqcRzNNw3ktuaNbcajCce7u9kUJ0OdhqKXSQ(Line 282)
Message:
prebid_ads_amznads2_setDisplayBids: true 635
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 Header bidding. Servicer promise start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterInjectScriptHooks hook MgqBlock start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterInjectScriptHooks hook servicerDoubleClick start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 Header bidding. Header bidding promise start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 Header bidding. Timeout promise start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 Header bidding. Header bidding promise resolve
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 Header bidding. Timing: 106ms
console-api error URL: https://frontend.1worldonline.com/poller-constructor.js?ncu=%%CLICK_URL_ESC%%(Line 1)
Message:
URIError: URI malformed
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 Header bidding. Servicer promise resolve
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 Header bidding. Promise.all resolve
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 [object Object],[object Object]
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 HeaderBiddingDebug. Time: 106. DBTimeout: 300. RealTimeout: 0. SSP: 266 SspBid: -1. Status: lose. Data: {"width":300,"height":250,"adId":"1067214223569.20","ad":"","code":"mgBanner_307820_1_2","bid":1.1,"requestSizes":[300,250],"run":0}.
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 beforeLoadNewsHooks hook refreshAdvertLink start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 beforeLoadNewsHooks hook initRejectStyles start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook smallBlur start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook ActivateDelayBlock start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook fixWrongExternalImages start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook initAdvertPopup start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook initIntExchangeLabels start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook monitorInit start
console-api debug URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 848)
Message:
[object HTMLImageElement]
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook addRejectButtons start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook initCriteoHandlers start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook iExchangeLoggerInit start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook initWidgetObserver start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook handleAdtelligentPostWin start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook hangAFListener start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook initAntifraudStatistics start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook cmPixelLoad start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook handleExternalCountersListener start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook addPreviewEvent start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook countersLoad start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook compositeComscoreCountersLoad start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook gradientRendering start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook responsiveInit start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 afterLoadNewsHooks hook parseImpTracker start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 Observer. Widget hidden. Ratio: 0
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 observerWidgetHooks hook setWidgetRealShowTime start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=12121720(Line 720)
Message:
WIDGET_307820_0fab0 Header bidding. Timeout promise resolve

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
ajax.googleapis.com
ams.creativecdn.com
ap.lijit.com
api.pushnami.com
api.rlcdn.com
app.1worldonline.com
aud.pubmatic.com
aux.fqtag.com
b1sync.zemanta.com
bam-cell.nr-data.net
biddr.brealtime.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.mgid.com
c1.adform.net
capi.connatix.com
ccpa-wrapper.privacymanager.io
ccpa.privacymanager.io
cd.connatix.com
cdn.feeds.ibt.com
cdn.fqtag.com
cdn.mgid.com
cds.connatix.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
connect.facebook.net
creativecdn.com
csi.gstatic.com
d1.spcdn.ibt.com
d2fw4nb4g546bx.cloudfront.net
d5p.de17a.com
dau-prod.launch.liveramp.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
feeds.ibt.com
fonts.googleapis.com
fonts.gstatic.com
fqtag.com
frontend.1worldonline.com
geo.privacymanager.io
ghb.adtcontent.com
googleads.g.doubleclick.net
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
ibt-mail.com
id.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
info.silobreaker.com
js-agent.newrelic.com
js-na1.hs-scripts.com
js-sec.indexww.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
jsc.mgid.com
match.adsrvr.org
mwzeom.zeotap.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubads.g.doubleclick.net
query.fqtag.com
r.scoota.co
r2---sn-4g5ednle.googlevideo.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.amazon-adsystem.com
s.youtube.com
s0.2mdn.net
s1.ibtimes.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stalesummer.com
static.chartbeat.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.hubspot.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.targeting.unrulymedia.com
vid.connatix.com
visitor.fiftyt.com
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.ibtimes.com
x.bidswitch.net
104.108.144.200
104.108.144.214
104.108.145.8
104.16.221.74
104.160.77.202
104.17.119.107
104.19.136.78
104.19.217.61
104.244.42.72
13.226.156.205
13.226.158.204
13.226.159.44
136.144.59.88
142.250.185.162
142.250.185.198
142.250.185.98
142.250.186.162
151.101.114.49
151.101.14.137
151.139.128.11
159.253.128.188
162.247.243.146
178.250.2.151
18.159.17.140
18.196.104.43
184.30.212.16
185.184.8.30
185.29.133.58
185.33.220.243
185.64.189.110
185.64.189.112
185.64.189.115
185.64.189.249
185.64.190.80
192.132.33.46
199.232.58.110
199.232.58.137
199.60.103.254
2001:678:cb4:bbbb::11
213.155.156.184
213.19.147.151
213.19.162.61
216.52.2.39
216.58.212.162
23.37.38.181
23.37.42.132
23.37.53.17
2600:1901:0:298e::
2600:9000:2038:f000:3:f9b0:4040:93a1
2600:9000:206f:3c00:9:dc53:cc00:93a1
2600:9000:206f:7c00:18:1fcd:34e:d2a1
2600:9000:211e:9000:17:1429:b980:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1957
2606:4700::6811:47b0
2606:4700::6811:d6cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2620:116:800d:21:f916:5049:f87f:108e
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:57::8
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::2016
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4009:815::2003
2a00:1450:400c:c09::9b
2a00:1450:400c:c1b::8b
2a02:fa8:8806:16::1460
2a03:2880:f01c:8012:face:b00c:0:3
2a0c:5c81:5142::2
3.126.56.137
3.20.220.113
34.120.133.55
34.249.70.28
35.156.37.164
35.158.194.251
35.170.85.180
35.186.195.222
35.190.36.172
35.190.48.184
35.190.72.161
35.201.96.126
35.212.212.222
35.244.159.8
35.244.174.68
37.157.4.23
52.20.98.49
52.28.196.155
52.46.130.13
52.50.99.220
52.53.123.199
52.85.115.11
52.85.115.98
54.166.249.156
54.81.207.173
64.202.112.191
65.9.58.52
69.173.144.138
69.173.144.139
69.173.144.165
77.243.60.138
022c85c99594bcce2969f2fbba0c62fddd2e4f68e22caf1923321dd48271f349
03a24c1310b8410132d9ae5050ec0382090ee6897a7502b176b511073f826926
03c6ebd1cf12e5f666d2fa45d53c69ab61a50a5811b93ec7f1c3f8c3378a47f3
04973666dbe1489efa6930ad564a96b3d35f63682884b09783ff54625d29abb5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05552824cec1f945a4edc58e48e6f5a06ca9d0c5e7044d7bf47d79b1e490dc5e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076ae70c9d36b3f858b446ed0d9d36e506399b50d58392a70615d9dea078926d
07fb70a0aae31cec73bf102e35d65aedbca413e14011bc86fb09dcb52bb21efe
08035605ffad94985e87208336cdb10a16e01860818505d9f0421bac941800a4
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0ac60840041656e58395c840c23018db25c1c4e8af88040c2cb2615235ea54d0
0b5735b14f45d2be0b5aa6c83855e88d323751ee3855d87aea82c81c501c0731
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9172e57a543be175ba701cc8d65040b208ba3e2458e83fb557c2a454a05379
0bf095b71113f5dce2d2fc47d5d8ae5ead9299bfd4ef43245fcd07b5de85a2a9
0c9ac233a87095c82fb409d77e1e8214461f3cffad4ddf119072b3f37caff6b1
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0d36f71a98a5d73163c3aa0294b646abe665218ab260c1cf38d764907b5576c1
0e4e6d7711f0bda0c536407684f91e403f7f4df81daa9576ab010fc82ee5a0bb
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
103f402bb27a0375e282773ad2b4d2ceb58296da49daaa105876f778ad681ccd
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
174a65c7fe238fcc38670cbbc3057d32b96723ebe261079c4765017e389623de
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18957da19be7c8e169e12ecdc59cb682438d17ae338ffa77effdcd550fbb3303
18ff0e435eee078467b91879d2439c1a54b26f608c05501ce864b3d7e9ebc579
22acc148ce6309dec7d1e5ad61cb9c8007b904321d3cd20d546a5229b90184ce
240981ff82edee24ab6fec83feeff0b7eed77153d92802cb6cd63cc2cd812ab8
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
25c788c3d6b5a5f5931ef45abc5640af29b16f379c2e1634dc32c6c225327f38
264802e7eced559d7164c6488bec1ffe244a86b1142f5604ea38125edb8c3218
2db5cf80d922a2444cece582ba124ba0dee0476ee5eb25f4dc02abc442be1023
30096654dc0397fbdeb7b5ec4e833d1d122aee2d2e3e15df6e3f4d7bc3a6ac67
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31d461edc2d67ca0cc50368c30ca486e59c21081935d28bd770ed665d096719f
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b7aba06fbd0493aae4d0d9d6c9571c898aca7401a628dcb16c9030e2279b4b1
3caba2da9c187422fc8ffbb92c358eb403247a2682aeee6135d8cc08d5837797
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e35f0d75e688c86bd3e079d6d67610a572bc9ee68a4222d01cb43ee05bd2c38
3e59d1ae18b129a16868fed215deca0fb01702c7a7639513121313cc702a6c19
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee810a5441d736733bfd99226ce18a7452222311fa715a8717611bf7b4ae059
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40dd69db1f048d72d448d01b67244b292ce93dcb8a137703ca9ca821aa354405
45a63bbe77d0bcdbdd3bc18561c994f2a5cd10913f31bbced17cede23e73604e
45ddf6856b9d1dccab1cc60723a04b9ca210dfdc588ef85a9777e907dfd1ad22
45f92bbf5a332e21942b857e1d46dcf673618bbb09ad8b77387962cec82fa136
47f1eb008ae9ca3984834143fa71106a1c727579fe8feeb6de781bc73bd2393c
48051e4b1aa3d6ed46f83b00f861735ae4b367785242a14882c420143401288e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a52b999447dcaf18945438b2f1d286df991486a97fbe5b9baf5c6a112e2a063
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1d09387f62774dbb03e6b7c8404f8ccadb06a747b60571f8f080213820cab9
50bdaa8b5540c2c86d0f9c281d25ab06d9bc47b277eabfc9a7c7ac88958cac58
521650f230fb40fdbfa06b56e8c084f9347fbf2a2e9fccd8216080f56cfb638b
53b6415b1677dad175c81c0eb4a847adf92497ba0e17426ba719ea1da278a170
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
58f1916cb8dce18625baca4f479e6c5c5e7d1d8805c08e266c4f3014abe861f4
598f942ac8bbb748ebecd3aba90e18bfccfc7687639960458dc2017e35dbc05f
5afc7cb2653cd5052a0240fec46bf157bc0d72ad75bb6594ec022cf8220e0ac1
5b1f9c7002563abfa157220517f9af3021000f5d532160cf52ff74b6af127b05
5e15e3a9dee94ae088448020979399786f324b6febda84f8cad07c5693d748d2
62f4399b4bcb57c4a56592d088bdf643dd39de6110c484510cf136fa691a6fcf
643784d86d401f77c473474dd1e0214aa7f34aa600c57664ca29a5fccf51aa8f
6553a953f08a19e3ce3566bace0afa8d1b22bf181e5d7ef38e774146838edf2b
65848c733b944f74defe77cab47a83582f9d0888606ec68f345263ddd63e67a5
66fac9123cbd9a55edc7720629d1442277db52c4a3e3d2f42854905e52022c8c
675c6f677b3cb70247991150c36e460ccbaf94546161828f759d11a0709c2d2a
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
68c1d03b672a14ea0457c097b0d8bfd921a9912692a24769c73a7951e05616df
697d1279d73b958fd39429e9d0cbc92b511747ed4cd5cd83927f7934d4dc713b
69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa
69c990643c7074bc0d746c67d194ac10738d0eb522d9a183a94d0205bc0e9fcc
6aae7f67b0a890728d141dd89c222472429682a0f2fc6273eb92dfc2f58126d6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d3b19b5e8f21c96321e4fb9f6eae461d1a37a7e0ff32246456c9e9ad7100e3a
6f2babf2cc23ba3832aa3c62c2d5f37e5ad0442c67d70405833112839dbb981a
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7ddac39f40f8c684f7e7c22b41c8f61148ca2f8d0c6222e0bd5b761c21b01a07
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
81bc4088c69ca9a56d7ede925d5dd13d748d1cb2266867e1e644e4832b3b710b
81d638bdb497b8b3284fad4fa2e5bc18c6957a7ff95d6b04954aa292615d3f2c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
8808a5931f001093bc198f46814e282d41e0f953862b6933d3bca1da71ac1223
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7745893aed0febf58197aa9e5a3e033d344aef7410398a32db42341ce6c770
8ee9f2fab39df1fb600a576ac7c1bc66ea89be69279074ff2967d98747bc399b
92ad5b045b4bf2f1a4235164a9ad2a3ba3a360ea6eeed76a717143333acea0b9
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
940042ff2f26496092cf9197b9ad6f0935762aaccb0e950e7fcdcfa6dee57c02
944df86ebef787cc7857e167743f5a70f21538c1f73fbf27af8425c6720ff855
95720565a8d6c2bdc7c9c8c133a5c6755e32022778f1781a2f495dc1d948b095
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
9763e853e3362aaedf7c6460e117de4b65d6c08f4f33cec2fddcff420fb1d86d
97b157d25b2620c6a59a6ed469adcc741ce36e24b7a134a466ab95bfece785c7
999a317fe987c0a75675786549148e6cf42cf80fa5792a7112f48f584a95b0a2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99cd79a75424ea01a9f6e0dbc9f10eb128eb655ef22a6068c9d96b45aaae99db
9a6a2855f33b803d6785165a5a70a17fb3d2b8a9a5c0b0403c87b438182f2182
9aac35b5757a7fb48132c6a19b463d6e5c1135870780fff822af2f05cf6227fe
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1afbb5768374749e5d55cf81d2ac952ec144570777bd28a0e5fbf471ed2a117
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2ca5ee3390ecbb183cb6c5dec95b6bcf171474b226893f2c0ed2fedded6ba26
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a65bdfa116f70a3576acdaf80dcce90304fc3e75112cea5cc6aef678eac9bdbd
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
a9996b0faa7b01a88c2452067b07c1109c0835bc683354c40d7a35945cfd850b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab939179beb3dc0c23e445ac6c985c17ca7e02747eb68e56a7b49188602fb489
ac87aeb266ffbb2d1bfddb63fb19c7c21e7705367767a9abc23da54a0fb591f0
accc20d3c7dd8b9b5ecd29f095cbfdd9eb7553fe73bf7f57e7d554e909b04dc5
ad9125528034c335ff5fd9dbe6f5020aef36b3586e602ad2b3b6966bb2e6109a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f9850085a3507e901365d8b841808d71cf4c31d1a8df9ea332ddec2971be72
b3d3a574ab858e578952465bff7f171e304726111d1cbfe9e156d27eb909088e
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc
b84667d4384c89c4af4b8fcfae5310d5ce39dfb19c0a8c5942fee0591ebfcae7
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b
b89f6f8287ac19597821934089278793ff78ed66a158955cc0141617a1b21e98
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be54ec1474ad1493a9db2d2ec0f0d6bb38df3ed2fc1c3a336c8efe2eee3d0b65
bead81c931f2b1bfa985aa951ac5045a052f5bd379ce28b5db1f9d297c98bb7b
bef68150a61b79f71c0f81f23efe27a78da8f6e60e0f188d378b407f9276225a
bf1030cd6698f0ee3cdbc8c6228a3ff2e0bd3c578ebeebc7dfb1f0fb41d00133
bf8c52fac4387f2c2892a116d6cd08de6c64061e88200df7ca256b1918db8a23
c118a7fdc7bd3c119ea381d7a453f2d6d8972228bf8c968f478ffed345a545d1
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c53879d513f7788d1efd1c2855c75b746416d2a3a7397f1a024b069d2190adc2
c73ef449cb85f7a0898f6447443b8caa54652092c26a8b188094537f6cf91180
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb621bc87b6dcb6416bfbc33fc8d11fc8fa8d72a8cf64fedfe071eea83901968
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d041bcba1767a29dfd3fafa43ae1d9499e3916e26161d69a18f15c579bc20f55
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d297ed5bc864561563c23526a7e616c5aa859c02eb00845dfae4439f83f09354
d29fc70c009998bb03e1b9d37a7df7796c49deea722c717e4231637113bed3d7
d2e105942480e6ee58080096f754e3a6a81dfd1039eac5a559e70687c4783ef0
d2e834faaffa0f78e07d8b1a2f1a6ab2855eae38e084659807d26cc7ffefbb44
d38fbdb6187f4f180361c4dd2003df5884795580876cc1387bdbc7c48b4396b3
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
daafa49c00ad71ec3477d7da2e14be1b14807f8d3178349239219e612e9dcecf
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc4d1be57bd9522ed6d89990d21a04c42491f9f3b522bc6624f6ee0c465ae698
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf99dd22e9e501cb0cbf359b98c05554c98c69b76b50f3a279c92137f9087d2
ddc1c6b0a09ff8a52117ea025adf47129f91823369f9c899cc2f3fcaf523591f
defdc955e936cb660fb097886c7e9629ff16d594d54d48621a30151c729c9a0a
e00dae9452cf6023e1b1eb9991a4f106fa01ad559dff02fd894a3fd9838180a4
e1d6d4ef3de197768bf26a1e8639dff63212cdffbcac49406f6bd4045790cc20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e6e911ca5ae5349773b4e6ac092d6399c837aced1c38bbc186f0bdf8babe87
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e77e31defbe42329d58c6e693a58ab172b65cc66a6050c425259466c29ee5932
e97172eeafae208c8e70f545468ab25a2e7b7f5590d6bc772b47532e5cf5760b
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5b36ccbdec33b7bce73a0ecd576dce20937cedf180223bd4eb52e5a8168a46
efa977023c6486f558af30e428480972817e39f602b5ac0307f1e64f5fad5e91
f1c79d105d05df2684fa4ccbd03d00a8258c11e1db815e6b7577aadf7e6edfe1
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f62c9a49d72d81de7f1a4ff8c4294eb63f60d1b14f4b6d86c64ad0e4781087ec
f837e34ead3df38437a99751739937715d9e7af680fd3c15f348227649bedb61
fa9d0382df6ffc1160364daa89169e6635cb1198d0ea46c5edbc483dba4f3024
faa9176f1e72f821d634cdba3537db7b771f7f2613a836532a437c7d967378ae