www.newsweek.com Open in urlscan Pro
75.2.53.74 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Submission: On March 14 via manual (March 14th 2021, 3:42:54 pm UTC) from US

Summary HTTP 185 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 73 IPs in 11 countries across 70 domains to perform 185 HTTP transactions. The main IP is 75.2.53.74, located in United States and belongs to AMAZON-02, US. The main domain is www.newsweek.com.
TLS certificate: Issued by Amazon on July 19th 2020. Valid for: a year.

This is the only time www.newsweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	75.2.53.74 75.2.53.74	16509 (AMAZON-02) (AMAZON-02)
27	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	35.244.220.155 35.244.220.155	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:fe00:8:bd4:5580:21	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:212... 2600:9000:2127:8600:11:2a6a:9480:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	65.9.95.127 65.9.95.127	16509 (AMAZON-02) (AMAZON-02)
1	35.186.195.222 35.186.195.222	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:bc00:c:b42a:3740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:7e00:16:f82a:8600:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:7400:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
2	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:958	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	13.226.159.26 13.226.159.26	16509 (AMAZON-02) (AMAZON-02)
2	13.32.21.37 13.32.21.37	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	35.190.36.172 35.190.36.172	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2013	15169 (GOOGLE) (GOOGLE)
2	54.174.156.197 54.174.156.197	14618 (AMAZON-AES) (AMAZON-AES)
1	54.162.255.214 54.162.255.214	14618 (AMAZON-AES) (AMAZON-AES)
3	151.101.12.176 151.101.12.176	54113 (FASTLY) (FASTLY)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 15	52.95.116.38 52.95.116.38	16509 (AMAZON-02) (AMAZON-02)
1 1	13.226.159.42 13.226.159.42	16509 (AMAZON-02) (AMAZON-02)
2 3	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
6 6	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 18	52.215.241.211 52.215.241.211	16509 (AMAZON-02) (AMAZON-02)
2 8	84.53.189.33 84.53.189.33	34164 (AKAMAI-LON) (AKAMAI-LON)
1 1	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
2 6	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	18.158.85.202 18.158.85.202	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
4 7	34.246.61.84 34.246.61.84	16509 (AMAZON-02) (AMAZON-02)
10 13	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	35.156.245.144 35.156.245.144	16509 (AMAZON-02) (AMAZON-02)
5 5	185.29.132.144 185.29.132.144	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 4	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	3.225.15.51 3.225.15.51	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	3.232.11.255 3.232.11.255	14618 (AMAZON-AES) (AMAZON-AES)
1	150.136.156.92 150.136.156.92	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3 3	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
4 4	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
3	84.53.188.235 84.53.188.235	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	202.241.208.100 202.241.208.100	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
4 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 2	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 2	18.195.240.234 18.195.240.234	16509 (AMAZON-02) (AMAZON-02)
1	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3039::6815:c00c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.49.193.31 52.49.193.31	16509 (AMAZON-02) (AMAZON-02)
1 1	52.45.55.28 52.45.55.28	14618 (AMAZON-AES) (AMAZON-AES)
4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.165 213.155.156.165	1299 (TELIANET ...) (TELIANET Telia Carrier)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	151.101.112.176 151.101.112.176	54113 (FASTLY) (FASTLY)
1	34.208.10.33 34.208.10.33	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.96.6 65.9.96.6	16509 (AMAZON-02) (AMAZON-02)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	52.7.13.99 52.7.13.99	14618 (AMAZON-AES) (AMAZON-AES)
185	73

1 75.2.53.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4fb2973ac9c49f88.awsglobalaccelerator.com

www.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

g.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gc.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.220.155 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 155.220.244.35.bc.googleusercontent.com

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:fe00:8:bd4:5580:21 (United States)

ASN16509 (AMAZON-02, US)

d275im4r3zngba.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2127:8600:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.95.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.195.222 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 222.195.186.35.bc.googleusercontent.com

query.fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:bc00:c:b42a:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:7e00:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:7400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.72.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:958 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-26.dus51.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.21.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-37.fra56.r.cloudfront.net

api-location-prd.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

recommendationengine.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.36.172 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 172.36.190.35.bc.googleusercontent.com

cdn.fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

geo.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.174.156.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-156-197.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.162.255.214 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-255-214.compute-1.amazonaws.com

stats.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

uploads.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.95.116.38 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.42 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-42.dus51.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.155.181 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.22 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.215.241.211 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 84.53.189.33 (Netherlands) 2 redirects

ASN34164 (AKAMAI-LON, NL)
PTR: a84-53-189-33.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.142 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

amazon-tam-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.85.202 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.24 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.246.61.84 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-61-84.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.162 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.245.144 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-245-144.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.29.132.144 (United Kingdom) 5 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.95 (United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.15.51 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-15-51.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (United Kingdom) 2 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.11.255 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-11-255.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.151 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.49 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 84.53.188.235 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a84-53-188-235.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.100 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.253.128.183 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.240.234 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c00c (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.193.31 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.55.28 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.10.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

83a2320f641d9553c39fcde4632932f8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.6 (United States)

ASN16509 (AMAZON-02, US)

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.13.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	newsweek.com www.newsweek.com g.newsweek.com d.newsweek.com gc.newsweek.com stats.newsweek.com	661 KB
19	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com Failed s.amazon-adsystem.com	42 KB
18	gumgum.com 1 redirects rtb.gumgum.com	5 KB
18	doubleclick.net 10 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	124 KB
13	pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com aud.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	35 KB
11	rubiconproject.com 4 redirects eus.rubiconproject.com token.rubiconproject.com pixel-eu.rubiconproject.com pixel.rubiconproject.com	16 KB
8	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	9 KB
8	adnxs.com 8 redirects ib.adnxs.com secure.adnxs.com	7 KB
7	googlesyndication.com 83a2320f641d9553c39fcde4632932f8.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	25 KB
7	adsrvr.org 4 redirects match.adsrvr.org	3 KB
6	lijit.com 1 redirects ap.lijit.com ce.lijit.com	6 KB
6	yahoo.com 4 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com	3 KB
6	openx.net 2 redirects u.openx.net us-u.openx.net eu-u.openx.net	2 KB
6	pelcro.com js.pelcro.com www.pelcro.com api-location-prd.pelcro.com uploads.pelcro.com	189 KB
6	privacymanager.io gdpr-wrapper.privacymanager.io gdpr.privacymanager.io geo.privacymanager.io	66 KB
5	mathtag.com 5 redirects sync.mathtag.com	3 KB
5	fqtag.com query.fqtag.com fqtag.com cdn.fqtag.com	181 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
4	stripe.com js.stripe.com m.stripe.com	59 KB
4	google-analytics.com www.google-analytics.com	20 KB
3	pushnami.com api.pushnami.com trc.pushnami.com	88 KB
3	outbrain.com 2 redirects sync.outbrain.com	981 B
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	adform.net 3 redirects c1.adform.net	1010 B
3	emxdgt.com 2 redirects cs.emxdgt.com	491 B
3	google.com www.google.com adservice.google.com	903 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	rlcdn.com ats.rlcdn.com geo.rlcdn.com id.rlcdn.com	60 KB
2	facebook.com www.facebook.com	344 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	facebook.net connect.facebook.net	93 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	992 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	simpli.fi 1 redirects um.simpli.fi	1 KB
2	tapad.com 2 redirects pixel.tapad.com	982 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	1 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	699 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	3lift.com 2 redirects eb2.3lift.com	744 B
2	chartbeat.net ping.chartbeat.net	337 B
2	google.de www.google.de	195 B
2	clean.gg i.clean.gg	104 B
2	bugsnag.com sessions.bugsnag.com	140 B
1	google.ch adservice.google.ch	799 B
1	stripe.network m.stripe.network	13 KB
1	zeotap.com mwzeom.zeotap.com	596 B
1	criteo.com dis.criteo.com	326 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	376 B
1	ad4m.at ad4m.at
1	exelator.com 1 redirects loadm.exelator.com	616 B
1	rfihub.com 1 redirects p.rfihub.com	745 B
1	socdm.com 1 redirects tg.socdm.com	836 B
1	contextweb.com 1 redirects bh.contextweb.com	658 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	585 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	technoratimedia.com sync.technoratimedia.com	294 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	614 B
1	quantserve.com 1 redirects pixel.quantserve.com	496 B
1	dotomi.com amazon-tam-match.dotomi.com
1	admanmedia.com 1 redirects cs.admanmedia.com	409 B
1	smaato.net 1 redirects s.ad.smaato.net	561 B
1	googleapis.com recommendationengine.googleapis.com	372 B
1	chartbeat.com static.chartbeat.com	14 KB
1	googletagmanager.com www.googletagmanager.com	57 KB
1	cloudfront.net d275im4r3zngba.cloudfront.net	37 KB
0	acuityplatform.com Failed ums.acuityplatform.com Failed
185	70

	Domain	Requested by
20	g.newsweek.com	www.newsweek.com
18	rtb.gumgum.com	1 redirects aax-eu.amazon-adsystem.com rtb.gumgum.com ads.pubmatic.com
15	aax-eu.amazon-adsystem.com	d275im4r3zngba.cloudfront.net aax-eu.amazon-adsystem.com u.openx.net rtb.gumgum.com ap.lijit.com ssum-sec.casalemedia.com eus.rubiconproject.com
13	cm.g.doubleclick.net	10 redirects u.openx.net rtb.gumgum.com eus.rubiconproject.com
7	match.adsrvr.org	4 redirects u.openx.net ssum-sec.casalemedia.com eus.rubiconproject.com
6	ib.adnxs.com	6 redirects
6	d.newsweek.com	www.newsweek.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	sync.mathtag.com	5 redirects
4	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
4	pixel.rubiconproject.com	eus.rubiconproject.com
4	ce.lijit.com	ap.lijit.com
4	token.rubiconproject.com	3 redirects eus.rubiconproject.com
4	sync-tm.everesttech.net	4 redirects
4	www.google-analytics.com	www.googletagmanager.com www.newsweek.com d275im4r3zngba.cloudfront.net www.google-analytics.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	tpc.googlesyndication.com	d275im4r3zngba.cloudfront.net
3	simage2.pubmatic.com	ads.pubmatic.com
3	ads.pubmatic.com	rtb.gumgum.com ads.pubmatic.com
3	pr-bh.ybp.yahoo.com	2 redirects ads.pubmatic.com
3	sync.outbrain.com	2 redirects rtb.gumgum.com
3	x.bidswitch.net	3 redirects
3	c1.adform.net	3 redirects
3	us-u.openx.net	1 redirects u.openx.net
3	ssum-sec.casalemedia.com	1 redirects aax-eu.amazon-adsystem.com ssum-sec.casalemedia.com
3	cs.emxdgt.com	2 redirects rtb.gumgum.com
3	js.stripe.com	d275im4r3zngba.cloudfront.net js.stripe.com
3	sb.scorecardresearch.com	1 redirects www.newsweek.com d275im4r3zngba.cloudfront.net
3	c.amazon-adsystem.com	www.newsweek.com c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	www.newsweek.com d275im4r3zngba.cloudfront.net securepubads.g.doubleclick.net
3	gdpr-wrapper.privacymanager.io	www.newsweek.com js.pelcro.com
2	trc.pushnami.com	js.pelcro.com
2	www.facebook.com	connect.facebook.net
2	sync.search.spotxchange.com	1 redirects
2	connect.facebook.net	d275im4r3zngba.cloudfront.net
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	pixel.tapad.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	sync.1rx.io	2 redirects
2	secure.adnxs.com	2 redirects
2	eb2.3lift.com	2 redirects
2	ap.lijit.com	1 redirects aax-eu.amazon-adsystem.com
2	ups.analytics.yahoo.com	2 redirects
2	eus.rubiconproject.com	aax-eu.amazon-adsystem.com eus.rubiconproject.com
2	u.openx.net	1 redirects aax-eu.amazon-adsystem.com
2	ping.chartbeat.net	www.newsweek.com
2	cdn.fqtag.com	d275im4r3zngba.cloudfront.net
2	api-location-prd.pelcro.com	js.pelcro.com
2	geo.privacymanager.io	js.pelcro.com
2	www.google.de	www.newsweek.com
2	www.google.com	www.newsweek.com
2	i.clean.gg	d275im4r3zngba.cloudfront.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	fqtag.com	www.newsweek.com d275im4r3zngba.cloudfront.net
2	sessions.bugsnag.com	js.pelcro.com
2	js.pelcro.com	www.newsweek.com d275im4r3zngba.cloudfront.net
1	api.pushnami.com	d275im4r3zngba.cloudfront.net
1	83a2320f641d9553c39fcde4632932f8.safeframe.googlesyndication.com	d275im4r3zngba.cloudfront.net
1	adservice.google.com	d275im4r3zngba.cloudfront.net
1	adservice.google.ch	d275im4r3zngba.cloudfront.net
1	m.stripe.com	m.stripe.network
1	m.stripe.network	js.stripe.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ads.yahoo.com	eus.rubiconproject.com
1	id.rlcdn.com	eus.rubiconproject.com
1	pixel-eu.rubiconproject.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	ad4m.at	ssum-sec.casalemedia.com
1	s.amazon-adsystem.com	ssum-sec.casalemedia.com
1	loadm.exelator.com	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	p.rfihub.com	1 redirects
1	tg.socdm.com	1 redirects
1	bh.contextweb.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	sync.technoratimedia.com	rtb.gumgum.com
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	eu-u.openx.net	u.openx.net
1	pixel.quantserve.com	1 redirects
1	amazon-tam-match.dotomi.com	aax-eu.amazon-adsystem.com
1	cs.admanmedia.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	uploads.pelcro.com	www.newsweek.com
1	stats.newsweek.com	d275im4r3zngba.cloudfront.net
1	geo.rlcdn.com	js.pelcro.com
1	gc.newsweek.com	d275im4r3zngba.cloudfront.net
1	recommendationengine.googleapis.com	www.newsweek.com
1	www.pelcro.com	js.pelcro.com
1	static.chartbeat.com	www.newsweek.com
1	gdpr.privacymanager.io	gdpr-wrapper.privacymanager.io
1	query.fqtag.com	www.newsweek.com
1	www.googletagmanager.com	www.newsweek.com
1	d275im4r3zngba.cloudfront.net	www.newsweek.com
1	ats.rlcdn.com	www.newsweek.com
1	www.newsweek.com
0	ums.acuityplatform.com Failed	ap.lijit.com
185	108

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.pinterest.com
reddit.com
flipboard.com
www.instagram.com
www.newsweekjapan.jp
www.newsweekpakistan.com
www.newsweek.pl
newsweek.ro

Subject Issuer	Validity	Valid
*.newsweek.com Amazon	`2020-07-19` - `2021-08-19`	a year	crt.sh
g.newsweek.com R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
d.newsweek.com R3	`2021-03-14` - `2021-06-12`	3 months	crt.sh
ats.rlcdn.com GTS CA 1D2	`2021-03-10` - `2021-06-08`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.privacymanager.io Amazon	`2020-10-24` - `2021-11-23`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.fqtag.com R3	`2021-01-29` - `2021-04-29`	3 months	crt.sh
*.pelcro.com Amazon	`2021-01-13` - `2022-02-10`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
i.clean.gg GTS CA 1D2	`2021-02-18` - `2021-05-19`	3 months	crt.sh
pelcro.com Sectigo RSA Extended Validation Secure Server CA	`2020-02-25` - `2022-02-18`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
gc.newsweek.com R3	`2021-01-16` - `2021-04-16`	3 months	crt.sh
geo.rlcdn.com GTS CA 1D2	`2021-02-23` - `2021-05-24`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
newsweek.com Amazon	`2020-12-29` - `2022-01-27`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-01-19` - `2021-05-04`	3 months	crt.sh
uploads.pelcro.com R3	`2021-01-31` - `2021-05-01`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-28` - `2021-04-13`	a month	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-20` - `2021-05-04`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.pushnami.com Amazon	`2020-05-16` - `2021-06-16`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh

This page contains 30 frames:

Primary Page: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Frame ID: 53A895F341269D2F8118D56DA8A55C00
Requests: 87 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Frame ID: 7CE3EA34B32E74A0D44D005C46B78184
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Frame ID: D9A42D879D86BD64F388FF2119938478
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: 188B5D739E293F22A9F7267FFA6086E1
Requests: 13 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Frame ID: 361CFAE2F659E4F8EC4D60EEFE0D759A
Requests: 10 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Frame ID: B6EAB256D0879E35E8DB852D25AA57F1
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: 4D06C77B0B6741A0070090ED5D3F3D6B
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=6701387527163652433&ex=districtm&gdpr=0
Frame ID: DBCFFE1FE65C1A7AD1893B68D929C45E
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
Frame ID: C1EA4511F451F73957141D4697487684
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Frame ID: D8F300D63740E847C2F8883CE9521CF2
Requests: 12 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-FVb_jJJE2uSsGbuZd0LebzmCVXHp88c-~A&&gdpr=0&gdpr_consent=
Frame ID: E254079FD5055781741E52665CFC8936
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=8491063217849233412&ex=appnexus.com&gdpr=0
Frame ID: 4DB6DEC25DAF66D9976B843985379995
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Frame ID: 2B4956F184F00103D58B53138135C499
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=9805433620687651842
Frame ID: CF9B5365AB1D016691224BC93A06A24D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=976e604e-2ee7-4c00-8b71-b7e2bc802428&gdpr=0&gdpr_consent=
Frame ID: 3C71A33FAA77BD16EB9B305A10190032
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YE4u5wAAAHo39Szr&gdpr=0&gdpr_consent=&_test=YE4u5wAAAHo39Szr
Frame ID: C5792244FDFEAA7FE5828E66BB1F99B9
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNTkxYmY3OS0wZDdmLTQ3NzAtOWNlMi0zOGJhOTNhODE1YTA=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: 3C67F8BF9AAEBF4BFAD498555915FD45
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 9212BCE6C23DF20BA68A5092B6A5D526
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=aca217e7-713d-4860-8c04-c6e5ef7aeaeb&t=1618328548
Frame ID: 40A064FC9BA03703240E7ED5B0F0AFE3
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 824C3BD8A575930FAC2113DDA5B94D44
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YE4u5sCo5ucAAGdZf0kAAAAA
Frame ID: 40899174B83C386E3C91805060B6EAFA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871878968389319537
Frame ID: CF49716F0432E03D302F836C7977290E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=ByghdfJMgIyvs3Iv0bBd&pi=gumgum&tc=1
Frame ID: A8C4544CC2CB49047773FDC2F8FD12A9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 093BF144A71A48DF933C24FB999A3637
Requests: 15 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4807741947464324308
Frame ID: 1C10F69BAE1459723145EBB3B7F83824
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: FC197407FFD0245A83D96CAC358A06A8
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=8DECD0E3-192E-4AF8-8F62-F2418279F144
Frame ID: 8667AC7802CF47D2FD627A6E1309907E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
Frame ID: 4395F3A0AD0772D5CFFD267885A3FFA8
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0C191BAE05880AF8D3B172336DD01662
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 2413278EF24D831E1FA154FC2F946C75
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

script /js\.stripe\.com/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /chartbeat\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

185
Requests

99 %
HTTPS

29 %
IPv6

70
Domains

108
Subdomains

73
IPs

11
Countries

1801 kB
Transfer

4872 kB
Size

61
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=The+Biggest+Little+CIA+Shop+You%27ve+Never+Heard+Of+https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.newsweek.com%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&title=The+Biggest+Little+CIA+Shop+You%27ve+Never+Heard+Of
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html&media=https://d.newsweek.com/en/full/242263/11-15-13-dl0241-spytalk.jpg&description=The%20Biggest%20Little%20CIA%20Shop%20You%27ve%20Never%20Heard%20Of
Title: Share on Pinterest

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html&title=The%20Biggest%20Little%20CIA%20Shop%20You%27ve%20Never%20Heard%20Of
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://flipboard.com/
Title: Share on Flipboard

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Newsweek

Search URL Search Domain Scan URL

URL: https://twitter.com/Newsweek

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newsweek/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/newsweek

Search URL Search Domain Scan URL

URL: https://www.newsweekjapan.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.newsweekpakistan.com/
Title: Pakistan

Search URL Search Domain Scan URL

URL: https://www.newsweek.pl/
Title: Polska

Search URL Search Domain Scan URL

URL: https://newsweek.ro/
Title: România

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1615736546928&ns_c=UTF-8&c8=The%20Biggest%20Little%20CIA%20Shop%20You%27ve%20Never%20Heard%20Of&c7=https%3A%2F%2Fwww.newsweek.com%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1615736546928&ns_c=UTF-8&c8=The%20Biggest%20Little%20CIA%20Shop%20You%27ve%20Never%20Heard%20Of&c7=https%3A%2F%2Fwww.newsweek.com%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&c9=&cs_ak_ss=1

Request Chain 68

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t

Request Chain 71

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=09a04e9d990c54360125

Request Chain 72

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID&gdpr=0 HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=6701387527163652433&redirect=https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&id=$EMXUID HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&uid=6701387527163652433brt153841615736548740191f1

Request Chain 74

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0 HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1

Request Chain 75

https://cs.admanmedia.com/sync/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dacuity.com%26id%3D%24UID&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451

Request Chain 76

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0 HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0

Request Chain 77

https://ib.adnxs.com/getuid?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid=%24UID&ex=districtm&gdpr=0 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Faax-eu.amazon-adsystem.com%252Fs%252Fecm3%253Fid%3D%2524UID%26ex%3Ddistrictm%26gdpr%3D0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=6701387527163652433&ex=districtm&gdpr=0

Request Chain 80

https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&gdpr=0&verify=true HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-FVb_jJJE2uSsGbuZd0LebzmCVXHp88c-~A&&gdpr=0&gdpr_consent=

Request Chain 81

https://ib.adnxs.com/getuid?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Faax-eu.amazon-adsystem.com%252Fs%252Fecm3%253Fid%3D%2524UID%26ex%3Dappnexus.com%26gdpr%3D0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=8491063217849233412&ex=appnexus.com&gdpr=0

Request Chain 82

https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 302
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1

Request Chain 83

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=9805433620687651842

Request Chain 88

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qHuafKwuyy2zKcx8r3mDfagty32zfMx_-yjOdsxk

Request Chain 89

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=473132295746010272

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmE2NmE4YWEtYWYwZC02MGE2LTc4NjUtMGRmMzFhZDk3YmM0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmE2NmE4YWEtYWYwZC02MGE2LTc4NjUtMGRmMzFhZDk3YmM0&google_tc=

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI-crscFu7_YZrH_It3UnYc&google_cver=1

Request Chain 94

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=6701387527163652433

Request Chain 95

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3D5a1dfa16-c54d-478f-bbdc-00709530c69d HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=c85c604e-2ee7-4b00-8628-f6ec57467b1f&expires=30&ssp=gumgum2&bsw_param=5a1dfa16-c54d-478f-bbdc-00709530c69d HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=5a1dfa16-c54d-478f-bbdc-00709530c69d

Request Chain 96

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28pv2kKI_ktHclAjiweSPS327rmcSRjMqCyN3WNGy-pbsu87RjME_hJ5hSSOi2yFcJ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28pv2kKI_ktHclAjiweSPS327rmcSRjMqCyN3WNGy-pbsu87RjME_hJ5hSSOi2yFcJ%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0&obuid=ENC(pv2kKI_ktHclAjiweSPS327rmcSRjMqCyN3WNGy-pbsu87RjME_hJ5hSSOi2yFcJ) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 97

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=6134df10-4e6f-0654-0afe-47a7186bb4e2

Request Chain 98

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-25fc37d9-ec82-4b7a-4b2a-792fc2eb2735$ip$185.156.175.107

Request Chain 99

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-_S2rVlFE2peDPUCU4IwQ8ime6nrilVEAcGci~A

Request Chain 100

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=e2293e9c-84db-11eb-8f6a-27ed24862891

Request Chain 102

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0

Request Chain 103

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3556731846 HTTP 302
https://sync.1rx.io/usersync/tradedesk/aca217e7-713d-4860-8c04-c6e5ef7aeaeb HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0a0de384-6dee-44b5-b199-4b8f0ac16b1b-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-0a0de384-6dee-44b5-b199-4b8f0ac16b1b-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-0a0de384-6dee-44b5-b199-4b8f0ac16b1b-003

Request Chain 104

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=IIbU3OswqnVb&ev=1&pid=558355

Request Chain 106

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=976e604e-2ee7-4c00-8b71-b7e2bc802428&gdpr=0&gdpr_consent=

Request Chain 107

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YE4u5wAAAHo39Szr HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YE4u5wAAAHo39Szr&gdpr=0&gdpr_consent=&_test=YE4u5wAAAHo39Szr

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNTkxYmY3OS0wZDdmLTQ3NzAtOWNlMi0zOGJhOTNhODE1YTA=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNTkxYmY3OS0wZDdmLTQ3NzAtOWNlMi0zOGJhOTNhODE1YTA=&gdpr=0&gdpr_consent=&google_tc=

Request Chain 110

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=aca217e7-713d-4860-8c04-c6e5ef7aeaeb&t=1618328548

Request Chain 112

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YE4u5sCo5ucAAGdZf0kAAAAA

Request Chain 113

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1871878968389319537

Request Chain 114

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=ByghdfJMgIyvs3Iv0bBd&pi=gumgum&tc=1

Request Chain 117

https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=12&3pid=8491063217849233412&gdpr=0&gdpr_consent=

Request Chain 118

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=a70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Da70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Da70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=a70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Da70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=a70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348&gdpr=0&gdpr_consent=

Request Chain 119

https://um.simpli.fi/lj_match?r=1615736548749&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=9CF079D2DEA34A688A5FB1AD9017AFDD

Request Chain 121

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=74584dbe-7f69-486b-89a1-dc04da28717a

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YE4u5L2FvUtuvwnpIqe83gAABGcAAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELRqDOGzuZjN29a0IV7GJus&google_cver=1

Request Chain 125

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YE4u5L2FvUtuvwnpIqe83gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPZQyOZWo8C8N2l7T8BWx9A&google_cver=1

Request Chain 126

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c3de604e-2ee7-4c00-9871-3696bceff400

Request Chain 128

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGqcE7AnF4AABGEglPhsg&expiration=1616946156

Request Chain 129

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1b6fc04d-1227-46bb-9083-b4315fc0896c&expiration=1647272552

Request Chain 131

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KM9BTO9G-1H-A6EK&ex=d-rubiconproject.com&status=ok&gdpr=0

Request Chain 132

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&_test=YE4u5wAAALE3_izr HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YE4u5wAAALE3_izr&gdpr=0&_test=YE4u5wAAALE3_izr

Request Chain 134

https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KM9BTO9G-1H-A6EK&sigv=1&esig=2~e0d6023fb7f65e1fcac8a16548f54d0f6e1e47b0&gdpr=0

Request Chain 135

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/JhOKQRH0JqjOKRGplVfvXMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3317896764532533564

Request Chain 136

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5c7f604e-2ee7-4300-9a94-7dce30235b15&gdpr=0&gdpr_consent=

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFBjtUUmj1Xsf2jGA0GaKyw&google_cver=1

Request Chain 139

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjZmYTI1NjQ5NTJiYjQ3YjhmYjg0NzhkYWVkYmQxOWY2OGNkZGQzYQ&gdpr=0

Request Chain 142

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4807741947464324308

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jezQ4xkuSviPYvJBgnnxRA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 147

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8DECD0E3-192E-4AF8-8F62-F2418279F144&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8DECD0E3-192E-4AF8-8F62-F2418279F144&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 148

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8DECD0E3-192E-4AF8-8F62-F2418279F144&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8DECD0E3-192E-4AF8-8F62-F2418279F144&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8DECD0E3-192E-4AF8-8F62-F2418279F144&addseg=31

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OERFQ0QwRTMtMTkyRS00QUY4LThGNjItRjI0MTgyNzlGMTQ0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELmFfonv1IKJ_tZP5Z3KEv0&google_cver=1

Request Chain 152

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=aca217e7-713d-4860-8c04-c6e5ef7aeaeb

Request Chain 153

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=473132295746010272

Request Chain 154

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7fc4604e-2ee7-4a00-b4e7-de2476d5bc01&gdpr=0&gdpr_consent=

Request Chain 155

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8491063217849233412&gdpr=0&gdpr_consent=

Request Chain 173

https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5 HTTP 302
https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=e6806ea6-84db-11eb-b428-124172222a06

185 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request biggest-little-cia-shop-youve-never-heard-243964.html Show response
www.newsweek.com/2013/11/15/ 240 KB
57 KB 335ms
116ms Document
text/html 75.2.53.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.53.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a4fb2973ac9c49f88.awsglobalaccelerator.com

Software

Resource Hash

d9f133d2974e2b2df4a05a2b289b7a502df5ec5423db4711950496131ab5b4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.newsweek.com
:scheme: https
:path: /2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-type: text/html; charset=UTF-8
content-length: 57593
cache-control: public, max-age=3600
vary: Accept-Encoding
content-encoding: gzip
x-b: V6.3-1 web2
age: 95
x-cache: hit cached
x-cache-hits: 3
x-forwarded-for: 185.156.175.107
x-ua-device: desktop
set-cookie: X-UA-Info=country|CH|state|ZH|city|Zurich|latitude|47.394000|longitude|8.445000|isp|M247 Ltd|ip|185.156.175.107|device|desktop|time|1615736547; path=/;
x-debug
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400; includeSubDomains
accept-ranges: bytes

GET
H2 200 playfairdisplay-regular.woff2
g.newsweek.com/www/fonts/ 55 KB
55 KB 90ms
30ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/fonts/playfairdisplay-regular.woff2

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

08ccf75fc213dc9d748377208991abb776c6f784a1afcfabfa30493345730e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Origin: https://www.newsweek.com
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Sun, 12 Jul 2020 04:02:03 GMT
server: Apache
etag: "1594526523"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds010.fr8.hn,1615736546.cds220.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 55971

GET
H2 200 robotocondensed-bold-webfont.woff2
g.newsweek.com/www/fonts/ 20 KB
20 KB 130ms
70ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/fonts/robotocondensed-bold-webfont.woff2

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Origin: https://www.newsweek.com
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 09:49:34 GMT
server: Apache
etag: "1613382574"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds010.fr8.hn,1615736546.cds126.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 20051

GET
H2 200 robotocondensed-regular-webfont.woff2
g.newsweek.com/www/fonts/ 20 KB
20 KB 124ms
64ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/fonts/robotocondensed-regular-webfont.woff2

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Origin: https://www.newsweek.com
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Wed, 23 Dec 2020 07:21:09 GMT
server: Apache
etag: "1608708069"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds010.fr8.hn,1615736546.cds252.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 20051

GET
H2 200 Genericons.woff2
g.newsweek.com/www/fonts/ 10 KB
11 KB 136ms
77ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/fonts/Genericons.woff2

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

ceea53e44ec565f4238f76684d3c16fe2c0806d7d0208678105d6f64320b8e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Origin: https://www.newsweek.com
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Sat, 20 Feb 2021 06:57:34 GMT
server: Apache
etag: "1613804254"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds010.fr8.hn,1615736546.cds254.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 10711

GET
H2 200 11-15-13-dl0241-spytalk.webp
d.newsweek.com/en/full/242263/ 156 KB
156 KB 97ms
33ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/242263/11-15-13-dl0241-spytalk.webp?w=1280&h=853&f=152e8dc3f5683b9b36dae11ac9374f8f

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

30b0be7c12d11fb91e451771e60c515d2711787a60d3c3e5f0001cfdb698ad93

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
last-modified: Sun, 14 Mar 2021 12:01:37 GMT
server: Apache
x-cacheable: YES
etag: "1615723297"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds013.fr8.hn,1615736546.cds107.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 159632

GET
H2 200 518ec47cf8245d54b92ff59a32c5dd83.js Show response
g.newsweek.com/sys/js/ 138 KB
43 KB 124ms
53ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/js/518ec47cf8245d54b92ff59a32c5dd83.js?v=1615703547

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

9a3e58d9a7f3a7d9dd09cbcbcbec533d2015c0efcc74d102ec38e72f416d3940

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 06:32:32 GMT
server: Apache
etag: "1615703552"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds103.fr8.hn,1615736546.cds097.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 43929

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 184 KB
60 KB 78ms
21ms Script
application/javascript 35.244.220.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.220.155 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 155.220.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3ee93068cc2e2f003f919830e1514eebfea447b9e72bec348e7d612ff09c2f57

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:37:13 GMT
content-encoding: gzip
age: 320713
x-guploader-uploadid: ABg5-Uwj023QZ4tB1xE-XNP3jHbg7vl5b-5FmZ8kXTcIXaeO2JVQnou1SzEdtvGoI7Oe5jfGji2P5eN6mBrlxopfDSc
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 60951
last-modified: Mon, 08 Mar 2021 09:08:13 GMT
server: UploadServer
etag: "453bdae55e72772be6cf9eeca9c66e90"
x-goog-hash: crc32c=UtxY/g==, md5=RTva5V5ydyvmz57sqcZukA==
x-goog-generation: 1615194493440577
cache-control: no-transform
x-goog-stored-content-length: 60951
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 10 Mar 2022 22:37:13 GMT

GET
H2 200 script.js Show response
d275im4r3zngba.cloudfront.net/ 110 KB
37 KB 55ms
18ms Script
application/javascript 2600:9000:2182:fe00:8:bd4:5580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d275im4r3zngba.cloudfront.net/script.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:fe00:8:bd4:5580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8be4f235e5e60934778e3d91ea274a5a2037318f885960ffeceaf3d37436c47

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:41:12 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 15:45:34 GMT
server: AmazonS3
age: 97
etag: W/"20933923e844c9e13158b8645cae9668"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: KPDG28ls8Itvu7jw83FReOP-YHJUkUN18nFtEXNmLJ06X8QogJ1WnA==

GET
H2 200 gdpr-liveramp.js Show response
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ 19 KB
7 KB 36ms
11ms Script
text/javascript 2600:9000:2127:8600:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/gdpr-liveramp.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2afe65bfb75dbdbd09069a2c99dd3290e7ecac17bb197dc3566e146f8c28fa96

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 13 Mar 2021 17:11:13 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 21:28:01 GMT
server: AmazonS3
age: 81074
etag: W/"430aece57ac2fdcd72a5fa9424ea01b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: wnMArFr4He_VYHKm.NKzpuyhowniWF3m
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
content-disposition: attachment; filename="gdpr-liveramp.js"
x-amz-cf-pop: PRG50-C1
content-type: text/javascript
x-amz-cf-id: 1fz-s7futMrDE4NuYVTYcHR_9WHVC-S61BFj3NLEuMH5X4T2Kk-Cow==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
57 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TVS8NW5

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b746a682f00c9be12c3a219cf7243dbc642d79fa5c39715172340aa330fba68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58019
x-xss-protection: 0
last-modified: Sun, 14 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Mar 2021 15:42:26 GMT

GET
H2 200 btf.css
g.newsweek.com/sys/css/ 4 KB
1 KB 87ms
34ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/btf.css?v=1615703547

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

5b191c0b8cd4fe9d3fa6a2c5fda524c9cb392f0ab959e924d7d9786b04953503

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 06:32:28 GMT
server: Apache
etag: "1615703548"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds103.fr8.hn,1615736546.cds016.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 1244

GET
H2 200 btf_article.css
g.newsweek.com/sys/css/ 37 KB
8 KB 102ms
48ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/btf_article.css?v=1615703547

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

074786a3de88278cafa18f3d3ed636d7fb9b84c18ec821d5bbe7684bfe2fe3d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 06:32:32 GMT
server: Apache
etag: "1615703552"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds103.fr8.hn,1615736546.cds207.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 7742

GET
H2 200 editor.css
g.newsweek.com/sys/css/ 22 KB
5 KB 90ms
37ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/editor.css?v=1615703547

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

bce4bf08bdc9a63708fd9a343ce3f3a7b2af8b2e4ad2f7606c4ab7021605fa4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 06:32:32 GMT
server: Apache
etag: "1615703552"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds103.fr8.hn,1615736546.cds103.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 4992

GET
H2 200 ibtg_slideshow_inline.css
g.newsweek.com/sys/css/ 515 B
353 B 90ms
37ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/ibtg_slideshow_inline.css?v=1615703547

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

e0abf6161bca7877c388d5d8093be5b94038841c03801660bdbab1388740b74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 06:39:34 GMT
server: Apache
etag: "1615703974"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds103.fr8.hn,1615736546.cds241.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 245

GET
H2 200 more_slideshows_inline.css
g.newsweek.com/sys/css/ 788 B
507 B 95ms
42ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/more_slideshows_inline.css?v=1615703547

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

fc6686761d3664feb55c6717335a43fcc4f9546505e3c1fd2d5c8bdb807b3b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 06:32:32 GMT
server: Apache
etag: "1615703552"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds103.fr8.hn,1615736546.cds161.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 412

GET
H2 200 nw_content_recirc_inline.css
g.newsweek.com/sys/css/ 3 KB
911 B 105ms
52ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/nw_content_recirc_inline.css?v=1615703547

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

67667d18ce7da590acbdbfcb307a1554bd6a1f69f1de6c38f369182f8c906636

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 06:39:34 GMT
server: Apache
etag: "1615703974"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds103.fr8.hn,1615736546.cds220.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 815

GET
H2 200 in_text_slideshows_inline.css
g.newsweek.com/sys/css/ 1 KB
527 B 95ms
42ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/in_text_slideshows_inline.css?v=1615703547

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

c829f9d67ab7851c5ce62820191525d4581aa26bc0a18f6cba0b5af2c7912dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 06:32:32 GMT
server: Apache
etag: "1615703552"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds103.fr8.hn,1615736546.cds257.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 431

GET
H2 200 prebid.js Show response
g.newsweek.com/www/js/ 451 KB
141 KB 120ms
76ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/js/prebid.js?v=4.30.0

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

560222045c7b6c7be49ca9cae80140636df5f0c37499fa42f515c5450ebf4f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 02:41:18 GMT
server: Apache
etag: "1615516878"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds103.fr8.hn,1615736546.cds269.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 144379

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 91ms
34ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

bd13bcebd033a7da9f05fb7aee59c546de17a7ad629dc26f4a02ac24ced1cda4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "811 / 215 of 1000 / last-modified: 1615590593"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19718
x-xss-protection: 0
expires: Sun, 14 Mar 2021 15:42:26 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 149ms
51ms Script
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:40:39 GMT
content-encoding: gzip
server: Server
age: 106
etag: d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e14614617e85116e937d5168b35a94df.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id: 1bAvcvBkhPMedVUur_FjbA4exxZOgDHU_jbgnhwchJKU3mRqyIklaQ==

GET
H2 200 b Show response
query.fqtag.com/ 82 B
163 B 82ms
36ms Script
text/plain 35.186.195.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.fqtag.com/b?org=YQwTNw4Muk9XFo4QH9JJ&sk=Wxsob0fAt4ZFyMO18SqG&callback=fq_callback&p=www.newsweek.com_article&a=article&cmp=none&cb=1615736546839&url=none&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.222 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 222.195.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
via: 1.1 google
alt-svc: clear
content-length: 82

GET
H2 200 main.min.js Show response
js.pelcro.com/sdk/ 254 KB
66 KB 38ms
9ms Script
text/javascript 2600:9000:211e:bc00:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/sdk/main.min.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:bc00:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a72c001fcf73fc087a7dffd420f3d3e714546d4c093df0afc174d876e1c9368b

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:58:33 GMT
content-encoding: br
last-modified: Fri, 05 Mar 2021 05:42:46 GMT
server: AmazonS3
age: 42238
etag: "c274c4ec617e711a2194e14199cd22c3"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 66739
x-amz-cf-id: _XQa077ANsffWsYbZ1heULE9O2widSWMCcE4IMaXCcWC9PbAoVc7vQ==

GET
H2 200 icon-search-glass.svg
g.newsweek.com/www/images/ 485 B
413 B 76ms
75ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/icon-search-glass.svg

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

62650fd33dce4209d2585176f5f4fcee4fb5abdeba5f3140bec1dd5f9abe043a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 09:49:41 GMT
server: Apache
etag: "1613382581"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds103.fr8.hn,1615736546.cds145.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 293

GET
H2 200 gdpr.bundle.js Show response
gdpr.privacymanager.io/1/ 174 KB
50 KB 55ms
14ms Script
application/x-javascript 2600:9000:2127:7e00:16:f82a:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Requested by: Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/gdpr-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:7e00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9320506172fa70da0a413c0826c1973fe60a3bb2076617c3c0459f0b45daf255

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AF4gVHORNtJ4QwyIw2RTBhME7rkeMLAo
content-encoding: gzip
etag: W/"936f1db70b2b363cfb3b1b97c1c61a2c"
last-modified: Tue, 09 Mar 2021 22:31:07 GMT
server: AmazonS3
age: 641
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
date: Sun, 14 Mar 2021 15:31:45 GMT
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: vUCYoN2VBdG5RZBByXreFWygm6DL14X4nz-DecM8RwKDtAOfyOoS2g==

GET
H2 200 83694e4b1e95c0ef591612ee7fe04d07.js Show response
g.newsweek.com/sys/js/ 68 KB
18 KB 81ms
79ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/js/83694e4b1e95c0ef591612ee7fe04d07.js?v=1615703547

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

08f02dc6c4a3a464ac5b5f8940ab6e3336af212ed448e27c5f4414394150bac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:26 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 06:32:32 GMT
server: Apache
etag: "1615703552"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736546.cds103.fr8.hn,1615736546.cds005.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 18591

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVS8NW5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 841
date: Sun, 14 Mar 2021 15:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 14 Mar 2021 17:28:25 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 37ms
10ms Script
application/x-javascript 2600:9000:2127:7400:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:7400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 53b6415b1677dad175c81c0eb4a847adf92497ba0e17426ba719ea1da278a170

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:17:44 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 02:13:48 GMT
server: nginx
age: 5082
etag: W/"604ace5c-8e8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 e3568b144ae2b93deb0c17907b662ac2.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: OV2oMqvxC9gYNNxDk4VuTd7DKHnlKU5M6bfgc7_Ix4Wx6W6XU4w4sQ==
expires: Sun, 14 Mar 2021 16:17:44 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1615736546928&ns_c=UTF-8&c8=The%20Biggest%20Little%20CIA%20Shop%20You%27ve%20Never%20Heard%20Of&c7=https%3A%2F%2Fwww.newsweek.com%2F2013%2F1...
https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1615736546928&ns_c=UTF-8&c8=The%20Biggest%20Little%20CIA%20Shop%20You%27ve%20Never%20Heard%20Of&c7=https%3A%2F%2Fwww.newsweek.com%2F2013%2F...

0
528 B

42ms
42ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1615736546928&ns_c=UTF-8&c8=The%20Biggest%20Little%20CIA%20Shop%20You%27ve%20Never%20Heard%20Of&c7=https%3A%2F%2Fwww.newsweek.com%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&c9=&cs_ak_ss=1
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:27 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1615736546928&ns_c=UTF-8&c8=The%20Biggest%20Little%20CIA%20Shop%20You%27ve%20Never%20Heard%20Of&c7=https%3A%2F%2Fwww.newsweek.com%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:27 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 158ms
143ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://www.newsweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Sun, 14 Mar 2021 15:42:27 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 147ms
146ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.newsweek.com/
Bugsnag-Sent-At: 2021-03-14T15:42:26.983Z
Bugsnag-Api-Key: 6a718baeb7a9a3b44b6047423cea023a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 14 Mar 2021 15:42:27 GMT
via: 1.1 google
bugsnag-session-uuid: 32ec8c31-b705-4121-933a-cda376a388c4
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 icon-arrow-right.svg
g.newsweek.com/www/images/ 328 B
357 B 39ms
39ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/icon-arrow-right.svg

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

ec21da6e960bab474158649800a3c87e315353d3de7e08442097d6feea9f2704

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
content-encoding: gzip
last-modified: Sun, 12 Jul 2020 00:21:29 GMT
server: Apache
etag: "1594513289"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736547.cds103.fr8.hn,1615736547.cds216.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 227

GET
H2 200 logo-n1.svg
g.newsweek.com/www/images/ 409 B
402 B 39ms
39ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/logo-n1.svg

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 09:49:29 GMT
server: Apache
etag: "1613382569"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736547.cds103.fr8.hn,1615736547.cds154.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 294

GET
H2 200 flipboard_srrw.png
g.newsweek.com/img/home/ 877 B
1015 B 41ms
41ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/img/home/flipboard_srrw.png

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

e4cf1c133b96419d7116640c9850740280ad5aed7e54b9749f7bb3211d6be4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 22:44:35 GMT
server: Apache
etag: "1606344275"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736547.cds103.fr8.hn,1615736547.cds266.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 900

GET
H2 200 implement-r.js Show response
fqtag.com/tag/ 2 KB
2 KB 74ms
35ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fqtag.com/tag/implement-r.js?org=YQwTNw4Muk9XFo4QH9JJ&p=www.newsweek.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

a5de670301880ef66e01ebaf7ca066482a5bc6a02c553675ee26ef0fe2b805a7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:27 GMT
via: 1.1 google
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1996
x-xss-protection: 0
expires: 0

GET
H2 200 free-sign-up.svg
g.newsweek.com/www/images/ 3 KB
1 KB 32ms
32ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/free-sign-up.svg

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 03:56:01 GMT
server: Apache
etag: "1614743761"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736547.cds103.fr8.hn,1615736547.cds135.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 1332

GET
H2 200 11-15-2013-lf0541-miareview.jpg
d.newsweek.com/en/full/242187/ 22 KB
22 KB 44ms
41ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/242187/11-15-2013-lf0541-miareview.jpg?w=397&h=265&f=d0ad560e833f6408de8469c4fe989dfa

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

45e13f937faa2a4a1e23c57e8da2dfb0b851e45a0dc699ce5abaef47612f08a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
last-modified: Sun, 14 Mar 2021 09:04:29 GMT
server: Apache
x-cacheable: YES
etag: "1615712669"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736547.cds013.fr8.hn,1615736547.cds018.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 22213

GET
H2 200 11-15-2013-lf0441-gadgetqueen.jpg
d.newsweek.com/en/full/242195/ 15 KB
15 KB 44ms
42ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/242195/11-15-2013-lf0441-gadgetqueen.jpg?w=397&h=265&f=74b825dbb2b9ab45ab3623b1512bb75a

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

81e97ff2b9c9f0d1546b4362243b0311f2aa5c6d9b979e53b6cf269fddddcd1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
last-modified: Wed, 17 Feb 2021 20:50:34 GMT
server: Apache
x-cacheable: YES
etag: "1613595034"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736547.cds013.fr8.hn,1615736547.cds015.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 15677

GET
H2 200 11-15-2013-nw0441-twonumbers.jpg
d.newsweek.com/en/full/242157/ 30 KB
30 KB 46ms
44ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/242157/11-15-2013-nw0441-twonumbers.jpg?w=397&h=265&f=1bf9a3da690e4b5002c28ad2cf0e02d6

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

62e1d7611e0567b5a98aca8f00674076275cccc8c0b13b5f4f702243d68f9d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
last-modified: Sun, 14 Mar 2021 09:04:29 GMT
server: Apache
x-cacheable: YES
etag: "1615712669"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736547.cds013.fr8.hn,1615736547.cds211.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 30339

GET
H2 200 11-15-13-nw0641-vitamins.jpg
d.newsweek.com/en/full/242165/ 23 KB
23 KB 48ms
47ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/242165/11-15-13-nw0641-vitamins.jpg?w=397&h=265&f=ed8dfb057999c5aa3fb4eeda5e016438

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

5a5f2210890eb6e0f3c84ade6a636d2e74d343330cd5f8302579e16f9d8c7ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
last-modified: Sun, 14 Mar 2021 09:04:29 GMT
server: Apache
x-cacheable: YES
etag: "1615712669"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736547.cds013.fr8.hn,1615736547.cds016.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 23205

GET
H2 200 11-15-2013-nw0241-polio.jpg
d.newsweek.com/en/full/242167/ 29 KB
29 KB 50ms
49ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/242167/11-15-2013-nw0241-polio.jpg?w=397&h=265&f=ce634641520717b4149a962a4d24bf49

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

af6c9dc658494cc0d18f5bf1cd1a476ce6527f1886a52d2667c53524b7b48b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
last-modified: Sun, 14 Mar 2021 09:04:29 GMT
server: Apache
x-cacheable: YES
etag: "1615712669"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736547.cds013.fr8.hn,1615736547.cds215.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 29394

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
170 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-44450862-1&cid=592281431.1615736547&jid=746816511&gjid=971333926&_gid=1527627656.1615736547&_u=YGBAgUABAAAAAE~&z=1124288172

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 14 Mar 2021 15:42:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=109013756&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsweek.com%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&ul=en-us&de=UTF-8&dt=The%20Biggest%20Little%20CIA%20Shop%20You%27ve%20Never%20Heard%20Of&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUAB~&jid=746816511&gjid=971333926&cid=592281431.1615736547&tid=UA-44450862-1&_gid=1527627656.1615736547&gtm=2wg330TVS8NW5&cd1=Jeff%20Stein&cd2=U.S.&cd3=&cd4=US&cd5=en&cd6=article&cd7=243964&cd8=20131114&cd9=201311&cd10=newsweek.com%2Fus%2Farticle&cd12=N&cd13=N&cd14=Y&cd15=N&cd17=n%2Fa&cd18=No&cd19=magazine&cd20=34&cd21=7&cd22=article&cd23=web&cd24=N&cd25=Politics%2C%20World%2C%20NSA%2C%20Business%2C%20Housing%2C%20Middle%20East%2C%20CIA&cd26=ndef&cd27=nonpromoted&cd30=Y&cd31=0&cd32=N&cd33=ndef&cd34=anon&cd35=1687&cd36=Direct&cd37=4g&cd38=web&z=1331045027

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Mar 2021 16:23:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83922
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 137ms
45ms XHR
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 70975
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 06 Mar 2021 01:32:40 GMT
server: AmazonS3
date: Sat, 13 Mar 2021 20:00:41 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a198ea04052d45eb515f27260bc6c05d.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: tWnTO7hRv58_yC1ZqubnPX3pKet7dAzWCFwkvzRaq5h4AMLO1mzrsw==

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 152ms
112ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newsweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Sun, 14 Mar 2021 15:42:27 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 114ms
114ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

GET
H2 200 site Show response
www.pelcro.com/api/v1/sdk/ 13 KB
3 KB 62ms
23ms XHR
application/json 2606:4700:10::6816:958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=1028&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b3fd54c22ab6b249fee63c213b856e010687600a69eee3c4792b3553b7371c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 588
content-type: application/json
content-length: 2376
cf-request-id: 08d3003fd800004ec874237000000001
x-ua-compatible: IE=edge
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PATCH,PUT,DELETE,OPTIONS
content-language: en
access-control-allow-origin: *
cache-control: no-cache, private, max-age=0
accept-ranges: bytes
cf-ray: 62fe9cac89824ec8-FRA
access-control-allow-headers: Authorization, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, X-PINGOTHER, Access-Control-Request-Method, Access-Control-Request-Headers, Cache-Control, X-Pelcro-Sdk-Version

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-44450862-1&cid=592281431.1615736547&jid=746816511&_u=YGBAgUABAAAAAE~&z=243006441

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-44450862-1&cid=592281431.1615736547&jid=746816511&_u=YGBAgUABAAAAAE~&z=243006441

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ Frame 0
0 31ms
10ms Preflight 2600:9000:2127:8600:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Protocol: H2
Server: 2600:9000:2127:8600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.newsweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Sat, 13 Mar 2021 17:11:09 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: iDHChZVZk6l13UPNUx5-VDe9rQUS59judeAKR7ROaNX1jRWkUEGWEQ==
age: 81079

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 166ms
109ms Preflight
application/json 13.226.159.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Server: 13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-26.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.newsweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sun, 14 Mar 2021 15:42:27 GMT
x-amzn-requestid: 81312960-0343-4f37-8d79-f9b8c964ef06
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: cLxDjHYtDoEFmdA=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront), 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1 DUS51-C1
x-cache: Miss from cloudfront
x-amz-cf-id: mgZ7CLFOJOQczG1gJ1r68toCDvTiGubfoE-vmyXauvDbM07huvRF1A==

GET
H2 200 vendor-list.json Show response
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ 50 KB
9 KB 11ms
11ms Fetch
application/json 2600:9000:2127:8600:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f23dc26cd225f1a3642350de898e441363eada09f0f2154d00037d3ab82cdb9c

Request headers

Accept: application/json
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-amz-version-id: _Nydbrse2.5GfPImpNk.0PMSTLkPaCju
content-encoding: gzip
etag: W/"40e6c03f18cc466ba2cc9642ccf6cadf"
age: 1818
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sat, 13 Mar 2021 17:10:11 GMT
server: AmazonS3
date: Sun, 14 Mar 2021 15:15:34 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: H2dIEUop5W2SR-NnCFVX3LIDcZ_oSnVt7SpbMbI2vCuGg-tkdfanbQ==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
604 B 29ms
28ms Fetch
application/json 13.226.159.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-26.dus51.r.cloudfront.net
Software: /
Resource Hash: e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab

Request headers

Accept: application/json
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Mar 2021 04:26:27 GMT
via: 1.1 10c4b217f06a5ef1c22d0afa78f63d92.cloudfront.net (CloudFront), 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
age: 40560
x-amzn-requestid: b5e32a66-dc4a-475a-9533-8bda33a4f2e4
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-604d9073-2f0b0aa45557c954327b8bb7;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: HAM50-C3, DUS51-C1
x-amz-apigw-id: cKOB_EPYDoEFaCA=
content-length: 30
x-amz-cf-id: UVPPLi7gO5Z5Kgyi-QJmhOeqxunfN_uqOIhNDRg0XN3AC3-QnxT1Ow==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
api-location-prd.pelcro.com/ Frame 0
0 374ms
295ms Preflight
application/json 13.32.21.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-location-prd.pelcro.com/
Protocol: H2
Server: 13.32.21.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-37.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Origin: https://www.newsweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sun, 14 Mar 2021 15:42:27 GMT
x-amzn-requestid: 78eceb92-33e5-4e8c-9329-bc118b3b4eb0
access-control-allow-origin: *
allow: GET
access-control-allow-headers: Authorization, Cache-Control, X-Pelcro-Sdk-Version
x-amz-apigw-id: cLxDlHqOoAMFTTA=
access-control-allow-methods: GET
x-cache: Miss from cloudfront
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Z_icuAxD8X9UFu-FHSLWufdavuBrCh1G0HIN2BQlrXNneM0qjHnafg==

GET
H2 200 / Show response
api-location-prd.pelcro.com/ 350 B
744 B 311ms
311ms XHR
application/json 13.32.21.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-location-prd.pelcro.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-37.fra56.r.cloudfront.net
Software: /
Resource Hash: dcf4dd4cbdfb12520e932335c26da045c866ba7d89dcfedd3eb7539eabc4186b

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.newsweek.com/
X-Pelcro-Sdk-Version: 2.4.28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:28 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 0d109727-ad71-44b8-a4d1-fc4ac7fcb6f9
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-604e2ee3-7f9a262a27b4f3426531265b;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: cLxDoFZYoAMFmow=
content-length: 350
x-amz-cf-id: vJAU0q9pc1kbffCOKzevmrco5shmlmbA32_V-aPDn7TwXgvuqGfuYg==

GET
H2 200 userEvents:collect
recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/ 7 B
372 B 74ms
40ms Image
image/gif 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/userEvents:collect?key=AIzaSyC941bziWOAfKYUryv4ZGBrZgm3nYWfyzE&uri=https%3A%2F%2Fwww.newsweek.com%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&user_event=%7B%22eventType%22%3A%22detail-page-view%22%2C%22userInfo%22%3A%7B%22visitorId%22%3A%22GA1.2.592281431.1615736547%22%7D%2C%22productEventDetail%22%3A%7B%22productDetails%22%3A%5B%7B%22id%22%3A%22243964%22%7D%5D%7D%7D&ets=1615736547387

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:27 GMT
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
vary: Origin, X-Origin, Referer
content-length: 7
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 check.svg
g.newsweek.com/www/images/ 171 B
266 B 34ms
34ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/check.svg

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

aa12b6968b55d509378d47dc26722bd22f3b62a5d85d11685817da0275601693

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
content-encoding: gzip
last-modified: Sun, 12 Jul 2020 13:32:30 GMT
server: Apache
etag: "1594560750"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736547.cds103.fr8.hn,1615736547.cds233.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 158

GET
H2 200 pixel.js Show response
cdn.fqtag.com/1.27.339-ccfb11a/ 88 KB
88 KB 65ms
20ms Script
application/javascript 35.190.36.172
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.36.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:08:12 GMT
age: 2055
x-guploader-uploadid: ABg5-UxK0TmxjWHwJUCi3Y1n89jRsrLXySY8ZmYVjfOUDJNdQE2cBJidZXnVhHDcB3GMFUFm3Yn9RyZ9426zyoXKWD3Cdtf2sQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89647
last-modified: Wed, 27 Jan 2021 19:48:44 GMT
server: UploadServer
etag: "e0eff30579598f76147c9ea12f490d21"
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
content-language: en
x-goog-generation: 1611776924905378
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 89647
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 14 Mar 2021 16:08:12 GMT

GET
H2 200 counter.js Show response
gc.newsweek.com/front/js/ 2 KB
1 KB 100ms
32ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://gc.newsweek.com/front/js/counter.js

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

fd90c74a256c879ce6d6774b6f837c13a0fc31a122dcc3352ab63f76191cbc11

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
content-encoding: gzip
last-modified: Sat, 10 Oct 2020 16:30:42 GMT
server: Apache
etag: "1602347442"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615736547.cds139.fr8.hn,1615736547.cds145.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 873

GET
H2 200 / Show response
geo.rlcdn.com/ 119 B
343 B 157ms
124ms Fetch
application/json 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.rlcdn.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: f6f4b4586d702093c9cc07e981206978d58633f46da7c721f46513d4dcc71b11

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
content-encoding: gzip
etag: W/"77-cXC7RsophzXiswRXM3nplIMkqBo"
server: Google Frontend
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 604d1e818d0f0ab37ee0059d9d4d04a1
cache-control: private
content-length: 129

GET
H3-Q050 200 pubads_impl_2021030901.js Show response
securepubads.g.doubleclick.net/gpt/ 283 KB
100 KB 80ms
48ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

51f6db1b46a265c22e6383ef24c9e7451e34feec809286a6ab221f4b61890c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 09:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102089
x-xss-protection: 0
expires: Sun, 14 Mar 2021 15:42:27 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 355ms
118ms Image
image/gif 54.174.156.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsweek.com&p=%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&u=BsEcQiZD4QvDS2IaC&d=newsweek.com&g=65968&g0=U.S.&g1=Jeff%20Stein&n=1&f=00001&c=0&x=0&m=0&y=11363&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1110&t=DUgMDtDyS8SzDgCgzFCMwtVxU1AZP&V=124&i=The%20Biggest%20Little%20CIA%20Shop%20You%27ve%20Never%20Heard%20Of&tz=-60&_acct=anon&sn=1&sv=CD62oSFc_qyBXsJZ4CWeFfsCIlHg7&sd=1&im=067b2ff0&_
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.156.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-156-197.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 article Show response
stats.newsweek.com/counter/ 14 B
476 B 405ms
124ms Script
text/html 54.162.255.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.newsweek.com/counter/article?ack=sys_callback&site_id=7&c_what=article&a_id=243964&r_id=59&c_id=105&c_url=&referer=&device=desktop&a_editor=1&c_country=CH&xz=5&c_uque=1&c_ruque=1&c_visits=1

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.255.214 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-255-214.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:28 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=25920000
strict-transport-security: max-age=86400; includeSubDomains
content-length: 34

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 189 B
551 B 287ms
287ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&pid=apHJzoFeyzI8T&cb=0&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right1%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22id%22%3A%22Newsweek_VideoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=0&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A500%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 7965d0bba0aaf68832eaf66a2a4ab25db51fead12495b837338e559fd3f70cca

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:27 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: PRG50-C1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.newsweek.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 173
via: 1.1 e14614617e85116e937d5168b35a94df.cloudfront.net (CloudFront)
x-amz-cf-id: iNqr-E77w1GVP7NHAMe_QV6qSD5enkC77nFwP0Is3jSQd-erWZu7HA==

GET iu3
aax-eu.amazon-adsystem.com/s/ 0
0

GET
H2 200 main.min.js Show response
js.pelcro.com/ui/plugin/newsweek/ 694 KB
112 KB 14ms
14ms Script
text/javascript 2600:9000:211e:bc00:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/ui/plugin/newsweek/main.min.js
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:bc00:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8304c4370f3c0694fadf3af1b943722fb21e278e8a30639d8d5a3f9ad1009d62

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 07:35:41 GMT
content-encoding: br
last-modified: Fri, 05 Mar 2021 06:15:25 GMT
server: AmazonS3
age: 46505
etag: "6b6eac342923d463ecdc8d25c3c7c434"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 114545
x-amz-cf-id: aoN_N0YvWkl63FzAWDp4zPETbw7AquQ6H7pvQoFv8wO6HpmwlRziEA==

GET
H2 200 / Show response
js.stripe.com/v3/ 216 KB
57 KB 131ms
25ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

25725c6695e6b93fe1745ddb31f126ebce718b1dceac834979dfeb40c39c7ef3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:28 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 80
via: 1.1 varnish
x-cache: HIT
content-length: 57443
x-amz-id-2: +HLP2Cey/0L7BD0QkFFPMPeoePebC2QgXVksyyrNfspJA/EjA8eAYhsBV6jiDCZrdqj6vXgqf+E=
x-served-by: cache-fra19143-FRA
timing-allow-origin: *
last-modified: Fri, 12 Mar 2021 19:40:12 GMT
server: AmazonS3
etag: "69d98e45fe79bd6ac9ef9f4b5e44352a"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: NRTJC2CBHC04E72Z
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 55

GET
H3-Q050 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
817 B 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:44:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3493
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
expires: Sun, 14 Mar 2021 15:44:15 GMT

GET
H2 200 1028-1590365569.png
uploads.pelcro.com/images/site/logo/ 7 KB
8 KB 30ms
6ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.pelcro.com/images/site/logo/1028-1590365569.png
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 26afa415e1221eefb1b5aeac203c50935a2fb77ad77589f509d90202cc617c6d

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:28 GMT
last-modified: Mon, 25 May 2020 00:12:51 GMT
server: keycdn-engine
x-amz-request-id: C9FE89E4BFB325DA
x-edge-location: defr
etag: "4c7eb5b8728731b18c9f2043dd25b97b"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://pelcro-uploads.s3-website-us-east-1.amazonaws.com/images/site/logo/1028-1590365569.png>; rel="canonical"
content-length: 7383
x-amz-id-2: ecYmbrhPDewz8PunEQi1hEzn/S2fpJIL07HiEr9DWlrleP0pA+2NZFcbUwIufBhoPlV4H8n+4W4=
expires: Sun, 21 Mar 2021 15:42:28 GMT

GET
H/1.1

200
OK

Cookie set iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 7CE3
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t

311 B
975 B

214ms
214ms

Document
text/html

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: ce15f97bb2c4ce6a22d35084921623bfb15980e3c3c4dfdd04d3885863c79f99

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newsweek.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7gRRiGnjEklsd4_3nc3Ers|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

Server: Server
Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 238
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A7gRRiGnjEklsd4_3nc3Ers; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 15:42:28 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 15:42:28 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Set-Cookie: ad-id=A7gRRiGnjEklsd4_3nc3Ers|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 15:42:28 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H/1.1 200
OK pr Show response
aax-eu.amazon-adsystem.com/s/v3/ Frame D9A4 3 KB
1 KB 49ms
49ms Document
text/html 52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 25a9e9e69723ed52a992b45e67a974f49f3135d456db4138f77c822e32d2924e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7gRRiGnjEklsd4_3nc3Ers; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t

Response headers

Server: Server
Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 730
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=109013756&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.newsweek.com%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&ul=en-us&de=UTF-8&dt=The%20Biggest%20Little%20CIA%20Shop%20You%27ve%20Never%20Heard%20Of&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=article_meter&ea=meter_visible&el=non_metered_article&_u=aGDAAUIRAAAAAG~&jid=1150323825&gjid=1100503586&cid=592281431.1615736547&tid=UA-44450862-1&_gid=1527627656.1615736547&_r=1&gtm=2wg330TVS8NW5&cd1=Jeff%20Stein&cd2=U.S.&cd3=&cd4=US&cd5=en&cd6=article&cd7=243964&cd8=20131114&cd9=201311&cd10=newsweek.com%2Fus%2Farticle&cd12=N&cd13=N&cd14=Y&cd15=N&cd17=n%2Fa&cd18=No&cd19=magazine&cd20=34&cd21=7&cd22=article&cd23=web&cd24=N&cd25=Politics%2C%20World%2C%20NSA%2C%20Business%2C%20Housing%2C%20Middle%20East%2C%20CIA&cd26=Y&cd27=nonpromoted&cd30=Y&cd31=0&cd32=N&cd33=ndef&cd34=anon&cd35=1687&cd36=Direct&cd37=4g&cd38=web&z=2076527804

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame D9A4
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=09a04e9d990c54360125

43 B
344 B

50ms
50ms

Image
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=09a04e9d990c54360125
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:28 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 14 Mar 2021 15:42:28 GMT
via: 1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-C1
x-cache: LambdaGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=09a04e9d990c54360125
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 2T4_fDl3Qkvr9I38D-CgGV-yVR9ejuMj_qt3V2K5exNyGyhpb-cEdw==

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame D9A4
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID&gdpr=0
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID
https://cs.emxdgt.com/umcheck?apnxid=6701387527163652433&redirect=https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&id=$EMXUID
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&uid=6701387527163652433brt153841615736548740191f1

43 B
344 B

74ms
49ms

Image
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&uid=6701387527163652433brt153841615736548740191f1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:28 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&uid=6701387527163652433brt153841615736548740191f1
date: Sun, 14 Mar 2021 15:42:28 GMT
content-length: 0
content-type: text/html

GET
H2 200 amzns2s Show response
rtb.gumgum.com/usync/ Frame 188B 3 KB
1 KB 139ms
46ms Document
text/html 52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f260045ded0720c98c43d78b181249ffdfa8e43ca0ec74c8ec9db8e3c33f4363

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:28 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0; Domain=.gumgum.com; Expires=Mon, 14-Mar-2022 15:42:28 GMT; Path=/; Secure; SameSite=None
etag: W/"02403f488ecfb01bc9531e22c078187d7"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 361C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1

2 KB
3 KB

78ms
77ms

Document
text/html

84.53.189.33
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.33 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-33.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 21497b26cc92878a4b01230de35cba708156507f633be1593a7cb15868416897

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YE4u5L2FvUtuvwnpIqe83gAA; CMPS=3202
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|241|45|3|5|130|8
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1606
Expires: Sun, 14 Mar 2021 15:42:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:28 GMT
Connection: keep-alive
Set-Cookie: CMID=YE4u5L2FvUtuvwnpIqe83gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Mar 2022 15:42:28 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 12 Jun 2021 15:42:28 GMT CMPRO=1127;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 12 Jun 2021 15:42:28 GMT CMST=YE4u5GBOLuQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Mar 2021 15:42:28 GMT CMRUM3=05604e2ee405a0&e6604e2ee427600&f1604e2ee405a00&03604e2ee405a0&82604e2ee4a8c0&08604e2ee405a00&2d604e2ee405a0&27604e2ee40b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Mar 2022 15:42:28 GMT

Redirect headers

Server: Apache
Content-Length: 344
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sun, 14 Mar 2021 15:42:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:28 GMT
Connection: keep-alive
Set-Cookie: CMID=YE4u5L2FvUtuvwnpIqe83gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Mar 2022 15:42:28 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 12 Jun 2021 15:42:28 GMT

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame B6EA
Redirect Chain

https://cs.admanmedia.com/sync/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dacuity.com%26id%3D%24UID&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451

43 B
344 B

51ms
51ms

Document
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7gRRiGnjEklsd4_3nc3Ers; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

Server: nginx
Date: Sun, 14 Mar 2021 15:42:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: admtr=0c71ed9c9c68ee4f9bd9c101ca551552239b6451; path=/; domain=.admanmedia.com; expires=Mon, 14 Mar 2022 15:42:28 GMT; max-age=31536000 ;SameSite=None; Secure
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame 4D06
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...

635 B
726 B

34ms
34ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 9b510ecb7ce18c99063a5ef0532bddc4f767a0ef0f3f39291a4ca52ae1048615

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=45a54439-cffd-01f5-3753-9fa2b41c8659|1615736548
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=45a54439-cffd-01f5-3753-9fa2b41c8659|1615736548; Version=1; Expires=Mon, 14-Mar-2022 15:42:28 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1615736548|gen0vNiygu; Version=1; Expires=Mon, 29-Mar-2021 15:42:28 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.202.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 14 Mar 2021 15:42:28 GMT
content-type: text/html
content-length: 393
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=45a54439-cffd-01f5-3753-9fa2b41c8659|1615736548; Version=1; Expires=Mon, 14-Mar-2022 15:42:28 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.202.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
date: Sun, 14 Mar 2021 15:42:28 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame DBCF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid=%24UID&ex=districtm&gdpr=0
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Faax-eu.amazon-adsystem.com%252Fs%252Fecm3%253Fid%3D%2524UID%26ex%3Ddistrictm%26gdpr%3D0
https://aax-eu.amazon-adsystem.com/s/ecm3?id=6701387527163652433&ex=districtm&gdpr=0

43 B
344 B

129ms
51ms

Document
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=6701387527163652433&ex=districtm&gdpr=0
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7gRRiGnjEklsd4_3nc3Ers; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

Server: nginx/1.17.9
Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=6701387527163652433&ex=districtm&gdpr=0
AN-X-Request-Uuid: 6c09de25-5153-48d1-b6b4-9170c4aa8491
Set-Cookie: uuid2=6701387527163652433; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 12-Jun-2021 15:42:28 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.28:80

GET
H2 204 current
amazon-tam-match.dotomi.com/match/bounce/ Frame C1EA 0
0 122ms
66ms Document
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: amazon-tam-match.dotomi.com
:scheme: https
:path: /match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sun, 14 Mar 2021 15:42:28 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D8F3 281 B
554 B 126ms
47ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 14 Mar 2021 15:42:28 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame E254
Redirect Chain

https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&gdpr=0
https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&gdpr=0&verify=true
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-FVb_jJJE2uSsGbuZd0LebzmCVXHp88c-~A&&gdpr=0&gdpr_consent=

43 B
344 B

133ms
49ms

Document
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-FVb_jJJE2uSsGbuZd0LebzmCVXHp88c-~A&&gdpr=0&gdpr_consent=
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7gRRiGnjEklsd4_3nc3Ers; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Length: 0
Strict-Transport-Security: max-age=31536000
Set-Cookie: IDSYNC=18y4~1wzr;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Tue, 15-Mar-2022 15:42:28 GMT;Secure;SameSite=None A3=d=AQABBOQuTmACEPgASEXmu1cSbe2xhAd3IY8FEgEBAQGAT2BYYAAAAAAA_SMAAA&S=AQAAAhYKW61LuBMozJoL2ztdrEY; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=8u8bn0tg4sbn4&b=3&s=a8; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-FVb_jJJE2uSsGbuZd0LebzmCVXHp88c-~A&&gdpr=0&gdpr_consent=
Age: 0
Connection: keep-alive
Server: ATS/7.1.2.128

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 4DB6
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Faax-eu.amazon-adsystem.com%252Fs%252Fecm3%253Fid%3D%2524UID%26ex%3Dappnexus.com%26gdpr%3D0
https://aax-eu.amazon-adsystem.com/s/ecm3?id=8491063217849233412&ex=appnexus.com&gdpr=0

43 B
344 B

111ms
52ms

Document
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=8491063217849233412&ex=appnexus.com&gdpr=0
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7gRRiGnjEklsd4_3nc3Ers; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

Server: nginx/1.17.9
Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=8491063217849233412&ex=appnexus.com&gdpr=0
AN-X-Request-Uuid: 9c24d727-7f27-4be1-a1aa-300f9b781d70
Set-Cookie: uuid2=8491063217849233412; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 12-Jun-2021 15:42:28 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.26:80

GET
H/1.1

200
OK

Cookie set amazon Show response
ap.lijit.com/beacon/ Frame 2B49
Redirect Chain

https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1

1 KB
1 KB

43ms
43ms

Document
text/html

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b02cc80eab3cb114e5887a63ee67cce84f1f168865e093ccb57784c248461658

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=968100e137ee244ee5308581
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJyrVjI0U7IyNDM0szQxMzSx0FEyQuWaoUlbmKPyDVHU1wIAjR8QPA%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 14-Mar-2022 15:42:28 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=968100e137ee244ee5308581;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap3ams1

Redirect headers

Server: nginx
Date: Sun, 14 Mar 2021 15:42:26 GMT
Content-Length: 0
Set-Cookie: ljt_reader=968100e137ee244ee5308581;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap3ams1

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame CF9B
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=9805433620687651842

43 B
344 B

95ms
50ms

Document
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=9805433620687651842
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7gRRiGnjEklsd4_3nc3Ers; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

date: Sun, 14 Mar 2021 15:42:28 GMT
content-length: 0
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=9805433620687651842
set-cookie: tluid=9805433620687651842; Max-Age=7776000; Expires=Sat, 12 Jun 2021 15:42:28 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-44450862-1&cid=592281431.1615736547&jid=1150323825&gjid=1100503586&_gid=1527627656.1615736547&_u=aGDAAUIRAAAAAG~&z=1387436719

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 14 Mar 2021 15:42:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 57ms
43ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-44450862-1&cid=592281431.1615736547&jid=1150323825&_u=aGDAAUIRAAAAAG~&z=1284868031

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
88 B 32ms
31ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-44450862-1&cid=592281431.1615736547&jid=1150323825&_u=aGDAAUIRAAAAAG~&z=1284868031

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4D06 43 B
344 B 150ms
53ms Image
image/gif 52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=cedf071d-7ad0-85f8-ad8b-d5ddb8087e44&gdpr=0
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:28 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4D06
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qHuafKwuyy2zKcx8r3mDfagty32zfMx_-yjOdsxk

43 B
163 B

35ms
35ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qHuafKwuyy2zKcx8r3mDfagty32zfMx_-yjOdsxk
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qHuafKwuyy2zKcx8r3mDfagty32zfMx_-yjOdsxk
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 4D06
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=473132295746010272

43 B
97 B

43ms
42ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=473132295746010272
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=473132295746010272
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 4D06 70 B
264 B 144ms
47ms Image
image/gif 34.246.61.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=96097b60-667a-3e02-6d85-574ad03bb5a4&gdpr=0
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.61.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-61-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 4D06
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmE2NmE4YWEtYWYwZC02MGE2LTc4NjUtMGRmMzFhZDk3YmM0
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmE2NmE4YWEtYWYwZC02MGE2LTc4NjUtMGRmMzFhZDk3YmM0&google_tc=

170 B
190 B

81ms
49ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmE2NmE4YWEtYWYwZC02MGE2LTc4NjUtMGRmMzFhZDk3YmM0&google_tc=

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmE2NmE4YWEtYWYwZC02MGE2LTc4NjUtMGRmMzFhZDk3YmM0&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4D06
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI-crscFu7_YZrH_It3UnYc&google_cver=1

43 B
106 B

42ms
41ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI-crscFu7_YZrH_It3UnYc&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI-crscFu7_YZrH_It3UnYc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D8F3 31 KB
10 KB 41ms
40ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e01b2c94a979c7f73e27503991c0087ddd4e3dc9b6920cae31ba9308db24bb9e

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16479
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9439
Expires: Sun, 14 Mar 2021 20:17:07 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 188B
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=6701387527163652433

35 B
237 B

51ms
51ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=6701387527163652433
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:28 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.59:80
AN-X-Request-Uuid: 396ff761-6d63-4638-be32-293286e8dcdd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=6701387527163652433
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 188B
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0&gdpr=0&gdpr_consent=&us_privacy=
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3D5a1dfa16-c54d-478f-bbdc-00709530c69d
https://x.bidswitch.net/sync?dsp_id=80&user_id=c85c604e-2ee7-4b00-8628-f6ec57467b1f&expires=30&ssp=gumgum2&bsw_param=5a1dfa16-c54d-478f-bbdc-00709530c69d
https://rtb.gumgum.com/usersync?b=bsw&i=5a1dfa16-c54d-478f-bbdc-00709530c69d

35 B
237 B

52ms
51ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=5a1dfa16-c54d-478f-bbdc-00709530c69d
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:31 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: //rtb.gumgum.com/usersync?b=bsw&i=5a1dfa16-c54d-478f-bbdc-00709530c69d
date: Sun, 14 Mar 2021 15:42:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

syncPartner
sync.outbrain.com/ Frame 188B
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28pv2kKI_ktHclAjiweSPS327rmcSRjMqCyN3WNGy-pbsu87RjME_hJ5hSSOi2yFcJ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0&obuid=ENC(pv2kKI_ktHclAjiweSPS327rmcSRjMqCyN3WNGy-pbsu87RjME_hJ5hSSOi2yFcJ)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

113ms
113ms

Image
text/plain

64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:29 GMT
Cache-Control: no-cache
X-TraceId: 3d8cd2bd816738a462c05b72fc0388ab
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Sun, 14 Mar 2021 15:42:29 GMT
X-TraceId: b7be49ab5182c8c0d1e5b1eb9a25f9b2
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 188B
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=6134df10-4e6f-0654-0afe-47a7186bb4e2

35 B
237 B

54ms
54ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=6134df10-4e6f-0654-0afe-47a7186bb4e2
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sun, 14 Mar 2021 15:42:28 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=6134df10-4e6f-0654-0afe-47a7186bb4e2
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame 188B
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-25fc37d9-ec82-4b7a-4b2a-792fc2eb2735$ip$185.156.175.107

35 B
237 B

58ms
58ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-25fc37d9-ec82-4b7a-4b2a-792fc2eb2735$ip$185.156.175.107
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:29 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-25fc37d9-ec82-4b7a-4b2a-792fc2eb2735$ip$185.156.175.107
Date: Sun, 14 Mar 2021 15:42:29 GMT
Connection: keep-alive
Content-Length: 124
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 188B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-_S2rVlFE2peDPUCU4IwQ8ime6nrilVEAcGci~A

35 B
237 B

53ms
52ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-_S2rVlFE2peDPUCU4IwQ8ime6nrilVEAcGci~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sun, 14 Mar 2021 15:42:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-_S2rVlFE2peDPUCU4IwQ8ime6nrilVEAcGci~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 188B
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
https://rtb.gumgum.com/usersync?b=vnt&i=e2293e9c-84db-11eb-8f6a-27ed24862891

35 B
237 B

57ms
56ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=e2293e9c-84db-11eb-8f6a-27ed24862891
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:29 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=e2293e9c-84db-11eb-8f6a-27ed24862891
Date: Sun, 14 Mar 2021 15:42:28 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: e2293e9d-84db-11eb-8f6a-27ed24862891

GET
H2 204 services
sync.technoratimedia.com/ Frame 188B 0
294 B 349ms
114ms Image
text/plain 150.136.156.92
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:29 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 565182468
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true

GET
H2

200

usersync
rtb.gumgum.com/ Frame 188B
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0

35 B
237 B

48ms
48ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:29 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 78
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 188B
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3556731846
https://sync.1rx.io/usersync/tradedesk/aca217e7-713d-4860-8c04-c6e5ef7aeaeb
https://sync.targeting.unrulymedia.com/csync/RX-0a0de384-6dee-44b5-b199-4b8f0ac16b1b-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-0a0de384-6dee-44b5-b199-4b8f0ac16b1b-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-0a0de384-6dee-44b5-b199-4b8f0ac16b1b-003

35 B
237 B

56ms
56ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-0a0de384-6dee-44b5-b199-4b8f0ac16b1b-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:30 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Date: Sun, 14 Mar 2021 15:42:30 GMT
Server: Tengine
ETag: RX0a0de3846dee44b5b1994b8f0ac16b1b003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-0a0de384-6dee-44b5-b199-4b8f0ac16b1b-003
Connection: keep-alive
Content-Type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame 188B
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=IIbU3OswqnVb&ev=1&pid=558355

35 B
237 B

52ms
52ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=IIbU3OswqnVb&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:29 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=IIbU3OswqnVb&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-568ff9c7d-jh48z
expires: -1

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 188B 43 B
344 B 52ms
51ms Image
image/gif 52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:28 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 3C71
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=976e604e-2ee7-4c00-8b71-b7e2bc802428&gdpr=0&gdpr_consent=

35 B
237 B

52ms
52ms

Document
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=976e604e-2ee7-4c00-8b71-b7e2bc802428&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=976e604e-2ee7-4c00-8b71-b7e2bc802428&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 14 Mar 2021 15:42:31 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 14 Mar 2021 15:42:31 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
set-cookie: uuid=976e604e-2ee7-4c00-8b71-b7e2bc802428; domain=.mathtag.com; path=/; expires=Mon, 11-Apr-2022 15:42:31 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=976e604e-2ee7-4c00-8b71-b7e2bc802428&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 3611 f10363c master zrh-pixel-x14
Expires: Sun, 14 Mar 2021 15:42:30 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame C579
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YE4u5wAAAHo39Szr
https://rtb.gumgum.com/usersync?b=atm&i=YE4u5wAAAHo39Szr&gdpr=0&gdpr_consent=&_test=YE4u5wAAAHo39Szr

35 B
237 B

52ms
51ms

Document
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YE4u5wAAAHo39Szr&gdpr=0&gdpr_consent=&_test=YE4u5wAAAHo39Szr
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YE4u5wAAAHo39Szr&gdpr=0&gdpr_consent=&_test=YE4u5wAAAHo39Szr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 14 Mar 2021 15:42:32 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YE4u5wAAAHo39Szr&gdpr=0&gdpr_consent=&_test=YE4u5wAAAHo39Szr
accept-ranges: bytes
date: Sun, 14 Mar 2021 15:42:32 GMT
via: 1.1 varnish
x-served-by: cache-fra19139-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1615736552.008854,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-Q050

200

pixel Show response
cm.g.doubleclick.net/ Frame 3C67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNTkxYmY3OS0wZDdmLTQ3NzAtOWNlMi0zOGJhOTNhODE1YTA=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNTkxYmY3OS0wZDdmLTQ3NzAtOWNlMi0zOGJhOTNhODE1YTA=&gdpr=0&gdpr_consent=&google_tc=

170 B
484 B

81ms
48ms

Document
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNTkxYmY3OS0wZDdmLTQ3NzAtOWNlMi0zOGJhOTNhODE1YTA=&gdpr=0&gdpr_consent=&google_tc=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV8zNTkxYmY3OS0wZDdmLTQ3NzAtOWNlMi0zOGJhOTNhODE1YTA=&gdpr=0&gdpr_consent=&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Sun, 14 Mar 2021 15:42:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNTkxYmY3OS0wZDdmLTQ3NzAtOWNlMi0zOGJhOTNhODE1YTA=&gdpr=0&gdpr_consent=&google_tc=
date: Sun, 14 Mar 2021 15:42:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 364
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 14-Mar-2021 15:57:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9212 8 KB
3 KB 1408ms
43ms Document
text/html 84.53.188.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.188.235 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a84-53-188-235.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=43210
Expires: Mon, 15 Mar 2021 03:42:40 GMT
Date: Sun, 14 Mar 2021 15:42:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 40A0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=aca217e7-713d-4860-8c04-c6e5ef7aeaeb&t=1618328548

35 B
237 B

51ms
51ms

Document
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=aca217e7-713d-4860-8c04-c6e5ef7aeaeb&t=1618328548
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=aca217e7-713d-4860-8c04-c6e5ef7aeaeb&t=1618328548
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 14 Mar 2021 15:42:28 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sun, 14 Mar 2021 15:42:28 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=aca217e7-713d-4860-8c04-c6e5ef7aeaeb&t=1618328548
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=aca217e7-713d-4860-8c04-c6e5ef7aeaeb; domain=.adsrvr.org; expires=Mon, 14-Mar-2022 15:42:28 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwiAg-WU0MKzORAFOAE.; domain=.adsrvr.org; expires=Mon, 14-Mar-2022 15:42:28 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 824C 0
0 24ms
24ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: euid=153841615736548740191f1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Sun, 14 Mar 2021 15:42:28 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 4089
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YE4u5sCo5ucAAGdZf0kAAAAA

35 B
237 B

52ms
52ms

Document
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YE4u5sCo5ucAAGdZf0kAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YE4u5sCo5ucAAGdZf0kAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 14 Mar 2021 15:42:30 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Sun, 14 Mar 2021 15:42:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YE4u5sCo5ucAAGdZf0kAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie: SOC=YE4u5sCo5ucAAGdZf0kAAAAA; path=/; expires=Tue, 14-Mar-23 15:42:30 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time: 1
X-SO-HostName: a-ad40126.dc2p.scaleout.jp
X-SO-LB-Hostname: a-tgng40016.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":6,"gdpr":false,"ipv4":"185.156.175.107","key":"YE4u5sCo5ucAAGdZf0kAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40126"}
X-SO-Key: YE4u5sCo5ucAAGdZf0kAAAAA
X-SO-IP: 185.156.175.107
X-SO-Cluster-ID: 6
X-SO-Upstream-ID: a-ad40126

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame CF49
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1871878968389319537

35 B
237 B

51ms
51ms

Document
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1871878968389319537
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1871878968389319537
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 14 Mar 2021 15:42:29 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 14 Mar 2021 15:42:29 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmhqbmxmamJpaWQEAIir5M0QAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 8 Apr 2022 15:42:29 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwByILSzMLYwtLY0NLU2NzIT5D3Xwzg4IA19CAiLJUXSleQzNDU3NjM1MTS0sjQwCFacYQNAAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 8 Apr 2022 15:42:29 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwByILSzMLYwtLY0NLU2NzIT5D3Xwzg4IA19CAiLJUXQDxveQpJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1871878968389319537
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame A8C4
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=ByghdfJMgIyvs3Iv0bBd&pi=gumgum&tc=1

35 B
237 B

53ms
53ms

Document
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=ByghdfJMgIyvs3Iv0bBd&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=ByghdfJMgIyvs3Iv0bBd&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 14 Mar 2021 15:42:29 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sun, 14 Mar 2021 15:42:29 GMT Sun, 14 Mar 2021 15:42:29 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=ByghdfJMgIyvs3Iv0bBd&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame D8F3 284 B
934 B 353ms
26ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2B49 43 B
344 B 90ms
52ms Image
image/gif 52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=968100e137ee244ee5308581&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:28 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2B49
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=12&3pid=8491063217849233412&gdpr=0&gdpr_consent=

43 B
843 B

1139ms
42ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=12&3pid=8491063217849233412&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:30 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:28 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.88:80
AN-X-Request-Uuid: 7c2ea3db-7c84-4107-a9ad-fe53d5cc706f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ce.lijit.com/merge?pid=12&3pid=8491063217849233412&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2B49
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=a70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Da70c81...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=a70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
https://ce.lijit.com/merge?pid=16&3pid=a70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348&gdpr=0&gdpr_consent=

43 B
1 KB

50ms
49ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=a70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:32 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 14 Mar 2021 15:42:32 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://ce.lijit.com/merge?pid=16&3pid=a70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348&gdpr=0&gdpr_consent=
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2B49
Redirect Chain

https://um.simpli.fi/lj_match?r=1615736548749&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=2&3pid=9CF079D2DEA34A688A5FB1AD9017AFDD

43 B
1 KB

46ms
45ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=9CF079D2DEA34A688A5FB1AD9017AFDD
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:29 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 14 Mar 2021 15:42:31 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=9CF079D2DEA34A688A5FB1AD9017AFDD
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 13 Mar 2021 15:42:31 GMT

GET tum
ums.acuityplatform.com/ Frame 2B49 0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2B49
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=74584dbe-7f69-486b-89a1-dc04da28717a

43 B
860 B

135ms
41ms

Image
image/gif

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=74584dbe-7f69-486b-89a1-dc04da28717a
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:30 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=74584dbe-7f69-486b-89a1-dc04da28717a
Date: Sun, 14 Mar 2021 15:42:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 361C 70 B
264 B 47ms
47ms Image
image/gif 34.246.61.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YE4u5L2FvUtuvwnpIqe83gAA&cm_dsp_id=39
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.61.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-61-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 361C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YE4u5L2FvUtuvwnpIqe83gAABGcAAAIB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELRqDOGzuZjN29a0IV7GJus&google_cver=1

43 B
315 B

68ms
68ms

Image
image/gif

84.53.189.33
AKAMAI-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELRqDOGzuZjN29a0IV7GJus&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.33 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-33.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 14 Mar 2021 15:42:28 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELRqDOGzuZjN29a0IV7GJus&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 361C 43 B
720 B 613ms
126ms Image
image/gif 54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YE4u5L2FvUtuvwnpIqe83gAABGcAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:29 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 361C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YE4u5L2FvUtuvwnpIqe83gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPZQyOZWo8C8N2l7T8BWx9A&google_cver=1

43 B
1002 B

60ms
60ms

Image
image/gif

84.53.189.33
AKAMAI-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPZQyOZWo8C8N2l7T8BWx9A&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.33 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-33.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Mar 2021 15:42:30 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPZQyOZWo8C8N2l7T8BWx9A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 361C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c3de604e-2ee7-4c00-9871-3696bceff400

43 B
1 KB

76ms
75ms

Image
image/gif

84.53.189.33
AKAMAI-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c3de604e-2ee7-4c00-9871-3696bceff400
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.33 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-33.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Mar 2021 15:42:31 GMT

Redirect headers

Date: Sun, 14 Mar 2021 15:42:31 GMT
Server: MT3 3611 f10363c master zrh-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c3de604e-2ee7-4c00-9871-3696bceff400
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 14 Mar 2021 15:42:30 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 361C 0
0 65ms
15ms Image
text/html 2606:4700:3039::6815:c00c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c00c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 361C
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGqcE7AnF4AABGEglPhsg&expiration=1616946156

43 B
1 KB

83ms
83ms

Image
image/gif

84.53.189.33
AKAMAI-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGqcE7AnF4AABGEglPhsg&expiration=1616946156
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.33 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-33.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:36 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Mar 2021 15:42:36 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGqcE7AnF4AABGEglPhsg&expiration=1616946156
Date: Sun, 14 Mar 2021 15:42:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 361C
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1b6fc04d-1227-46bb-9083-b4315fc0896c&expiration=1647272552

43 B
1 KB

60ms
59ms

Image
image/gif

84.53.189.33
AKAMAI-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1b6fc04d-1227-46bb-9083-b4315fc0896c&expiration=1647272552
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.189.33 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-189-33.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Mar 2021 15:42:32 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1b6fc04d-1227-46bb-9083-b4315fc0896c&expiration=1647272552
date: Sun, 14 Mar 2021 15:42:32 GMT
server: Kestrel
content-length: 0

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 361C 43 B
344 B 48ms
47ms Image
image/gif 52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YE4u5L2FvUtuvwnpIqe83gAABGcAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:28 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame D8F3
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KM9BTO9G-1H-A6EK&ex=d-rubiconproject.com&status=ok&gdpr=0

43 B
344 B

58ms
57ms

Image
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=KM9BTO9G-1H-A6EK&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:29 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=KM9BTO9G-1H-A6EK&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D8F3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&_test=YE4u5wAAALE3_izr
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YE4u5wAAALE3_izr&gdpr=0&_test=YE4u5wAAALE3_izr

42 B
691 B

28ms
28ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YE4u5wAAALE3_izr&gdpr=0&_test=YE4u5wAAALE3_izr
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615736552.006915,VS0,VE0
x-served-by: cache-fra19139-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YE4u5wAAALE3_izr&gdpr=0&_test=YE4u5wAAALE3_izr
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 451 709414.gif
id.rlcdn.com/ Frame D8F3 0
66 B 323ms
32ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:29 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame D8F3
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=0
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KM9BTO9G-1H-A6EK&sigv=1&esig=2~e0d6023fb7f65e1fcac8a16548f54d0f6e1e47b0&gdpr=0

0
445 B

19ms
6ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KM9BTO9G-1H-A6EK&sigv=1&esig=2~e0d6023fb7f65e1fcac8a16548f54d0f6e1e47b0&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:29 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KM9BTO9G-1H-A6EK&sigv=1&esig=2~e0d6023fb7f65e1fcac8a16548f54d0f6e1e47b0&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D8F3
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/JhOKQRH0JqjOKRGplVfvXMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3317896764532533564

42 B
691 B

102ms
29ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3317896764532533564
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

date: Sun, 14 Mar 2021 15:42:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3317896764532533564
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D8F3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5c7f604e-2ee7-4300-9a94-7dce30235b15&gdpr=0&gdpr_consent=

42 B
691 B

29ms
28ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5c7f604e-2ee7-4300-9a94-7dce30235b15&gdpr=0&gdpr_consent=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

Date: Sun, 14 Mar 2021 15:42:31 GMT
Server: MT3 3611 f10363c master zrh-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5c7f604e-2ee7-4300-9a94-7dce30235b15&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 14 Mar 2021 15:42:30 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame D8F3 70 B
264 B 55ms
52ms Image
image/gif 34.246.61.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.61.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-61-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D8F3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFBjtUUmj1Xsf2jGA0GaKyw&google_cver=1

42 B
691 B

129ms
33ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFBjtUUmj1Xsf2jGA0GaKyw&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFBjtUUmj1Xsf2jGA0GaKyw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame D8F3
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjZmYTI1NjQ5NTJiYjQ3YjhmYjg0NzhkYWVkYmQxOWY2OGNkZGQzYQ&gdpr=0

170 B
190 B

38ms
38ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjZmYTI1NjQ5NTJiYjQ3YjhmYjg0NzhkYWVkYmQxOWY2OGNkZGQzYQ&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjZmYTI1NjQ5NTJiYjQ3YjhmYjg0NzhkYWVkYmQxOWY2OGNkZGQzYQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 093B 37 KB
14 KB 49ms
48ms Document
text/html 84.53.188.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.188.235 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a84-53-188-235.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=39063
Expires: Mon, 15 Mar 2021 02:33:33 GMT
Date: Sun, 14 Mar 2021 15:42:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 093B 3 KB
4 KB 156ms
38ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=64479554&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 66dd2891e9e7df1e8140296517308bf4aa7c4edea43eaf4134ff67d87b67fd8f

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:30 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 1C10
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4807741947464324308

42 B
770 B

37ms
34ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4807741947464324308
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=64479554&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=2:2; KADUSERCOOKIE=8DECD0E3-192E-4AF8-8F62-F2418279F144; chkChromeAb67Sec=1; DPSync3=1616889600%3A201_227_226_221; SyncRTB3=1616889600%3A3_71_21_54_56_7_220_13_161%7C1616976000%3A35; KRTBCOOKIE_57=22776-8491063217849233412; PugT=1615736549; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 14 Mar 2021 15:42:29 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-4807741947464324308; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 13-Apr-2021 15:42:29 GMT; path=/ PugT=1615736549; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 13-Apr-2021 15:42:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 15:42:29 GMT; path=/
X-lat: amspug002:0:2915
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4807741947464324308
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame FC19 43 B
326 B 125ms
40ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=64479554&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sun, 14 Mar 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1124
x-powered-by: ASP.NET
date: Sun, 14 Mar 2021 15:42:30 GMT
content-length: 43

GET
H2 200 usersync Show response
rtb.gumgum.com/ Frame 8667 35 B
237 B 57ms
53ms Document
image/gif 52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=pbm&i=8DECD0E3-192E-4AF8-8F62-F2418279F144
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=pbm&i=8DECD0E3-192E-4AF8-8F62-F2418279F144
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_3591bf79-0d7f-4770-9ce2-38ba93a815a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 14 Mar 2021 15:42:30 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 093B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jezQ4xkuSviPYvJBgnnxRA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

43ms
43ms

Image
text/html

84.53.188.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.53.188.235 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a84-53-188-235.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=43210
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Mon, 15 Mar 2021 03:42:40 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 093B 95 B
596 B 46ms
28ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=8DECD0E3-192E-4AF8-8F62-F2418279F144
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 62fe9cc01c912b4d-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08d3004c1300002b4d6e25b000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 093B
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8DECD0E3-192E-4AF8-8F62-F2418279F144&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8DECD0E3-192E-4AF8-8F62-F2418279F144&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

44ms
44ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8DECD0E3-192E-4AF8-8F62-F2418279F144&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:28 GMT
frontend-id: 6
location: /pubmatic/1/info2?sType=sync&sExtCookieId=8DECD0E3-192E-4AF8-8F62-F2418279F144&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 093B
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8DECD0E3-192E-4AF8-8F62-F2418279F144&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8DECD0E3-192E-4AF8-8F62-F2418279F144&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8DECD0E3-192E-4AF8-8F62-F2418279F144&addseg=31

7 B
147 B

108ms
38ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8DECD0E3-192E-4AF8-8F62-F2418279F144&addseg=31
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:30 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Sun, 14 Mar 2021 15:42:30 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8DECD0E3-192E-4AF8-8F62-F2418279F144&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 093B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OERFQ0QwRTMtMTkyRS00QUY4LThGNjItRjI0MTgyNzlGMTQ0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

214ms
30ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:29 GMT
X-lat: amspug006:0:388
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 093B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELmFfonv1IKJ_tZP5Z3KEv0&google_cver=1

42 B
855 B

150ms
30ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELmFfonv1IKJ_tZP5Z3KEv0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:29 GMT
X-lat: amspug008:0:433
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELmFfonv1IKJ_tZP5Z3KEv0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 093B 43 B
609 B 1110ms
30ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 13 Mar 2021 15:42:31 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 093B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=aca217e7-713d-4860-8c04-c6e5ef7aeaeb

42 B
882 B

435ms
37ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=aca217e7-713d-4860-8c04-c6e5ef7aeaeb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:30 GMT
X-lat: lhrpug006:0:372
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:30 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=aca217e7-713d-4860-8c04-c6e5ef7aeaeb
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 093B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=473132295746010272

42 B
799 B

401ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=473132295746010272
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:30 GMT
X-lat: lhrpug002:0:546
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:30 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=473132295746010272
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 093B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7fc4604e-2ee7-4a00-b4e7-de2476d5bc01&gdpr=0&gdpr_consent=

42 B
946 B

38ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7fc4604e-2ee7-4a00-b4e7-de2476d5bc01&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:31 GMT
X-lat: lhrpug020:0:437
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Sun, 14 Mar 2021 15:42:31 GMT
Server: MT3 3611 f10363c master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7fc4604e-2ee7-4a00-b4e7-de2476d5bc01&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 14 Mar 2021 15:42:30 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 093B
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8491063217849233412&gdpr=0&gdpr_consent=

42 B
769 B

124ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8491063217849233412&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:29 GMT
X-lat: amspug009:0:493
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sun, 14 Mar 2021 15:42:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.141:80
AN-X-Request-Uuid: ceecb4dd-aa12-496c-ba88-9172eaa63700
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8491063217849233412&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 8DECD0E3-192E-4AF8-8F62-F2418279F144
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 093B 43 B
203 B 34ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/8DECD0E3-192E-4AF8-8F62-F2418279F144?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 093B 0
418 B 373ms
31ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:31 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 m-outer-0cba8a995d163797499ab006bbb6b889.html Show response
js.stripe.com/v3/ Frame 4395 215 B
590 B 25ms
24ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsweek.com/

Response headers

x-amz-id-2: xTMM55a3F222lKrQfeqz2jC5PJ5rctf4KceKmvpC8Ec/JjWUs9Ir+hXHZySedWRV5heKEMYNqXI=
x-amz-request-id: C3EQV95Y1X51Y3MZ
last-modified: Tue, 09 Mar 2021 20:21:15 GMT
etag: "0cba8a995d163797499ab006bbb6b889"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 14 Mar 2021 15:42:33 GMT
via: 1.1 varnish
age: 147
x-served-by: cache-fra19143-FRA
x-cache: HIT
x-cache-hits: 215
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 185

GET
H2 200 m-outer-a7fed991536d116dae496abb616e06f8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4395 1 KB
882 B 28ms
27ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:33 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 189
via: 1.1 varnish
x-cache: HIT
content-length: 699
x-amz-id-2: KdsczMbxi1LUH6ibEZ3gWqsP+9FjfF9kstBrS4ZAuQ9mvXj6u0q/ZAKzAzRIhsWLXaoHabEu8z0=
x-served-by: cache-fra19143-FRA
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 20:21:16 GMT
server: AmazonS3
etag: "356a16407e7a019ffdf35f454b7438a9"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: WBSQ3B4QCJVW17A4
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 244

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0C19 33 KB
13 KB 88ms
26ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

server: nginx
content-type: text/html; charset=utf-8
last-modified: Fri, 04 Dec 2020 19:17:49 GMT
etag: W/"5fca8b5d-84a0"
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=300
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 14 Mar 2021 15:42:33 GMT
age: 55
x-served-by: cache-sea4475-SEA, cache-hhn4063-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 169
x-timer: S1615736553.491702,VS0,VE0
vary: Accept-Encoding
content-length: 12226

POST
H2 200 6 Show response
m.stripe.com/ Frame 0C19 156 B
519 B 604ms
203ms XHR
text/plain 34.208.10.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.10.33 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fbc523abe5f7424e115f0612c95de5f658739d74cebd8b2d772863692fbfad2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Mar 2021 15:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H3-Q050 200 implement-r.js Show response
fqtag.com/tag/ 2 KB
2 KB 65ms
46ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fqtag.com/tag/implement-r.js?org=YQwTNw4Muk9XFo4QH9JJ&p=www.newsweek.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

2b0e12a88bf53722990f01695766c12205d760c692f4cc3f847d1472c49ceb53

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:34 GMT
via: 1.1 google
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1996
x-xss-protection: 0
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
799 B 49ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.newsweek.com

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Mar 2021 15:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newsweek.com

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Mar 2021 15:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
690 B 158ms
158ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=241104273278225&correlator=584306444963063&output=ldjh&impl=fifs&vrg=2021030901&ptt=17&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&sc=1&sfv=1-0-37&ecs=20210314&iu_parts=43459271%2Cnewsweek%2Ctop%2Cright1%2Coop1%2Coop2%2Coop3&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x250%2C300x250%2C1x1%2C1x1%2C1x1&ists=7&prev_scp=pos%3Dtop%26amznbid%3D2%26amznp%3D2%7Cpos%3Dright1%26amznbid%3D2%26amznp%3D2%7Cpos%3Doop1%7Cpos%3Doop2%7Cpos%3Doop3&eri=1&cust_params=amp%3DN%26cat%3Dnwus-us%26sitecat%3Dnwus-us%26fq_refresh%3Dfalse%26fq_refresh_int%3D0%26article_id%3D243964%26topics%3DPolitics%252CWorld%252CNSA%252CBusiness%252CHousing%252CMiddle%2520East%252CCIA%26video%3DN%26video_type%3DNo%26layout%3Dmagazine%26paragraphs%3D34%26total_ads%3D0%26page_type%3Darticle%26adunit%3Dnewsweek.com%252Fus%252Farticle%26focus%3DY%26refresh%3DN%26w1200%3DY%26referrer%3Ddirect%26ts%3Dnonpromoted%26trsource%3DDirect%26brtype%3Dweb%26abt%3D2%26NoPassFQ%3DY%26adexclusion%3D%257Cnw%257C%2520Amobee_Eli%2520Lily%252C%257Cnw%257C%2520brand%2520safety%252C%257Cnw%257C%2520Diageo%2520brand%2520safety%25202%252C%257Cnw%257C%2520NoPassFQ%26excl_cat%3D%257Cnw%257C%2520Amobee_Eli%2520Lily%252C%257Cnw%257C%2520brand%2520safety%252C%257Cnw%257C%2520Diageo%2520brand%2520safety%25202%252C%257Cnw%257C%2520NoPassFQ&cookie_enabled=1&bc=31&abxe=1&lmt=1615736554&dt=1615736554862&dlt=1615736546808&idt=894&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C1105%2C800%2C800%2C800&adys=161%2C1611%2C11167%2C11168%2C11169&adks=2154452299%2C77810098%2C1914041524%2C1813964283%2C85176522&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newsweek.com%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1270x270%7C300x270%7C1600x1%7C1600x1%7C1600x1&msz=1060x270%7C300x250%7C1600x1%7C1600x1%7C1600x1&ga_vid=592281431.1615736547&ga_sid=1615736555&ga_hid=109013756&ga_fc=false&fws=4%2C4%2C4%2C4%2C4&ohw=1270%2C1600%2C1600%2C1600%2C1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

0ac17845370f8c85ee217848de0b08629501576808ef13ad9cebad1453458eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 273
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
83a2320f641d9553c39fcde4632932f8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 50ms
16ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://83a2320f641d9553c39fcde4632932f8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 28ms
7ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 pixel.js Show response
cdn.fqtag.com/1.27.339-ccfb11a/ 88 KB
88 KB 56ms
25ms Script
application/javascript 35.190.36.172
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.36.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:08:13 GMT
age: 2061
x-guploader-uploadid: ABg5-UxyCzDwkble0WJVORrk5VdmhrgpdTrjlmeMXiMOwG5A9oDiLB-7ffdso_tP8ZVuOibrHN33ZY8y60erV6zH7hvroruxmg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89647
last-modified: Wed, 27 Jan 2021 19:48:44 GMT
server: UploadServer
etag: "e0eff30579598f76147c9ea12f490d21"
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
content-language: en
x-goog-generation: 1611776924905378
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 89647
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 14 Mar 2021 16:08:13 GMT

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/7922264/ 0
400 B 44ms
43ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/7922264/cs.js
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 15:42:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Wed, 17 Mar 2021 15:42:36 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 44ms
23ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecae80f35b6224f48dbcac5f92fdec38b525738a7ba17b752d78570f05688184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Mar 2021 15:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6647
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: uL1oorxfssCu00MlIPQLRvAqoiM/KagGo471mxzunuLpt7xVGp9A7DDuV59peQoop9vORtWJMFOPS2pS6ijk9w==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sun, 14 Mar 2021 15:42:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5e9e00b619144f0012bc03cf Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 363 KB
88 KB 159ms
65ms Script
application/javascript 65.9.96.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5e9e00b619144f0012bc03cf
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 864ec15e9636aaf6c0cb7574ab945dc6bc7838382f1070f7b8a090acc94637d7

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:40:01 GMT
via: 1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
age: 154
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: PRG50-C1
content-encoding: gzip
x-amz-cf-id: OSCzDryuxijDnPQ6LJpvMlGzE7pAMA1qTQppZ6GbJF4LjTKKslEtDA==

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5
https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=e6806ea6-84db-11eb-b428-124172222a06

0
588 B

38ms
37ms

Image
text/plain

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=e6806ea6-84db-11eb-b428-124172222a06
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Sun, 14 Mar 2021 15:42:36 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 47
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Sun, 14 Mar 2021 15:42:36 GMT
Server: nginx
Location: /partner?source=82839&sync_limit=5&__user_check__=1&sync_id=e6806ea6-84db-11eb-b428-124172222a06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 70
Connection: keep-alive
Content-Length: 0

GET
H2 200 496391994180701 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/496391994180701?v=2.9.33&r=stable

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9081b541755396a6586e460da803e0552c1a7c8f27be7f0dc5807d3622ba9c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70917
x-fb-rlafr: 0
pragma: private
x-fb-debug: YrqqJ9AfAvYKu0SmNUOXYziTxlNeEP1N/bseKurZVUZWOfvymEzlt74KXcBDZG+tySvm3YMAu7+tSE+fsxU7XQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sun, 14 Mar 2021 15:42:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: private
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 62ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 14 Mar 2021 15:42:36 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=496391994180701&ev=PageView&dl=https%3A%2F%2Fwww.newsweek.com%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&rl=&if=false&ts=1615736556392&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615736556389.710212624&it=1615736556356&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 15:42:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 14 Mar 2021 15:42:36 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 2413 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsweek.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 14 Mar 2021 14:58:39 GMT
expires: Mon, 14 Mar 2022 14:58:39 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2637
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2413 14 KB
6 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:58:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 2637
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:58:39 GMT

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 369ms
122ms Preflight 52.7.13.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Server: 52.7.13.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://www.newsweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 14 Mar 2021 15:42:36 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 122ms
122ms Fetch
text/html 52.7.13.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.13.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.newsweek.com/
key: 5e9e00b619144f0012bc03cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 14 Mar 2021 15:42:36 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030901&jk=241104273278225&bg=!trWltfbNAAUO7zDoDjsAKQB2-Dxa2hBsuuaeEjtgD6IOk9BWYGKuSflaz9Va4BxlWgDh9h38-FV9AgAAAH5SAAAADWgBBwoBCWTY_XPc7OQKS51brJVwA_QOpyPF4u_Q902xU_NhruB8NgQ7FTw5qhSjFiOulBEUeDOJmPBd6hsT9U-OenPYEChrODUdgKK07u_TbYESwN55ewKLwQb6yIufD44UHyODcrUuO_TJqMn1syj7UmwhNaYELM6NulYiZO2n3DpUAok5bFRjPt0hJqAux7qASXOGb_a401WjBViBiRmXErkD7hrChYkIlYKs-EePImVguQOXCosTsmF8MRsLXBHFMIgM-SR5z_syQHaiB_PmeksYfGrHQmNxe7XEPGEwvCVUw4UpoYpJHDPJDvDe4FU-e2AvNMOVI1Udwz_0OzrIqjy2_n69SUFOuaFWo4yZAgn42c5y59ePMMLJIGrTlMo5f9SVJx0bLMPErlCccSEhCgPAidJzaIw9Yf1ALE6mixhu9h5fPKQMM3eCsKrvcDyKPZ9AHm9hpc-guR-tx0EPuYpKMqeVVs6eoM8YHuQ945NL57l9Q17cyewC0srrZ0PdJZc9nxdVh0cLzE4Zjrsf6isnbgww6nou0QdGCpj3PEYXXDpoNTlQujyijqJ7Cc8a35xXs9T0pg4ACkMxIjKxR6kHfTZlAkDdWVcsmwFipP0tKfNIFUeGKEJcjxYJ-W-BQhI9TjQ7cn5DLpcsEnFbIBC0YnB19ohVpjhAjbybBD69m_ZgCBz_dGoqP5yeR21YTMcMqAlQk_EriQ6MpPu1XnOhXPv4LwxPDocvgwlA83H91QQvkHADmYVp0CsoJ7BfMN4jk48yATgpEWhmL6BC62jiI3BjZ_P8_iTEGAJE0fK7XT3t5UcY2xzv92LQX2W9XZjwXwePts-s5yZ1TYJ4w3iZDhVE9sfGx8jzGDWKslDQ4HG6bhgmBFer9HWqSdpWISePbQTivDxcX8BpPglyRdsNZ7eye2ybnz9X4TPEBrfPMPPpCR0A74FKWKxRdumo8RO30epg2xABIJQv2NuBznwL3kPNm_WV7alRmOnr0gY4gbB_KF3OJKFY6-ttyJwWQjXdl_arw8QYeuoXn8J-yvuj9oxRjOJ2mA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
85 B 10ms
10ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarykYDdrNSEocpHkbwT

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 14 Mar 2021 15:42:36 GMT
content-type: text/plain
access-control-allow-origin: https://www.newsweek.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 118ms
117ms Image
image/gif 54.174.156.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsweek.com&p=%2F2013%2F11%2F15%2Fbiggest-little-cia-shop-youve-never-heard-243964.html&u=BsEcQiZD4QvDS2IaC&d=newsweek.com&g=65968&g0=U.S.&g1=Jeff%20Stein&n=1&f=00001&c=0.25&x=0&m=0&y=11366&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1110&t=DUgMDtDyS8SzDgCgzFCMwtVxU1AZP&V=124&tz=-60&_acct=anon&sn=2&sv=CD62oSFc_qyBXsJZ4CWeFfsCIlHg7&sd=1&im=067b2ff0&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.156.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-156-197.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 15:42:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_rbd_n-emx_n-vmg_an-db5_sovrn_3lift

Domain: ums.acuityplatform.com
URL: https://ums.acuityplatform.com/tum?umid=27&uid=968100e137ee244ee5308581&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

349 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 17:32:08	Name: SPugT Value: 1615736551
.pubmatic.com/	1970-01-19 17:32:08	Name: PugT Value: 1615736551
.pubmatic.com/	1970-01-19 17:32:08	Name: KRTBCOOKIE_27 Value: 16735-uid:7fc4604e-2ee7-4a00-b4e7-de2476d5bc01&KRTB&16736-uid:7fc4604e-2ee7-4a00-b4e7-de2476d5bc01&KRTB&23019-uid:7fc4604e-2ee7-4a00-b4e7-de2476d5bc01&KRTB&23114-uid:7fc4604e-2ee7-4a00-b4e7-de2476d5bc01
.pubmatic.com/	1970-01-19 17:32:08	Name: KRTBCOOKIE_80 Value: 16514-CAESELmFfonv1IKJ_tZP5Z3KEv0&KRTB&22987-CAESELmFfonv1IKJ_tZP5Z3KEv0&KRTB&23025-CAESELmFfonv1IKJ_tZP5Z3KEv0
.pubmatic.com/	1970-01-19 18:58:32	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 17:32:08	Name: KRTBCOOKIE_57 Value: 22776-8491063217849233412
.pubmatic.com/	1970-01-19 18:58:32	Name: SyncRTB3 Value: 1616889600%3A3_71_21_54_56_7_220_13_161%7C1616976000%3A35
.pubmatic.com/	1970-01-19 18:58:32	Name: DPSync3 Value: 1616889600%3A201_227_226_221
.pubmatic.com/	1970-01-19 18:58:32	Name: KADUSERCOOKIE Value: 8DECD0E3-192E-4AF8-8F62-F2418279F144
.pubmatic.com/	1970-01-19 16:50:22	Name: pi Value: 2:2
.lijit.com/	1970-01-20 01:34:32	Name: ljtrtb Value: eJwVisERhDAIAHvhfZkJBAP4Q7n0ES9nE469G387u3sBEqygbJhrIZRJVApP%2B4G32N6yWFB8vbBXVV%2Fahh6WUbxFzE1lfsKL8jj%2BSc5qibUeSa1jGr%2FMo5MKSof7ATtwGVQ%3D
.lijit.com/	1970-01-20 01:34:32	Name: ljtrtbexp Value: eJyrVjI0U7IyNDM0szQxMzSx0FEyQuWaoUlbmKPyDVHU1wIAjR8QPA%3D%3D
.lijit.com/	1970-01-20 01:34:32	Name: _ljtrtb_16 Value: a70c81b7-f2b1-46ee-a06e-c0bce2fe4551-604e2ee7-4348
.pubmatic.com/	1970-01-19 17:32:08	Name: KRTBCOOKIE_391 Value: 22924-473132295746010272&KRTB&23263-473132295746010272
.lijit.com/	1970-01-20 01:34:32	Name: _ljtrtb_12 Value: 8491063217849233412
.rubiconproject.com/	1970-01-20 01:34:32	Name: audit Value: 1\|N+NBvaWHKHFwlP+0OdogddDSsilej+QE4WPfzdG0PxB6eP0zD2PV8PphD9YoLrTC4XJBq6XrpkbqFTrNE4+z9k1id1yxWjzFHm0QlslGhrY=
.rubiconproject.com/	1970-01-20 01:34:32	Name: khaos Value: KM9BTO9G-1H-A6EK
.openx.net/	1970-01-19 17:10:32	Name: pd Value: v2\|1615736548\|gen0vNiygu
.pubmatic.com/	1970-01-19 17:32:08	Name: KRTBCOOKIE_336 Value: 5844-4807741947464324308
.openx.net/	1970-01-20 01:34:32	Name: i Value: 45a54439-cffd-01f5-3753-9fa2b41c8659\|1615736548
.pubmatic.com/	1970-01-19 18:58:32	Name: chkChromeAb67Sec Value: 1
.doubleclick.net/	1970-01-20 10:20:08	Name: IDE Value: AHWqTUkDfPigJG9PLSB4nyZJ1ffmTzRiKmx_Ug5rPVQTh6VVDTpV1Cwnot6ezElJea4
.newsweek.com/	1970-01-19 17:32:08	Name: pelcro_count_of_articles_limit Value: 6
.lijit.com/	1970-01-20 01:34:32	Name: ljt_reader Value: 968100e137ee244ee5308581
www.newsweek.com/	1970-01-20 02:17:44	Name: _cb Value: BsEcQiZD4QvDS2IaC
.casalemedia.com/	1970-01-19 16:50:22	Name: CMST Value: YE4u5GBOLuwA
.casalemedia.com/	1970-01-19 18:58:32	Name: CMPS Value: 3202
eus.rubiconproject.com/	1970-01-19 18:58:32	Name: pux Value: 1512%3D98176%262249%3D98176%262307%3D98176%262974%3D98176%263778%3D98176%26idl%3D98176%26brx%3D98176%262249-DV360-Hosted%3D98176%26
.casalemedia.com/	1970-01-20 01:34:32	Name: CMID Value: YE4u5L2FvUtuvwnpIqe83gAA
.pubmatic.com/	1970-01-19 17:32:08	Name: KRTBCOOKIE_377 Value: 6810-aca217e7-713d-4860-8c04-c6e5ef7aeaeb&KRTB&22918-aca217e7-713d-4860-8c04-c6e5ef7aeaeb&KRTB&23031-aca217e7-713d-4860-8c04-c6e5ef7aeaeb
.gumgum.com/	1970-01-20 01:34:32	Name: vst Value: e_3591bf79-0d7f-4770-9ce2-38ba93a815a0
.lijit.com/	1970-01-20 01:34:32	Name: _ljtrtb_87 Value: 74584dbe-7f69-486b-89a1-dc04da28717a
.amazon-adsystem.com/	1970-01-19 21:38:22	Name: ad-id Value: A7gRRiGnjEklsd4_3nc3Ers
www.newsweek.com/	1970-01-19 16:48:58	Name: _cb_svref Value: null
.newsweek.com/	1970-01-19 16:50:22	Name: _gid Value: GA1.2.1527627656.1615736547
.www.newsweek.com/	1970-01-19 16:48:58	Name: __stripe_sid Value: c36e9c5e-77d9-4a66-b17b-bc3e3fb0043ee7d25f
.newsweek.com/	1970-01-19 17:32:08	Name: pelcro_count_of_articles_read Value: 1
.newsweek.com/	1970-01-20 02:10:32	Name: __gads Value: ID=cac35ae07305bb7f:T=1615736554:S=ALNI_MbqKOEc5VWBWV6Lf82lf4xxJYGI6Q
www.newsweek.com/	1970-01-19 16:50:22	Name: geo-location Value: {"country":"CH","region":"ZH"}
.amazon-adsystem.com/	1970-01-21 13:04:18	Name: ad-privacy Value: 0
.casalemedia.com/	1970-01-20 01:34:32	Name: CMRUM3 Value: 05604e2ee405a0&e6604e2ee427600&03604e2ee72760c3de604e-2ee7-4c00-9871-3696bceff400&f1604e2ee405a00&08604e2ee827601b6fc04d-1227-46bb-9083-b4315fc0896c&2d604e2ee62760CAESEPZQyOZWo8C8N2l7T8BWx9A&82604e2eec2760AAGqcE7AnF4AABGEglPhsg&27604e2ee40b40
.newsweek.com/	1970-01-19 17:32:08	Name: pelcro.pageview.frequency Value: MQ==
.newsweek.com/	1970-01-19 17:13:25	Name: cmx1 Value: 2021-03-14
.pubmatic.com/	1970-01-19 18:58:32	Name: KTPCACOOKIE Value: YES
www.newsweek.com/	1970-01-19 16:50:22	Name: _lr_geo_location Value: DE
.newsweek.com/	1970-01-19 16:49:32	Name: cds1 Value: 2021-03-14
.newsweek.com/	1970-01-19 16:50:15	Name: cus1 Value: 2021-03-14
.lijit.com/	1970-01-20 01:34:32	Name: _ljtrtb_2 Value: 9CF079D2DEA34A688A5FB1AD9017AFDD
.newsweek.com/	1970-01-20 01:27:20	Name: pelcro.unique.id Value: eThpZXdwcmtiOWttOWJ0bmZw
.newsweek.com/	1970-01-19 17:32:08	Name: pelcro_count_of_articles_left Value: 5
www.newsweek.com/	1970-01-20 02:17:44	Name: _cb_ls Value: 1
.www.newsweek.com/	1970-01-20 01:34:32	Name: __stripe_mid Value: 5052337d-e620-413d-9281-2bcd60940281b5476a
www.newsweek.com/	1969-12-31 23:59:59	Name: has_js Value: 1
www.newsweek.com/	1970-01-19 16:48:58	Name: orir Value:
www.newsweek.com/	1970-01-20 02:17:44	Name: _chartbeat2 Value: .1615736547541.1615736547541.1.CD62oSFc_qyBXsJZ4CWeFfsCIlHg7.1
.casalemedia.com/	1970-01-19 18:58:32	Name: CMPRO Value: 1127
www.newsweek.com/	1970-01-20 02:10:32	Name: gdpr-auditId Value: c13eb6486da74daa99c888bc92a6efde
.newsweek.com/	1970-01-20 10:20:08	Name: _ga Value: GA1.2.592281431.1615736547
.newsweek.com/	1970-01-19 16:48:56	Name: _dc_gtm_UA-44450862-1 Value: 1
.newsweek.com/	1970-01-19 16:48:56	Name: _gat_UA-44450862-1 Value: 1
www.newsweek.com/	1969-12-31 23:59:59	Name: X-UA-Info Value: country\|CH\|state\|ZH\|city\|Zurich\|latitude\|47.394000\|longitude\|8.445000\|isp\|M247 Ltd\|ip\|185.156.175.107\|device\|desktop\|time\|1615736547

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html(Line 1) Message: prebid_ads_xuaInfo_country CH
console-api	log	URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html(Line 1) Message: con_type 4g
console-api	log	URL: https://www.newsweek.com/2013/11/15/biggest-little-cia-shop-youve-never-heard-243964.html(Line 2) Message: device: desktop false 1600 x 1200
console-api	debug	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: [bugsnag] Loaded!
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: script loaded :355 2 1
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: doFir on doc ready
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: document ready:755
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: GDPR_isLoaded
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: stats counted
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: pelcro_visit_value 5 1758
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: pelcro_visit_cookie_value 5 2261
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: window.onload:9509 2 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

83a2320f641d9553c39fcde4632932f8.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad4m.at
ads.pubmatic.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
amazon-tam-match.dotomi.com
ams.creativecdn.com
ap.lijit.com
api-location-prd.pelcro.com
api.pushnami.com
ats.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cdn.fqtag.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
d.newsweek.com
d275im4r3zngba.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fqtag.com
g.newsweek.com
gc.newsweek.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
geo.rlcdn.com
i.clean.gg
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
js.pelcro.com
js.stripe.com
loadm.exelator.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
query.fqtag.com
recommendationengine.googleapis.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
stats.newsweek.com
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.pushnami.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
uploads.pelcro.com
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.newsweek.com
www.pelcro.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
ums.acuityplatform.com
13.226.159.26
13.226.159.42
13.32.21.37
142.250.185.162
142.250.186.162
150.136.156.92
151.101.112.176
151.101.12.176
151.101.14.49
151.139.128.11
159.253.128.183
178.250.2.151
18.156.0.31
18.158.85.202
18.195.155.181
18.195.240.234
18.198.69.109
185.184.8.30
185.29.132.144
185.64.189.110
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.94.180.125
193.0.160.129
198.148.27.140
202.241.208.100
213.155.156.165
213.19.147.151
216.52.2.30
23.37.42.132
23.37.53.17
2600:1901:0:7a0b::
2600:9000:211e:bc00:c:b42a:3740:93a1
2600:9000:2127:7400:18:1fcd:34e:d2a1
2600:9000:2127:7e00:16:f82a:8600:93a1
2600:9000:2127:8600:11:2a6a:9480:93a1
2600:9000:2182:fe00:8:bd4:5580:21
2606:4700:10::6816:1957
2606:4700:10::6816:958
2606:4700:3039::6815:c00c
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:803::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2013
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:400c:c09::9d
2a02:fa8:8806:16::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a0b:4d07:101::1
3.225.15.51
3.232.11.255
34.208.10.33
34.246.61.84
34.95.69.49
34.98.64.218
35.156.245.144
35.186.195.222
35.190.36.172
35.190.72.161
35.201.96.126
35.227.248.159
35.244.174.68
35.244.220.155
37.157.4.24
37.252.173.22
37.252.173.27
52.215.241.211
52.45.55.28
52.49.193.31
52.7.13.99
52.95.116.38
54.162.255.214
54.174.156.197
54.239.17.112
64.202.112.95
65.9.95.127
65.9.96.6
66.155.71.25
69.173.144.139
69.173.144.165
72.251.249.9
75.2.53.74
77.243.60.138
84.53.188.235
84.53.189.33
88.214.206.142
06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
074786a3de88278cafa18f3d3ed636d7fb9b84c18ec821d5bbe7684bfe2fe3d1
08ccf75fc213dc9d748377208991abb776c6f784a1afcfabfa30493345730e6a
08f02dc6c4a3a464ac5b5f8940ab6e3336af212ed448e27c5f4414394150bac6
0ac17845370f8c85ee217848de0b08629501576808ef13ad9cebad1453458eb0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
21497b26cc92878a4b01230de35cba708156507f633be1593a7cb15868416897
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
25725c6695e6b93fe1745ddb31f126ebce718b1dceac834979dfeb40c39c7ef3
25a9e9e69723ed52a992b45e67a974f49f3135d456db4138f77c822e32d2924e
26afa415e1221eefb1b5aeac203c50935a2fb77ad77589f509d90202cc617c6d
293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184
2afe65bfb75dbdbd09069a2c99dd3290e7ecac17bb197dc3566e146f8c28fa96
2b0e12a88bf53722990f01695766c12205d760c692f4cc3f847d1472c49ceb53
2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48
30b0be7c12d11fb91e451771e60c515d2711787a60d3c3e5f0001cfdb698ad93
3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035
388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee93068cc2e2f003f919830e1514eebfea447b9e72bec348e7d612ff09c2f57
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
45e13f937faa2a4a1e23c57e8da2dfb0b851e45a0dc699ce5abaef47612f08a6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51f6db1b46a265c22e6383ef24c9e7451e34feec809286a6ab221f4b61890c8d
53b6415b1677dad175c81c0eb4a847adf92497ba0e17426ba719ea1da278a170
560222045c7b6c7be49ca9cae80140636df5f0c37499fa42f515c5450ebf4f29
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987
5a5f2210890eb6e0f3c84ade6a636d2e74d343330cd5f8302579e16f9d8c7ff5
5b191c0b8cd4fe9d3fa6a2c5fda524c9cb392f0ab959e924d7d9786b04953503
5b746a682f00c9be12c3a219cf7243dbc642d79fa5c39715172340aa330fba68
62650fd33dce4209d2585176f5f4fcee4fb5abdeba5f3140bec1dd5f9abe043a
62e1d7611e0567b5a98aca8f00674076275cccc8c0b13b5f4f702243d68f9d28
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
66dd2891e9e7df1e8140296517308bf4aa7c4edea43eaf4134ff67d87b67fd8f
67667d18ce7da590acbdbfcb307a1554bd6a1f69f1de6c38f369182f8c906636
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7965d0bba0aaf68832eaf66a2a4ab25db51fead12495b837338e559fd3f70cca
81e97ff2b9c9f0d1546b4362243b0311f2aa5c6d9b979e53b6cf269fddddcd1d
8304c4370f3c0694fadf3af1b943722fb21e278e8a30639d8d5a3f9ad1009d62
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
864ec15e9636aaf6c0cb7574ab945dc6bc7838382f1070f7b8a090acc94637d7
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
9081b541755396a6586e460da803e0552c1a7c8f27be7f0dc5807d3622ba9c50
9320506172fa70da0a413c0826c1973fe60a3bb2076617c3c0459f0b45daf255
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3e58d9a7f3a7d9dd09cbcbcbec533d2015c0efcc74d102ec38e72f416d3940
9b3fd54c22ab6b249fee63c213b856e010687600a69eee3c4792b3553b7371c8
9b510ecb7ce18c99063a5ef0532bddc4f767a0ef0f3f39291a4ca52ae1048615
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5de670301880ef66e01ebaf7ca066482a5bc6a02c553675ee26ef0fe2b805a7
a72c001fcf73fc087a7dffd420f3d3e714546d4c093df0afc174d876e1c9368b
aa12b6968b55d509378d47dc26722bd22f3b62a5d85d11685817da0275601693
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
af6c9dc658494cc0d18f5bf1cd1a476ce6527f1886a52d2667c53524b7b48b77
b02cc80eab3cb114e5887a63ee67cce84f1f168865e093ccb57784c248461658
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b
bce4bf08bdc9a63708fd9a343ce3f3a7b2af8b2e4ad2f7606c4ab7021605fa4f
bd13bcebd033a7da9f05fb7aee59c546de17a7ad629dc26f4a02ac24ced1cda4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c829f9d67ab7851c5ce62820191525d4581aa26bc0a18f6cba0b5af2c7912dd6
c8be4f235e5e60934778e3d91ea274a5a2037318f885960ffeceaf3d37436c47
ce15f97bb2c4ce6a22d35084921623bfb15980e3c3c4dfdd04d3885863c79f99
ceea53e44ec565f4238f76684d3c16fe2c0806d7d0208678105d6f64320b8e56
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
d9f133d2974e2b2df4a05a2b289b7a502df5ec5423db4711950496131ab5b4c4
dcf4dd4cbdfb12520e932335c26da045c866ba7d89dcfedd3eb7539eabc4186b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e01b2c94a979c7f73e27503991c0087ddd4e3dc9b6920cae31ba9308db24bb9e
e0abf6161bca7877c388d5d8093be5b94038841c03801660bdbab1388740b74b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cf1c133b96419d7116640c9850740280ad5aed7e54b9749f7bb3211d6be4f7
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab
ec21da6e960bab474158649800a3c87e315353d3de7e08442097d6feea9f2704
ecae80f35b6224f48dbcac5f92fdec38b525738a7ba17b752d78570f05688184
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23dc26cd225f1a3642350de898e441363eada09f0f2154d00037d3ab82cdb9c
f260045ded0720c98c43d78b181249ffdfa8e43ca0ec74c8ec9db8e3c33f4363
f6f4b4586d702093c9cc07e981206978d58633f46da7c721f46513d4dcc71b11
fbc523abe5f7424e115f0612c95de5f658739d74cebd8b2d772863692fbfad2a
fc6686761d3664feb55c6717335a43fcc4f9546505e3c1fd2d5c8bdb807b3b24
fd90c74a256c879ce6d6774b6f837c13a0fc31a122dcc3352ab63f76191cbc11

www.newsweek.com Open in urlscan Pro 75.2.53.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

185 Requests

99 %HTTPS

29 %IPv6

70 Domains

108 Subdomains

73 IPs

11 Countries

1801 kBTransfer

4872 kBSize

61 Cookies

14 Outgoing links

Redirected requests

185 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.newsweek.com Open in urlscan Pro
75.2.53.74 Public Scan

Screenshot
Live screenshot

Full Image

185
Requests

99 %
HTTPS

29 %
IPv6

70
Domains

108
Subdomains

73
IPs

11
Countries

1801 kB
Transfer

4872 kB
Size

61
Cookies

185 HTTP transactions
0 data transactions