urlscan.io logo urlscan.io
SecurityTrails logo

www.ibtimes.com Open in urlscan Pro
54.236.227.174  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVz...
Effective URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hl...
Submission: On April 08 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 9 countries across 81 domains to perform 367 HTTP transactions. The main IP is 54.236.227.174, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.ibtimes.com.
TLS certificate: Issued by Amazon on May 19th 2020. Valid for: a year.
This is the only time www.ibtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.254 209242 (CLOUDFLAR...)
1 54.236.227.174 14618 (AMAZON-AES)
1 2600:9000:206... 16509 (AMAZON-02)
32 151.139.128.11 20446 (HIGHWINDS3)
7 2a00:1450:400... 15169 (GOOGLE)
3 35.190.48.184 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:2800:234... 15133 (EDGECAST)
4 13.226.159.90 16509 (AMAZON-02)
6 104.160.77.202 46469 (GETRESPON...)
1 2600:9000:207... 16509 (AMAZON-02)
1 35.186.195.222 15169 (GOOGLE)
3 52.85.32.122 16509 (AMAZON-02)
1 8 151.101.114.137 54113 (FASTLY)
4 151.101.14.137 54113 (FASTLY)
43 104.19.132.78 13335 (CLOUDFLAR...)
1 3.214.46.53 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 5 37.252.173.27 29990 (ASN-APPNEX)
4 11 35.244.159.8 15169 (GOOGLE)
1 3.122.92.81 16509 (AMAZON-02)
1 3.123.45.128 16509 (AMAZON-02)
1 18.194.69.169 16509 (AMAZON-02)
1 3.122.43.163 16509 (AMAZON-02)
1 213.19.162.31 3356 (LEVEL3)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 184.31.84.150 20940 (AKAMAI-ASN1)
4 136.144.59.88 54825 (PACKET)
1 2600:9000:20e... 16509 (AMAZON-02)
7 216.58.212.162 15169 (GOOGLE)
6 52.9.172.53 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.190.72.161 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a0c:5c81:514... 55081 (24SHELLS)
2 13.225.74.124 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.190.36.172 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 13.226.159.101 16509 (AMAZON-02)
2 2a03:2880:f03... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.231.187.146 14618 (AMAZON-AES)
11 3.141.58.182 16509 (AMAZON-02)
1 142.250.186.102 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.222.179.120 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
1 104.17.119.107 13335 (CLOUDFLAR...)
2 3.225.136.82 14618 (AMAZON-AES)
4 104.111.230.142 16625 (AKAMAI-AS)
5 11 2.18.234.21 16625 (AKAMAI-AS)
3 8 3.64.73.215 16509 (AMAZON-02)
4 2.18.233.180 16625 (AKAMAI-AS)
1 2.18.232.130 16625 (AKAMAI-AS)
3 3 52.59.102.119 16509 (AMAZON-02)
2 5 3.126.56.137 16509 (AMAZON-02)
2 2 151.101.14.49 54113 (FASTLY)
9 185.64.190.80 62713 (AS-PUBMATIC)
2 2 216.52.2.30 29791 (VOXEL-DOT...)
10 13 18.202.255.125 16509 (AMAZON-02)
1 151.101.14.110 54113 (FASTLY)
1 2a04:4e42:3::621 54113 (FASTLY)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 5 104.111.238.139 16625 (AKAMAI-AS)
10 2600:1901:0:2... 15169 (GOOGLE)
4 2a00:1288:80:... 203220 (YAHOO-DEB)
2 52.1.97.1 14618 (AMAZON-AES)
2 162.247.243.146 13335 (CLOUDFLAR...)
1 1 184.30.212.16 20940 (AKAMAI-ASN1)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
10 10 18.194.69.213 16509 (AMAZON-02)
1 1 94.23.171.206 16276 (OVH)
1 104.19.216.61 13335 (CLOUDFLAR...)
2 2 35.212.212.222 15169 (GOOGLE)
1 104.16.199.73 13335 (CLOUDFLAR...)
1 18.185.199.226 16509 (AMAZON-02)
11 13 172.217.16.130 15169 (GOOGLE)
2 146.20.128.52 27357 (RACKSPACE)
5 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.72 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.222.190.171 16509 (AMAZON-02)
3 3 185.29.135.226 30419 (MEDIAMATH...)
1 1 2620:116:800d... 16509 (AMAZON-02)
5 5 37.157.2.235 198622 (ADFORM)
2 185.64.189.115 62713 (AS-PUBMATIC)
24 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 4 213.155.156.166 1299 (TELIANET ...)
2 178.250.2.151 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
2 169.50.137.190 36351 (SOFTLAYER)
8 185.64.189.110 62713 (AS-PUBMATIC)
4 7 37.252.172.38 29990 (ASN-APPNEX)
1 1 52.0.219.4 14618 (AMAZON-AES)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
2 4 54.239.17.112 16509 (AMAZON-02)
1 1 70.42.32.127 22075 (AS-OUTBRAIN)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 69.173.144.139 26667 (RUBICONPR...)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 1 185.183.112.148 60350 (VP)
1 192.132.33.46 18568 (BIDTELLECT)
1 2 52.30.140.199 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.230.183.98 16509 (AMAZON-02)
1 213.254.244.24 3257 (GTT-BACKB...)
3 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.66 15169 (GOOGLE)
2 213.254.244.11 3257 (GTT-BACKB...)
2 2 52.215.39.23 16509 (AMAZON-02)
1 2600:1f14:b4f... 16509 (AMAZON-02)
1 3.222.211.147 14618 (AMAZON-AES)
367 112
2    199.60.103.254 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com
1    54.236.227.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-227-174.compute-1.amazonaws.com
www.ibtimes.com
1    2600:9000:206f:b800:3:f9b0:4040:93a1 (United States)

ASN16509 (AMAZON-02, US)
ccpa-wrapper.privacymanager.io
32    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s1.ibtimes.com
d1.spcdn.ibt.com
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
adservice.google.com
3    35.190.48.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
stalesummer.com
1    2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    13.226.159.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-90.dus51.r.cloudfront.net
frontend.1worldonline.com
6    104.160.77.202 (United States)

ASN46469 (GETRESPONSE-IMPLIX, US)
ibt-mail.com
1    2600:9000:2070:6a00:9:dc53:cc00:93a1 (United States)

ASN16509 (AMAZON-02, US)
ccpa.privacymanager.io
1    35.186.195.222 (Kansas City, United States)

ASN15169 (GOOGLE, US)
query.fqtag.com
3    52.85.32.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-122.ham50.r.cloudfront.net
c.amazon-adsystem.com
8    151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cd.connatix.com
img.connatix.com
4    151.101.14.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cds.connatix.com
vid.connatix.com
43    104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
1    3.214.46.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-46-53.compute-1.amazonaws.com
reachms.bfmio.com
1    2a02:fa8:8806:16::1460 (United States)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
5    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
11    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
eu-u.openx.net
us-u.openx.net
1    3.122.92.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-92-81.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    3.123.45.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-45-128.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
1    18.194.69.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-69-169.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    3.122.43.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-43-163.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    213.19.162.31 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    184.31.84.150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
htlb.casalemedia.com
4    136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2600:9000:20eb:ba00:17:1429:b980:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.feeds.ibt.com
7    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
securepubads.g.doubleclick.net
6    52.9.172.53 (San Jose, United States)

ASN16509 (AMAZON-02, US)
app.1worldonline.com
1    2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
2    35.190.72.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
fqtag.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtcontent.com
ghb.adtelligent.com
2    13.225.74.124 (United States)

ASN16509 (AMAZON-02, US)
geo.privacymanager.io
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    35.190.36.172 (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.fqtag.com
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
4    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    13.226.159.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-101.dus51.r.cloudfront.net
dau-prod.launch.liveramp.com
2    2a03:2880:f03f:1c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    34.231.187.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
feeds.ibt.com
11    3.141.58.182 (Columbus, United States)

ASN16509 (AMAZON-02, US)
capi.connatix.com
1    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net
3    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.222.179.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-120.ham50.r.cloudfront.net
api.pushnami.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    3.225.136.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.bfmio.com
4    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
11    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8    3.64.73.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
aktrack.pubmatic.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
3    52.59.102.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
5    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
9    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
13    18.202.255.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    104.111.238.139 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
10    2600:1901:0:298e:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
aux.fqtag.com
4    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
pr.ybp.yahoo.com
s.yimg.com
2    52.1.97.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-97-1.compute-1.amazonaws.com
q.adrta.com
2    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
1    184.30.212.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
10    18.194.69.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-69-213.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    94.23.171.206 (France)

ASN16276 (OVH, FR)
green.erne.co
1    104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
rtb-usw.mfadsrvr.com
1    104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
1    18.185.199.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.sharethrough.com
13    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
2    146.20.128.52 (United States)

ASN27357 (RACKSPACE, US)
ssp.lkqd.net
5    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.222.190.171 (United States)

ASN16509 (AMAZON-02, US)
d2fw4nb4g546bx.cloudfront.net
3    185.29.135.226 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
5    37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
24    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    213.155.156.166 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
7    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    52.0.219.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    54.230.183.98 (United States)

ASN16509 (AMAZON-02, US)
pix.adrta.com
1    213.254.244.24 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
tps.doubleverify.com
3    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
pubads.g.doubleclick.net
2    213.254.244.11 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
tps20248.doubleverify.com
2    52.215.39.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
1    2600:1f14:b4f:4b04:d62d:ca97:4db6:4e65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
ipv6.adrta.com
1    3.222.211.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
adrta.com
Apex Domain
Subdomains		 Transfer
43 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
572 KB
36 googlesyndication.com
3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
506 KB
31 ibtimes.com
www.ibtimes.com
s1.ibtimes.com
848 KB
30 doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
pubads.g.doubleclick.net
158 KB
27 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
image6.pubmatic.com
aud.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
aktrack.pubmatic.com
62 KB
23 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
447 KB
15 fqtag.com
query.fqtag.com
fqtag.com
cdn.fqtag.com
aux.fqtag.com
182 KB
13 adsrvr.org
match.adsrvr.org
5 KB
13 adnxs.com
ib.adnxs.com
acdn.adnxs.com
26 KB
11 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
960 KB
11 casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
10 KB
11 openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
3 KB
10 bidswitch.net
x.bidswitch.net
4 KB
10 1worldonline.com
frontend.1worldonline.com
app.1worldonline.com
167 KB
9 google.com
adservice.google.com
www.google.com
1 KB
9 rubiconproject.com
prebid-server.rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
token.rubiconproject.com
26 KB
9 3lift.com
tlx.3lift.com
eb2.3lift.com
4 KB
7 yahoo.com
ups.analytics.yahoo.com
pr.ybp.yahoo.com
pr-bh.ybp.yahoo.com
8 KB
7 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
36 KB
6 ibt-mail.com
ibt-mail.com
124 KB
5 adform.net
c1.adform.net
2 KB
5 adrta.com
q.adrta.com
pix.adrta.com
ipv6.adrta.com
adrta.com
15 KB
5 scorecardresearch.com
sb.scorecardresearch.com
4 KB
5 doubleverify.com
cdn.doubleverify.com
tps.doubleverify.com
tps20248.doubleverify.com
91 KB
5 google-analytics.com
www.google-analytics.com
39 KB
5 googletagservices.com
www.googletagservices.com
156 KB
4 de17a.com
d5p.de17a.com
1 KB
4 gstatic.com
fonts.gstatic.com
66 KB
4 a-mo.net
prebid.a-mo.net
1 KB
4 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
1 KB
4 ibt.com
d1.spcdn.ibt.com
cdn.feeds.ibt.com
feeds.ibt.com
261 KB
4 privacymanager.io
ccpa-wrapper.privacymanager.io
ccpa.privacymanager.io
geo.privacymanager.io
47 KB
3 yimg.com
s.yimg.com
73 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 bfmio.com
reachms.bfmio.com
sync.bfmio.com
1 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
132 KB
3 stalesummer.com
stalesummer.com
31 KB
2 scoota.co
r.scoota.co
1 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
976 B
2 simpli.fi
um.simpli.fi
1 KB
2 fiftyt.com
visitor.fiftyt.com
996 B
2 semasio.net
uipglob.semasio.net
1 KB
2 criteo.com
dis.criteo.com
651 B
2 cloudfront.net
d2fw4nb4g546bx.cloudfront.net
72 KB
2 lkqd.net
ssp.lkqd.net
693 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
753 B
2 creativecdn.com
creativecdn.com
687 B
2 nr-data.net
bam-cell.nr-data.net
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
671 B
2 indexww.com
js-sec.indexww.com
2 KB
2 facebook.net
connect.facebook.net
62 KB
2 liveramp.com
dau-prod.launch.liveramp.com
468 B
2 google.de
adservice.google.de
www.google.de
272 B
2 silobreaker.com
info.silobreaker.com
3 KB
1 bttrack.com
bttrack.com
380 B
1 adotmob.com
sync.adotmob.com
689 B
1 2mdn.net
s0.2mdn.net
17 KB
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
444 B
1 stackadapt.com
sync.srv.stackadapt.com
619 B
1 zeotap.com
mwzeom.zeotap.com
490 B
1 quantserve.com
pixel.quantserve.com
499 B
1 sharethrough.com
match.sharethrough.com
263 B
1 idealmedia.io
cm.idealmedia.io
448 B
1 lentainform.com
cm.lentainform.com
514 B
1 erne.co
green.erne.co
296 B
1 jsdelivr.net
cdn.jsdelivr.net
9 KB
1 newrelic.com
js-agent.newrelic.com
12 KB
1 brealtime.com
biddr.brealtime.com
1 KB
1 rlcdn.com
api.rlcdn.com
328 B
1 pushnami.com
api.pushnami.com
61 KB
1 googletagmanager.com
www.googletagmanager.com
42 KB
1 adtelligent.com
ghb.adtelligent.com
417 B
1 adtcontent.com
ghb.adtcontent.com
2 KB
1 hs-banner.com
js.hs-banner.com
15 KB
1 hs-analytics.net
js.hs-analytics.net
18 KB
1 emxdgt.com
hb.emxdgt.com
158 B
1 dotomi.com
web.hb.ad.cpe.dotomi.com
655 B
1 hs-scripts.com
js.hs-scripts.com
786 B
0 rfihub.com Failed
p.rfihub.com Failed
367 81
Domain Requested by
30 s-img.mgid.com www.ibtimes.com
30 s1.ibtimes.com www.ibtimes.com
28 tpc.googlesyndication.com securepubads.g.doubleclick.net
stalesummer.com
info.silobreaker.com
3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.ibtimes.com
13 cm.g.doubleclick.net 11 redirects u.openx.net
eb2.3lift.com
13 match.adsrvr.org 10 redirects u.openx.net
eb2.3lift.com
ssum-sec.casalemedia.com
12 ib.adnxs.com 7 redirects s1.ibtimes.com
acdn.adnxs.com
eb2.3lift.com
11 capi.connatix.com cd.connatix.com
10 x.bidswitch.net 10 redirects
10 aux.fqtag.com cdn.fqtag.com
9 image2.pubmatic.com www.ibtimes.com
image6.pubmatic.com
ads.pubmatic.com
8 simage2.pubmatic.com ads.pubmatic.com
8 eb2.3lift.com 3 redirects s1.ibtimes.com
eb2.3lift.com
7 cm.mgid.com jsc.mgid.com
www.ibtimes.com
7 img.connatix.com www.ibtimes.com
7 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
info.silobreaker.com
cd.connatix.com
6 app.1worldonline.com www.ibtimes.com
frontend.1worldonline.com
6 ibt-mail.com www.ibtimes.com
ibt-mail.com
5 pagead2.googlesyndication.com srcdoc
www.googletagservices.com
5 c1.adform.net 5 redirects
5 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
5 sb.scorecardresearch.com 2 redirects jsc.mgid.com
www.ibtimes.com
5 ups.analytics.yahoo.com 2 redirects www.ibtimes.com
5 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
5 www.google-analytics.com frontend.1worldonline.com
www.googletagmanager.com
www.google-analytics.com
www.ibtimes.com
5 fonts.googleapis.com www.ibtimes.com
frontend.1worldonline.com
tpc.googlesyndication.com
5 www.googletagservices.com www.ibtimes.com
securepubads.g.doubleclick.net
3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
4 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 d5p.de17a.com 4 redirects
4 googleads.g.doubleclick.net 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
4 www.google.com 2 redirects 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
www.ibtimes.com
4 us-u.openx.net 2 redirects u.openx.net
4 fonts.gstatic.com www.ibtimes.com
fonts.googleapis.com
4 eus.rubiconproject.com s1.ibtimes.com
cm.mgid.com
eus.rubiconproject.com
4 prebid.a-mo.net s1.ibtimes.com
www.ibtimes.com
4 u.openx.net 1 redirects s1.ibtimes.com
4 frontend.1worldonline.com www.ibtimes.com
frontend.1worldonline.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 s.yimg.com pr.ybp.yahoo.com
www.ibtimes.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 eu-u.openx.net 1 redirects u.openx.net
3 sync.mathtag.com 3 redirects
3 pixel.advertising.com 3 redirects
3 ads.pubmatic.com s1.ibtimes.com
ads.pubmatic.com
www.ibtimes.com
3 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cdn.mgid.com www.ibtimes.com
3 c.amazon-adsystem.com www.ibtimes.com
c.amazon-adsystem.com
3 stalesummer.com www.ibtimes.com
stalesummer.com
2 r.scoota.co 2 redirects
2 tps20248.doubleverify.com cdn.doubleverify.com
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 simage4.pubmatic.com ads.pubmatic.com
2 token.rubiconproject.com www.ibtimes.com
eus.rubiconproject.com
2 um.simpli.fi ads.pubmatic.com
image6.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 dis.criteo.com image6.pubmatic.com
2 image6.pubmatic.com ads.pubmatic.com
2 d2fw4nb4g546bx.cloudfront.net frontend.1worldonline.com
www.ibtimes.com
2 stats.g.doubleclick.net www.google-analytics.com
2 ssp.lkqd.net cd.connatix.com
2 rtb-usw.mfadsrvr.com 2 redirects
2 creativecdn.com 2 redirects
2 bam-cell.nr-data.net js-agent.newrelic.com
2 q.adrta.com s1.ibtimes.com
q.adrta.com
2 vid.connatix.com cd.connatix.com
2 cdn.doubleverify.com securepubads.g.doubleclick.net
info.silobreaker.com
2 ap.lijit.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 js-sec.indexww.com s1.ibtimes.com
ssum-sec.casalemedia.com
2 sync.bfmio.com s1.ibtimes.com
sync.bfmio.com
2 connect.facebook.net www.ibtimes.com
connect.facebook.net
2 dau-prod.launch.liveramp.com ccpa.privacymanager.io
2 cdn.fqtag.com fqtag.com
2 geo.privacymanager.io ccpa.privacymanager.io
2 fqtag.com www.ibtimes.com
securepubads.g.doubleclick.net
2 htlb.casalemedia.com s1.ibtimes.com
2 cds.connatix.com www.ibtimes.com
cd.connatix.com
2 d1.spcdn.ibt.com www.ibtimes.com
2 platform.twitter.com www.ibtimes.com
platform.twitter.com
2 info.silobreaker.com 1 redirects
1 adrta.com pix.adrta.com
1 ipv6.adrta.com pix.adrta.com
1 tps.doubleverify.com cdn.doubleverify.com
1 pix.adrta.com q.adrta.com
1 www.google.de www.ibtimes.com
1 bttrack.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 aktrack.pubmatic.com www.ibtimes.com
1 s0.2mdn.net imasdk.googleapis.com
1 b1sync.zemanta.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 c.bing.com eb2.3lift.com
1 sync.srv.stackadapt.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 syndication.twitter.com platform.twitter.com
1 match.sharethrough.com www.ibtimes.com
1 cm.idealmedia.io www.ibtimes.com
1 cm.lentainform.com www.ibtimes.com
1 green.erne.co 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 pr.ybp.yahoo.com s1.ibtimes.com
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 js-agent.newrelic.com ibt-mail.com
1 acdn.adnxs.com s1.ibtimes.com
1 biddr.brealtime.com s1.ibtimes.com
1 api.rlcdn.com s1.ibtimes.com
1 api.pushnami.com www.ibtimes.com
1 ad.doubleclick.net stalesummer.com
1 feeds.ibt.com www.ibtimes.com
1 www.googletagmanager.com s1.ibtimes.com
1 servicer.mgid.com jsc.mgid.com
1 adservice.google.de securepubads.g.doubleclick.net
1 ghb.adtelligent.com www.ibtimes.com
1 ajax.googleapis.com cdn.feeds.ibt.com
1 ghb.adtcontent.com jsc.mgid.com
1 c.mgid.com jsc.mgid.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 cdn.feeds.ibt.com www.ibtimes.com
1 hbopenbid.pubmatic.com s1.ibtimes.com
1 fastlane.rubiconproject.com s1.ibtimes.com
1 prebid-server.rubiconproject.com s1.ibtimes.com
1 hb.emxdgt.com s1.ibtimes.com
1 ads.adaptv.advertising.com s1.ibtimes.com
1 tlx.3lift.com s1.ibtimes.com
1 web.hb.ad.cpe.dotomi.com s1.ibtimes.com
1 reachms.bfmio.com s1.ibtimes.com
1 jsc.mgid.com www.ibtimes.com
1 cd.connatix.com 1 redirects
1 query.fqtag.com www.ibtimes.com
1 ccpa.privacymanager.io ccpa-wrapper.privacymanager.io
1 js.hs-scripts.com www.ibtimes.com
1 ccpa-wrapper.privacymanager.io www.ibtimes.com
1 www.ibtimes.com info.silobreaker.com
0 p.rfihub.com Failed ssum-sec.casalemedia.com
367 139
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
*.ibtimes.com
Amazon		 2020-05-19 -
2021-06-19		 a year crt.sh
*.privacymanager.io
Amazon		 2020-10-24 -
2021-11-23		 a year crt.sh
s1.ibtimes.com
R3		 2021-03-22 -
2021-06-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
stalesummer.com
R3		 2021-03-21 -
2021-06-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.1worldonline.com
Amazon		 2021-02-02 -
2022-03-03		 a year crt.sh
ibt-mail.com
R3		 2021-03-28 -
2021-06-26		 3 months crt.sh
d1.spcdn.ibt.com
R3		 2021-03-21 -
2021-06-19		 3 months crt.sh
*.fqtag.com
R3		 2021-04-02 -
2021-07-01		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2020-09-29 -
2021-10-19		 a year crt.sh
*.bfmio.com
Amazon		 2020-06-14 -
2021-07-14		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2020-03-30 -
2022-06-25		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-26 -
2021-06-22		 6 months crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.a-mo.net
R3		 2021-03-12 -
2021-06-10		 3 months crt.sh
*.ibt.com
Amazon		 2020-07-10 -
2021-08-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
ghb.adtcontent.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
ghb.adtelligent.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.launch.liveramp.com
Amazon		 2020-10-15 -
2021-11-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.newsweek.com
Amazon		 2020-12-05 -
2022-01-03		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.pushnami.com
Amazon		 2020-05-16 -
2021-06-16		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-25 -
2022-03-26		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-24 -
2021-05-12		 2 months crt.sh
*.adrta.com
DigiCert SHA2 Secure Server CA		 2020-06-08 -
2021-06-16		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.lkqd.net
Go Daddy Secure Certificate Authority - G2		 2019-05-13 -
2021-07-12		 2 years crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
www.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh

This page contains 40 frames:

Primary Page: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Frame ID: 86488D590B8C0A14D88C3FD5514CA444
Requests: 152 HTTP requests in this frame

Frame: https://cds.connatix.com/p/112385/connatix.playspace.dc.js
Frame ID: 8D8A05771B21DEE891310AA8928F521A
Requests: 23 HTTP requests in this frame

Frame: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819
Frame ID: 065A20674B12CD84F3FE92EB153BD135
Requests: 16 HTTP requests in this frame

Frame: https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
Frame ID: 80DCA43BF933143C264F0C6F63298138
Requests: 7 HTTP requests in this frame

Frame: https://frontend.1worldonline.com/widget/smart3-b9c58ac9.html
Frame ID: 2E0F4EBD231145B066ACD6FC85F5AB74
Requests: 25 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html?origin=https%3A%2F%2Fwww.ibtimes.com
Frame ID: 3AEA3903957930351541235387D45BA4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 428833D52EF12DD473F46B3C999DCCD0
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: FF54583946C4400CE8C7D33DA6F6339B
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=9950dc87-e457-40ab-84d2-0662b604390c&gdpr=0&gc=&gce=1&us_privacy=
Frame ID: 5344FCF390D01E5E09A9A2D54EB82305
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EF15F2BB01ACC4F124AA0B2A280EE626
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6FD32441EEA995B8818F1481E8C13BC2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: ECEBEC88409FA9D57A874AA38318A424
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 394A2AA8EFF7CC1204DF43B749653694
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 342AFBE072A1EE468CBA19F1C6B30008
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C969285CC1057FB1BF34B9659C374857
Requests: 3 HTTP requests in this frame

Frame: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D4810CCD609295352E547AACACD49620
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssy69R5FC4aiCiQ18OZK48iqoe33kM8wK-6OpG6Xz97rCn3_-rILnVCXDv7cuxmkKRe6ms4ypEZ8ToAbkNjz7cyvogAH3nSp0whAi9aPE3O5oWpTZ3wvyHecCHmwL76_X1HIb94nfxfLsQndkO5faAhHNAxuohCKnVRIy9QfyeVPI9E5nIp3dx23_mq9N_7lwJYnLaubNTsCrwqqQ_ZbX8tcFIvHTb7SMAntwKJ0RqhUo035WrY8qmsG3b54BEAxRPYxOL7rITtLmDPoz7-AKOrHXT2IROdWiEonhI-nHvRNio17gbvJ8M&sai=AMfl-YTPZauDUGhstHyN1LMNnoKRo9X9HrX1qRrGE4NGlWOmB5WXwYV_WfU3_FP5zuM4H1iviIqb2Qmi6UlnY0H8uODpEcCgaJ2RZdnD8MaOLIsdMbOWW7n6wAyCp1oddDQ&sig=Cg0ArKJSzDuCdpaCBpIREAE&urlfix=1&adurl=
Frame ID: 69DB130DA6DDF7AEE3F49C25FDFA3103
Requests: 23 HTTP requests in this frame

Frame: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3C53D76EF85F26B39B1F1320F8CAF5F5
Requests: 6 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1617910453460441839178
Frame ID: 98655C3F67AF40FE5CBA9447A72A3207
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: A1636D4E0B343820AB370EB5F2D07988
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 2A90E3809CE136385973E4609B7C5B44
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html
Frame ID: DB9E1B582423ABA8E650027424D463F0
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html
Frame ID: 63D8E18C039366E8B41B24288CCEA4FA
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: ED0C1328E89E8EF52F048B91C17B0276
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1139417081313456709
Frame ID: 9BACA2B2BC49DFDC86F9080082B2E167
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5B2B18B2EE0FD38AE594EB51BE5A5C2F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 19AFF87B8DC78B0BA747BDEFFF09A512
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D95233BE16CF6B1A9A2AE5425E6F40D5
Requests: 11 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=158003&siteId=576386&adId=2117963&adType=10&adServerId=243&kefact=0.100000&kaxefact=0.100000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1617910447&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.078414&dcId=3&tldId=0&passback=0&svr=BID22482U&adsver=_2560778847&adsabzcid=0&ekefact=r1pvYD36AgAknlOsAUXKrAeDYKU1nMXuNoQ_yW6e_HQpiVUk&ekaxefact=r1pvYEf6AgCJh0-YFChz07X-_eUQC92PIfjGroUCbA7SGHew&ekpbmtpfact=r1pvYFD6AgB_Y8HaoTphnQDEhW5zcjylx4T4giXoMGqmDrwx&enpp=r1pvYFj6AgAE4tK5pFtNG8emgYC9NVqF_NhUm2PELzz4v17J&pfi=1&dc=AMS&pubBuyId=30384&tpb=1&crID=3285378&lpu=hoeren-heute.de&ucrid=2996188549719511046&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH101788000&wDspId=452&wbId=9&wrId=2876981&wAdvID=1157489&wDspCampId=1447400&isRTB=1&rtbId=5E6B3E47-AC67-4B75-8CF4-02A8382C4324&imprId=7AAF966C-16FF-4E67-B960-296436A538A3&oid=7AAF966C-16FF-4E67-B960-296436A538A3&cntryId=58&pageURL=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&sec=1&pAuSt=3
Frame ID: 53EEB40151EA9AC59C0DC266508F8D39
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1165.js
Frame ID: BB9D1956E06357F705A9B0EE075C257D
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 89BBFEAC81E41D8014614C45D68A3EBC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0F84A8D2A5709593FEFE7623F680C760
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 56EAEB75D34048B555A885E7F3E897C2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D58BF100F452BD355A2460736BB98CEF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: C62B1AE32A1B3CA824EFF8C5FAD0B779
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1F36F9891927E6454AEA27ABDD722ABA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: BCF88B087826D038645A56B813BB8476
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 334B223669DE2974093D70CAE6229E6E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3771753027293815588
Frame ID: B01A46894C6E38B7249F4FFF909846FE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: EE0D08717C8E734441DDF2E4159DABF4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7... HTTP 307
    https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=9696527... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

367
Requests

99 %
HTTPS

33 %
IPv6

81
Domains

139
Subdomains

112
IPs

9
Countries

5364 kB
Transfer

12807 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1?_ud=6d015fee-6f61-4575-a727-81f8c9838fec&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/112385/connatix.playspace.dc.js
Request Chain 108
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 109
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1
Request Chain 112
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0c1e1e5e-687c-470f-b014-0b2ce0a47152%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0c1e1e5e-687c-470f-b014-0b2ce0a47152%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=0c1e1e5e-687c-470f-b014-0b2ce0a47152&D=&bidder=index_rtb&uid=YG9atlvalBcYMKJDxxUKDwAA%261126
Request Chain 113
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP66d629fa-98a1-11eb-9534-0263496c090c HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP66d629fa-98a1-11eb-9534-0263496c090c&verify=true
Request Chain 114
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YG9atgAAAI8zZBcV HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YG9atgAAAI8zZBcV&_origin=0&gdpr=0&gdpr_consent=&_test=YG9atgAAAI8zZBcV HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YG9atgAAAI8zZBcV&_origin=0&gdpr=0&gdpr_consent=&_test=YG9atgAAAI8zZBcV&apid=UP66d629fa-98a1-11eb-9534-0263496c090c HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YG9atgAAAI8zZBcV&_origin=0&gdpr=0&gdpr_consent=&_test=YG9atgAAAI8zZBcV&apid=UP66d629fa-98a1-11eb-9534-0263496c090c&verify=true
Request Chain 116
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0c1e1e5e-687c-470f-b014-0b2ce0a47152%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0c1e1e5e-687c-470f-b014-0b2ce0a47152%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=0c1e1e5e-687c-470f-b014-0b2ce0a47152&D=&bidder=sovrn&uid=1834493104d4c56287123a7c
Request Chain 117
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0c1e1e5e-687c-470f-b014-0b2ce0a47152%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D0c1e1e5e-687c-470f-b014-0b2ce0a47152%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=0c1e1e5e-687c-470f-b014-0b2ce0a47152&D=&bidder=appnexus&uid=6432360340197260526
Request Chain 118
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=582462df-6a5e-4e51-baf7-2156e043ee52&_origin=1&gdpr=1&gdpr_consent=
Request Chain 176
  • https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1617910455653&ns_c=UTF-8&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1617910455653&ns_c=UTF-8&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&c9=&cs_ak_ss=1
Request Chain 184
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 185
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=lD7RBFudZEleBIJiZiQW&pi=mgid&tc=1
Request Chain 186
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=743a81c6-aa2d-4d84-9ae9-16286d9b9ae6&ttl=1620502457
Request Chain 187
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=Hs7WK7SdsFZyV4uRSlZaWm92&ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=270&expires=10&user_id=Hs7WK7SdsFZyV4uRSlZaWm92&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=af45407f-5674-46c5-bfa8-e01a2a458114&gdpr=&gdpr_consent=&us_privacy=
Request Chain 189
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=82ca9412-0e1c-4ec6-a9a4-6e93a4148ede
Request Chain 191
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l389Jyuq35yc HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=1d724839-3ce1-41ad-8526-afa5377e85c9&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDM4OUp5dXEzNXlj&muidn=l389Jyuq35yc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDM4OUp5dXEzNXlj&muidn=l389Jyuq35yc&google_tc= HTTP 302
  • https://cm.mgid.com/google?muidn=l389Jyuq35yc&google_ula={guid},5&google_gid=CAESEEDS0ZcgJhxKCCM897RXq8k&google_cver=1
Request Chain 207
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1617910457434&ns_c=UTF-8&cv=3.5&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1617910457434&ns_c=UTF-8&cv=3.5&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&c9=&cs_ak_ss=1
Request Chain 222
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6007606f-5abb-4a00-a7ea-2ca956e52448 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=6007606f-5abb-4a00-a7ea-2ca956e52448
Request Chain 223
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=KYhUNSrZADIyiFdlJo5PMXzdV2syjVtmfYxFqMoY HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=1&val=KYhUNSrZADIyiFdlJo5PMXzdV2syjVtmfYxFqMoY
Request Chain 224
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1168018526156980233
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENnLyEYdvW4gZ8LMDKOKyAs&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENnLyEYdvW4gZ8LMDKOKyAs&google_cver=1
Request Chain 230
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 232
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 251
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1139417081313456709
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pXiykOOXS3qmkibnFjFvzw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 255
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A578B290-E397-4B7A-A692-26E716316FCF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A578B290-E397-4B7A-A692-26E716316FCF&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 256
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A578B290-E397-4B7A-A692-26E716316FCF&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A578B290-E397-4B7A-A692-26E716316FCF&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A578B290-E397-4B7A-A692-26E716316FCF&addseg=19,36,42
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTU3OEIyOTAtRTM5Ny00QjdBLUE2OTItMjZFNzE2MzE2RkNG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHzcfavWgpd2jU4Yq404vRE&google_cver=1
Request Chain 260
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=60d209a1-e76d-4c74-afe5-5db8ca5c26bf
Request Chain 261
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1168018526156980233
Request Chain 262
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6007606f-5abb-4a00-a7ea-2ca956e52448&gdpr=0&gdpr_consent=
Request Chain 263
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1540220548708041551&gdpr=0&gdpr_consent=
Request Chain 264
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=5v3IVc8URkhgtTlRYetleVNhFww&user_group=1&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=af45407f-5674-46c5-bfa8-e01a2a458114&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 265
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=60d209a1-e76d-4c74-afe5-5db8ca5c26bf
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOy_MwYVV-dBw14WXitrpqQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 268
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/sync/google/demand?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA3NDQ1MTg1NzYyNzE5ODI4OTk%3D
Request Chain 270
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11277686311142193948?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-ButZPFtE2oSdrgzU_cw3yQxv2nKV9Vi2cVDgxJid6Q--~A&dongle=0883
Request Chain 271
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1540220548708041551&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 272
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11277686311142193948 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11277686311142193948&dcc=t
Request Chain 273
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 295
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YG9au.Vuy19ZAvS6VNF1lwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI1i5obsoZt2_6h94dH04Es&google_cver=1&gdpr=1&google_hm=2
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YG9au-Vuy19ZAvS6VNF1lwAABJgAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEK0V9Z7QTahx1DsL76s1T4I&google_cver=1
Request Chain 298
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YG9au-Vuy19ZAvS6VNF1lwAABJgAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YG9au-Vuy19ZAvS6VNF1lwAABJgAAAAB&dcc=t
Request Chain 299
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0616220400b311cb2ade5111&expiration=[EXPIRATION]&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0616220400b311cb2ade5111&expiration=[EXPIRATION]&gdpr=1&C=1
Request Chain 302
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YG9au.Vuy19ZAvS6VNF1lwAA%261176 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YG9au.Vuy19ZAvS6VNF1lwAA%261176
Request Chain 322
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 331
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJb4jJq3uQOB9CYWEtFtlQY&google_cver=1
Request Chain 366
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d4108b15-3442-4854-9d59-c816acbe4330
Request Chain 367
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3771753027293815588
Request Chain 369
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8321978001525869727
Request Chain 370
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ef87606f-5ac9-4700-8275-fea9832ff417&gdpr=0&gdpr_consent=
Request Chain 371
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2685647720955944767&gdpr=0&gdpr_consent=
Request Chain 372
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0MxMjEyRUMtMzAyQi00MzhELUE2MzctQUFDMTY0NDA0MzM2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=b1390159-25d3-43fb-a3b8-a7f3f93272e9&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=18ed9d2b-5f54-4606-9a6c-efd34391dba6&gdpr=&gdpr_consent=&gdpr_pd=

367 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk...
info.silobreaker.com/e2t/tc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:01 GMT
content-type
text/html;charset=utf-8
cf-ray
63cdee43ca5a089b-CDG
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0954933e5a0000089ba7088000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=keCIp7CDXEwVBUMQ9T%2B08kuEb30lGKP0TXfyfqGUdDpOF0Of9xPxCXFzmGicYBkrYPQZFg5QpCt5U3A8AP1i90Wp8NE4%2F0AbXxQnELcPENu1vhr9Jg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
set-cookie
__cfruid=6511fed8f833e1d08b4714f7616046485aa3893b-1617910441; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
server
cloudflare
content-encoding
br
Primary Request who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369
www.ibtimes.com/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW...
  • https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG...
212 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.227.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-227-174.compute-1.amazonaws.com
Software
/
Resource Hash
34efcf210ef96afa362edb59c6409366a1b191f2c8884153355f8b6195f16a10
Security Headers
Name Value
Strict-Transport-Security max-age=1000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.ibtimes.com
:scheme
https
:path
/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1

Response headers

date
Thu, 08 Apr 2021 19:34:03 GMT
content-type
text/html; charset=utf-8
x-content-type-options
nosniff nosniff
expires
Sun, 19 Nov 1978 05:00:00 GMT
cache-control
public, max-age=1800, public
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=1000; includeSubDomains
content-language
en
x-ua-compatible
IE=edge
etag
"1617910442-1"
last-modified
Thu, 08 Apr 2021 19:34:02 GMT
content-encoding
gzip
x-ua-device
pc
age
0
grace
none
x-cache
MISS
vary
Cookie,Accept-Encoding, User-Agent
x-geoip
DE
x-cache-hits
0
accept-ranges
bytes

Redirect headers

date
Thu, 08 Apr 2021 19:34:02 GMT
location
https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
cf-ray
63cdee454f70089b-CDG
link
<https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0954933f4e0000089b72935000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p%2Bn%2FR5nH35YM2wbvCfzmpatxNxj46ivEXLVCZMfFF0frrcy71objPVUuIkflsEXKHpbUduCf9MIUgqduhcg3Cydv3UtN5gnHCiCc9RfKxEYq8BFE%2FA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
ccpa-liveramp.js
ccpa-wrapper.privacymanager.io/ccpa/b048e9c3-ab54-4024-9fa6-983e6fcec56c/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa-wrapper.privacymanager.io/ccpa/b048e9c3-ab54-4024-9fa6-983e6fcec56c/ccpa-liveramp.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b800:3:f9b0:4040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f2babf2cc23ba3832aa3c62c2d5f37e5ad0442c67d70405833112839dbb981a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ZjkGxWYkKNMBBjt4LKTRiSL8IrlYBWdE
content-encoding
gzip
etag
W/"5734e2bb4e0a3f2acb3ed189c8f93fab"
last-modified
Wed, 16 Dec 2020 15:56:39 GMT
server
AmazonS3
age
41349
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
date
Thu, 08 Apr 2021 08:04:55 GMT
content-disposition
attachment; filename="ccpa-liveramp.js"
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
U8a8KAEgZTS7XLkXaIP9lHfPIVUmKMnhLIT3svoS1vh_lDBpiYAb_g==
prebid.js
s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/ 		296 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b3d3a574ab858e578952465bff7f171e304726111d1cbfe9e156d27eb909088e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
93869
last-modified
Wed, 10 Feb 2021 16:10:52 GMT
etag
"4a1c7-5bafda5aa95cd-gzip"
x-hw
1617910443.cds157.fr8.hn,1617910443.cds212.fr8.c
content-type
application/javascript
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
gpt.js
www.googletagservices.com/tag/js/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7aa454a248dd562f15cc9ef4ca5ead5f1243ab499856d5eff79c94e425c5c4e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"837 / 65 of 1000 / last-modified: 1617880546"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20379
x-xss-protection
0
expires
Thu, 08 Apr 2021 19:34:04 GMT
v2jwa09-ea5JgtGMI8UDv_W4HlKfJLPJbfeNXviAWNmyjExu0se_D1bU_Pr8x9zyUiVxfGFG-_0hNq8v4c7qG8GBjE4T6vWc
stalesummer.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stalesummer.com/v2jwa09-ea5JgtGMI8UDv_W4HlKfJLPJbfeNXviAWNmyjExu0se_D1bU_Pr8x9zyUiVxfGFG-_0hNq8v4c7qG8GBjE4T6vWc
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.48.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
162009a148bbeaa25ffc3f87a1cb338deb9e9382e4133d0830be57a6afd6ebd1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"26c46a4e9785f8ea4ded0d8689dfa12007e7874824fcd26147bc7c7ef64cf371"
vary
Accept-Encoding, Accept-Language
x-hostname
327907e0
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Thu, 08 Apr 2021 19:34:04 GMT
timing-allow-origin
*
5154892.js
js.hs-scripts.com/ 		835 B
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/5154892.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbd2365de2684fc2967c705828ca85616f1b72abb874c2081dd4e1f65a1f0859

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
33
cf-polished
origSize=942
cf-request-id
0954934b3800003240c691c000000001
cf-bgj
minify
server
cloudflare
x-trace
2B0B9A88F2E44CD883173739EABD97C4AC5C6980A9000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.ibtimes.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
63cdee585c963240-FRA
expires
Thu, 08 Apr 2021 19:35:04 GMT
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B71) /
Resource Hash
4804eeb4c4abffc4e7e36b96935ccb9e3ea97651dfbf522589e5c85be933f4e8

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Apr 2021 23:24:36 GMT
Server
ECS (amb/6B71)
Age
619
Etag
"c6906b2e1894558795b131fc4eee41cf+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28673
js__4doaOVrHFXWtNkAxvpJErZYJegMxIyNI_v23DlFpHaU__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__4doaOVrHFXWtNkAxvpJErZYJegMxIyNI_v23DlFpHaU__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
1080
last-modified
Fri, 12 Feb 2021 14:46:46 GMT
etag
"1613141206"
x-hw
1617910444.cds157.fr8.hn,1617910444.cds010.fr8.c
content-type
application/javascript
x-geoip
CA
cache-control
max-age=31449600, public, no-transform, public, immutable
accept-ranges
bytes
x-cache-hits
0
president-elect-joe-bidens-team-is-plowing-ahead.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/lg/public/2020/11/20/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/lg/public/2020/11/20/president-elect-joe-bidens-team-is-plowing-ahead.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
5e15e3a9dee94ae088448020979399786f324b6febda84f8cad07c5693d748d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
32071
last-modified
Mon, 07 Dec 2020 13:48:16 GMT
etag
"7d47-5b5e013fd5b8c"
x-hw
1617910444.cds157.fr8.hn,1617910444.cds259.fr8.sc,1617910444.dop041.dc2.r,1617910444.cds067.dc2.c,1617910444.cds259.fr8.p
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
poller-constructor.js
frontend.1worldonline.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend.1worldonline.com/poller-constructor.js?ncu=%%CLICK_URL_ESC%%
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
1b237a1ba04d5b9afafc7279af80aaa6856454f0cc5aebafc41e15e9235d9f5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 18:36:13 GMT
Content-Encoding
gzip
Age
3471
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4940
Last-Modified
Fri, 02 Apr 2021 10:35:12 GMT
Server
nginx
ETag
W/"6066f360-3694"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
Cache-Control
max-age=7200
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
j8YADSPuyu41h5g9wc7KbAz6BTy3sXDR6tOCR8CbM7kmkQJb1KSZnA==
Expires
Thu, 08 Apr 2021 20:36:13 GMT
xyzwalensky.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/embed/public/2020/12/07/ 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/embed/public/2020/12/07/xyzwalensky.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
31d461edc2d67ca0cc50368c30ca486e59c21081935d28bd770ed665d096719f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
177712
last-modified
Mon, 07 Dec 2020 13:42:07 GMT
etag
"2b630-5b5dffe024088"
x-hw
1617910444.cds157.fr8.hn,1617910444.cds054.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
view_webform_v2.js
ibt-mail.com/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibt-mail.com/view_webform_v2.js?u=t&webforms_id=12
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.77.202 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
Software
nginx /
Resource Hash
a65bdfa116f70a3576acdaf80dcce90304fc3e75112cea5cc6aef678eac9bdbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:04 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
sameorigin
Content-Type
application/x-javascript
X-XSS-Protection
1; mode=block
Feature-Policy
accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
Connection
keep-alive
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
while-joe-biden-has-urged-lawmakers-to-push.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/04/07/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/04/07/while-joe-biden-has-urged-lawmakers-to-push.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7f8371369e8fbab5652ab552b187f965eb7744034f6c580ff25be13fc31c5cf7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
bot
content-length
28381
last-modified
Thu, 08 Apr 2021 03:34:34 GMT
etag
"6edd-5bf6db9e47c66"
x-hw
1617910444.cds157.fr8.hn,1617910444.cds142.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
GB
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
germanys-comparatively-slow-vaccine-rollout-has-become-a.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/04/08/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/04/08/germanys-comparatively-slow-vaccine-rollout-has-become-a.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
81cc892c98b058d2a8c27948d5c22dd99be35db12cf7a973fdc9dc3708841da0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
12459
last-modified
Thu, 08 Apr 2021 12:45:16 GMT
etag
"30ab-5bf756b5e47e5"
x-hw
1617910444.cds157.fr8.hn,1617910444.cds065.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
a-worker-paints-the-wall-of-a-covid.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/01/15/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/01/15/a-worker-paints-the-wall-of-a-covid.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
4a39e183ed871099822b33216254b5b1670f455f6e09baefab41656c65a42636
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
16635
last-modified
Thu, 08 Apr 2021 11:42:55 GMT
etag
"40fb-5bf748c5b0269"
x-hw
1617910444.cds157.fr8.hn,1617910444.cds011.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
NO
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
several-other-us-states-including-new-york-and.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/04/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/04/08/several-other-us-states-including-new-york-and.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c788ca9a9149f080ff1d3024e98ef4c0d633acfda810b4d2108539a8d7e44c2d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
9249
last-modified
Thu, 08 Apr 2021 04:43:51 GMT
etag
"2421-5bf6eb1aef04c"
x-hw
1617910444.cds157.fr8.hn,1617910444.cds261.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
former-starbucks-chief-howard-schultz-was-behind-a.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2020/08/03/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2020/08/03/former-starbucks-chief-howard-schultz-was-behind-a.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
5e9c84aff9f01fd1d628eee363f2faab955890bca47a44194e4375d969577a9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
14762
last-modified
Mon, 03 Aug 2020 17:54:39 GMT
etag
"39aa-5abfcd526637c"
x-hw
1617910444.cds157.fr8.hn,1617910444.cds053.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
SE
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
fintech-startups-2021.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/03/17/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/sm/public/2021/03/17/fintech-startups-2021.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
8c134dc0955f76192a32b93340dab9ddbcfe8ffc94082761075e8c352dcc391c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
17917
last-modified
Wed, 17 Mar 2021 21:22:29 GMT
etag
"45fd-5bdc21488fd73"
x-hw
1617910444.cds157.fr8.hn,1617910444.cds098.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
ibtimes_spotlight_banner.png
s1.ibtimes.com/sites/www.ibtimes.com/files/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/ibtimes_spotlight_banner.png
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
69b3919da02793bf06b57f9b353748842b2401fb189f16cc839931e965ad3787
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
142327
last-modified
Sun, 04 Oct 2020 21:37:35 GMT
etag
"22bf7-5b0df2c97ce6b"
x-hw
1617910444.cds157.fr8.hn,1617910444.cds151.fr8.c
content-type
image/png
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
soraya-darabi.jpeg
d1.spcdn.ibt.com/multiupload/2021/03/04/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1.spcdn.ibt.com/multiupload/2021/03/04/soraya-darabi.jpeg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8416b9409cc7055c3a2b410f6146d639f8f1db413e42ff2acbfeebdccaf9a5ba

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
last-modified
Fri, 05 Mar 2021 02:24:00 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"8641-5bcc0c6ed2432"
x-hw
1617910444.cds103.fr8.hn,1617910444.cds127.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2006
accept-ranges
bytes
content-length
34369
mike-brady.png
d1.spcdn.ibt.com/multiupload/2021/01/20/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1.spcdn.ibt.com/multiupload/2021/01/20/mike-brady.png
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8808a5931f001093bc198f46814e282d41e0f953862b6933d3bca1da71ac1223

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
last-modified
Thu, 21 Jan 2021 03:51:26 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"377da-5b960fc72d2f3"
x-hw
1617910444.cds103.fr8.hn,1617910444.cds149.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1415
accept-ranges
bytes
content-length
227290
ccpa.bundle.js
ccpa.privacymanager.io/1/ 		131 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa.privacymanager.io/1/ccpa.bundle.js
Requested by
Host: ccpa-wrapper.privacymanager.io
URL: https://ccpa-wrapper.privacymanager.io/ccpa/b048e9c3-ab54-4024-9fa6-983e6fcec56c/ccpa-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:6a00:9:dc53:cc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88e0a9d03ac992968111ff4af7d871469f27bdef0c6104a7eefa65a7a7b8100f

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
J9opR_mQqd7KPOjoM1DtSc.oozlSNFaD
content-encoding
gzip
etag
W/"c1bd13e95f938ac95a7b5a19ae0f8a64"
last-modified
Tue, 23 Mar 2021 11:18:47 GMT
server
AmazonS3
age
45414
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3f7bd14926d2704d3a00300bdc9dae98.cloudfront.net (CloudFront)
date
Thu, 08 Apr 2021 06:57:11 GMT
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
KHzHd1yZNzR36nxY_aWEOa_pNL6skryTJTPq6lS2E8eD4V2skGZ-6w==
b
query.fqtag.com/ 		82 B
163 B 		Script
General
Check archive.org
Download Go to
Full URL
https://query.fqtag.com/b?org=8adasewre3atrefrejuj&sk=Pd8JDmKG8eZNvkNzvGBX&callback=fq_callback&p=www.ibtimes.com_article&a=article&cmp=none&cb=1617910444069&url=none&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.195.222 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
via
1.1 google
alt-svc
clear
content-length
82
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 22:11:27 GMT
content-encoding
gzip
server
Server
age
76956
etag
9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a6e1678aced1951bb094538ec62256f5.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
x-amz-cf-id
N22wMWjEUuDQOLfa09dZx2ubS3Y9L31RTZR8nnYNdOLkYoGtF-F5SQ==
logo-md.svg
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/images/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/images/logo-md.svg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
efa977023c6486f558af30e428480972817e39f602b5ac0307f1e64f5fad5e91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
1560
last-modified
Thu, 16 Apr 2020 18:00:48 GMT
etag
"1766-5a36c36488787-gzip"
x-hw
1617910444.cds157.fr8.hn,1617910444.cds138.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
GothamNarrow-Light.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/GothamNarrow-Light.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66fac9123cbd9a55edc7720629d1442277db52c4a3e3d2f42854905e52022c8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
bot
content-length
20496
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"5010-56c0e692334d2"
x-hw
1617910444.cds098.fr8.hn,1617910444.cds220.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
FR
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
GothamNarrow-Medium.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/GothamNarrow-Medium.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
bf8c52fac4387f2c2892a116d6cd08de6c64061e88200df7ca256b1918db8a23
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
14589
grace
none
x-cache
HIT
x-ua-device
mobile
content-length
20396
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"4fac-5a06f881ce18d"
x-hw
1617910444.cds098.fr8.hn,1617910444.cds244.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
1
Genericons.woff
s1.ibtimes.com/sites/all/themes/lemon/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/all/themes/lemon/fonts/Genericons.woff
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
13988
last-modified
Tue, 26 Jul 2016 03:18:10 GMT
etag
"36a4-52cba959d601d"
x-hw
1617910444.cds098.fr8.hn,1617910444.cds140.fr8.c
content-type
application/x-font-woff
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
GothamNarrow-Bold.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/GothamNarrow-Bold.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fa9d0382df6ffc1160364daa89169e6635cb1198d0ea46c5edbc483dba4f3024
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
25831
grace
none
x-cache
HIT
x-ua-device
mobile
content-length
20268
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"4f2c-56706e30d80b6"
x-hw
1617910444.cds098.fr8.hn,1617910444.cds041.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
1
GothamNarrow-Black.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/GothamNarrow-Black.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
0bf095b71113f5dce2d2fc47d5d8ae5ead9299bfd4ef43245fcd07b5de85a2a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:04 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
27792
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"6c90-59ce70c6d064f"
x-hw
1617910444.cds098.fr8.hn,1617910444.cds245.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
js__SlxZR0T0y0knhPGspoKKlEQqbk_RdNNsHwLrlCQRTSo__RgpPVro9wK40GN-tQHmx9y4C2ci20sAMPuS9ueFsEv8__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/ 		393 B
440 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__SlxZR0T0y0knhPGspoKKlEQqbk_RdNNsHwLrlCQRTSo__RgpPVro9wK40GN-tQHmx9y4C2ci20sAMPuS9ueFsEv8__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c73ef449cb85f7a0898f6447443b8caa54652092c26a8b188094537f6cf91180
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
305
last-modified
Fri, 12 Feb 2021 14:46:47 GMT
etag
"1613141207"
x-hw
1617910446.cds157.fr8.hn,1617910446.cds101.fr8.c
content-type
application/javascript
x-geoip
CA
cache-control
max-age=31449600, public, no-transform, public, immutable
accept-ranges
bytes
x-cache-hits
0
js__qYFlv-TZh411Wk93sECex2Ssr9g-dQuZ-JCN1-mSGE0__GFcMVwA_8zYqqv3dYigkNwJmJBQm6DAlc8htDu-dGw4__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__qYFlv-TZh411Wk93sECex2Ssr9g-dQuZ-JCN1-mSGE0__GFcMVwA_8zYqqv3dYigkNwJmJBQm6DAlc8htDu-dGw4__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
faa9176f1e72f821d634cdba3537db7b771f7f2613a836532a437c7d967378ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
33590
last-modified
Fri, 12 Feb 2021 14:46:47 GMT
etag
"1613141207"
x-hw
1617910446.cds157.fr8.hn,1617910446.cds219.fr8.c
content-type
application/javascript
x-geoip
CA
cache-control
max-age=31449600, public, no-transform, public, immutable
accept-ranges
bytes
x-cache-hits
0
js__L9T9MMhD4LjvhcuxbWhNp7dB0VOAKyD3X9nWHmhjY4Q__E-YCd_HO3bT_lM9iSiqLVO-fzD5c-3rTbipbwfZlqLA__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__L9T9MMhD4LjvhcuxbWhNp7dB0VOAKyD3X9nWHmhjY4Q__E-YCd_HO3bT_lM9iSiqLVO-fzD5c-3rTbipbwfZlqLA__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
daafa49c00ad71ec3477d7da2e14be1b14807f8d3178349239219e612e9dcecf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
21750
last-modified
Fri, 12 Feb 2021 14:46:47 GMT
etag
"1613141207"
x-hw
1617910446.cds157.fr8.hn,1617910446.cds160.fr8.c
content-type
application/javascript
x-geoip
CA
cache-control
max-age=31449600, public, no-transform, public, immutable
accept-ranges
bytes
x-cache-hits
0
js__1ZH4HXRBj0RpPIs1EkDvvtiwRPVMfWh68N8L4Ebx7lo__EewC0LZ9o_k1ssvPCiRen8BavbUrtl8ds3SXtav3Nmk__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__1ZH4HXRBj0RpPIs1EkDvvtiwRPVMfWh68N8L4Ebx7lo__EewC0LZ9o_k1ssvPCiRen8BavbUrtl8ds3SXtav3Nmk__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
264802e7eced559d7164c6488bec1ffe244a86b1142f5604ea38125edb8c3218
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
15816
last-modified
Fri, 12 Feb 2021 14:46:47 GMT
etag
"1613141207"
x-hw
1617910446.cds157.fr8.hn,1617910446.cds106.fr8.c
content-type
application/javascript
x-geoip
US
cache-control
max-age=31449600, public, no-transform, public, immutable
accept-ranges
bytes
x-cache-hits
0
js__ovEBOfTvFzex75xXUyTbh-LqlqqowtmULfPthTrQnAI__MRT_a3fddNLgFfSPnYc1w6uAfQf08xoYyotvIy14uMc__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/ 		82 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__ovEBOfTvFzex75xXUyTbh-LqlqqowtmULfPthTrQnAI__MRT_a3fddNLgFfSPnYc1w6uAfQf08xoYyotvIy14uMc__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6560e5eef09f08ab7f5a4ce72c6c807dada80df97db47cbef951d886635fdd4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
19666
last-modified
Wed, 07 Apr 2021 22:05:10 GMT
etag
"1617833110"
x-hw
1617910446.cds157.fr8.hn,1617910446.cds018.fr8.c
content-type
application/javascript
x-geoip
CA
cache-control
max-age=31449600, public, no-transform, public, immutable
accept-ranges
bytes
x-cache-hits
0
connatix.playspace.dc.js
cds.connatix.com/p/112385/ Frame 8D8A
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/112385/connatix.playspace.dc.js
1 MB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/112385/connatix.playspace.dc.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dec2f86d6ed9e889ab14d840467bd1c2fff91102aacaf06afccc5d25a40ae001

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:07 GMT
content-encoding
br
last-modified
Thu, 08 Apr 2021 13:16:59 GMT
age
13496
etag
"7a93778ff489dad073a9412c72433814"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=31557600
accept-ranges
bytes
content-length
232670

Redirect headers

location
https://cds.connatix.com/p/112385/connatix.playspace.dc.js
date
Thu, 08 Apr 2021 19:34:06 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
ibtimes.com.307820.js
jsc.mgid.com/i/b/ Frame 065A 		461 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d65740c48ffdc75622a8d1b17001d58a32a1bd8b57fddcd8291eae4311b6eaf

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:06 GMT
content-encoding
br
cf-cache-status
HIT
age
2070
cf-polished
origSize=636055
last-modified
Thu, 01 Apr 2021 10:21:32 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
37G1MYS3W9804WFT
x-amz-id-2
Uuty6oEyU30I9B7QiRdqXZBS3lGMcy4u0KN9fo9MbY2bPdpYlY+fcwpnIaZ17KRm66vyy+muLdo=
cf-bgj
minify
server
cloudflare
etag
W/"7964fbdd6bc7d1620d7bbca23f99539e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
09549351b90000083f0d8cf000000001
cf-ray
63cdee62bd8d083f-CDG
expires
Thu, 08 Apr 2021 22:34:06 GMT
bid.json
reachms.bfmio.com/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=9950dc87-e457-40ab-84d2-0662b604390c
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.46.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-46-53.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Expose-Headers
location
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=ISO-8859-1
Expires
Thu, 01 Jan 1970 00:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		470 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
132285bd44c67b9f4057c575771278f5acff6f44b504d8527084d75d7ac6d36a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:07 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.ibtimes.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
470
expires
0
prebid
ib.adnxs.com/ut/v3/ 		605 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b701f14950999a42992e32f256113ac73b095db72b4ee6fb2bc407073796b6f6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 08 Apr 2021 19:34:07 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
83.97.23.12; 83.97.23.12; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.151:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8abe4058-f4e3-4ae2-9b77-c5605eb3c619
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.ibtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
u.openx.net/w/1.0/ 		174 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=78306fda-469f-40f1-8320-364b240c1542%2C0806cb7a-f39d-4048-ac38-f20cc4080b55%2C01e2b169-557f-4879-bfde-11528b445443%2C6ac1b488-442c-4118-bf41-26a1b3bf8778&nocache=1617910447008&ph=c426afb7-9100-4325-a885-afed645e58b6&aus=728x90%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250&divIds=dfp-ad-top%2Cdfp-ad-right1%2Cdfp-ad-right2%2Cdfp-ad-right3&auid=540734349%2C540734343%2C540734346%2C540734347
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
ed1c997e212608ad0a668eda94470026de40b565c9d80bab4b5213aff02eade0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:07 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ibtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
u.openx.net/v/1.0/ 		106 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=231f4e58-00d2-43ef-8af4-4e07d08d5907&nocache=1617910447009&ph=c426afb7-9100-4325-a885-afed645e58b6&auid=540745828&vwd=640&vht=360
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:07 GMT
via
1.1 google
server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ibtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.25.0&referrer=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&tmax=1000
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.92.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-92-81.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:07 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.ibtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=IBTimes
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-45-128.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ibtimes.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
/
hb.emxdgt.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1617910447047&src=pbjs
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.69.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-69-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ibtimes.com
date
Thu, 08 Apr 2021 19:34:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.43.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-43-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
60a5612e5f4c653140ff1e06163f7da51624734fca884c42faa1bb14fc87e6bc

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:07 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.ibtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		594 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19988&site_id=234676&zone_id=1157176%3B1157168%3B1157170%3B1157172&size_id=2%3B15%3B15%3B15&alt_size_ids=%3B10%3B10%3B&rf=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&tk_flint=pbjs_lite_v4.25.0&x_source.tid=78306fda-469f-40f1-8320-364b240c1542%3B0806cb7a-f39d-4048-ac38-f20cc4080b55%3B01e2b169-557f-4879-bfde-11528b445443%3B6ac1b488-442c-4118-bf41-26a1b3bf8778&p_screen_res=1600x1200&rp_secure=1&slots=4&rand=0.31113718199911555
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
997c342b018b8575186fe24717a87cb9501ded95bbaab0756ea0b2a4ac316018

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ibtimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
594
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fcb513442959d2489dd56def61370955551741b9c6b2f0ff87207183798a6922

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ibtimes.com
date
Thu, 08 Apr 2021 19:34:07 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=340178&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22455d18aa0a28cb4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A5%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2246b593a99bdfc51%22%2C%22ext%22%3A%7B%22siteID%22%3A%22340178%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22473fcefbae8b18a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22340179%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2248538023b3ba694%22%2C%22ext%22%3A%7B%22siteID%22%3A%22340179%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2249ecf159017f6e5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22340180%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22505e8dc1c3f9c9e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22340180%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2251dde010df39a26%22%2C%22ext%22%3A%7B%22siteID%22%3A%22340181%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
020e42187c4def3b2ae3fff87d07a1cc423189c2ef39424a5584f7ac21e73e00

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:07 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[83.97.23.12], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ibtimes.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Thu, 08 Apr 2021 19:34:07 GMT
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=340178&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22455d18aa0a28cb4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A5%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2252ed5c083de43ca%22%2C%22ext%22%3A%7B%22siteID%22%3A%22441511%22%2C%22sid%22%3A%22640x360%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A60%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A640%2C%22h%22%3A360%2C%22placement%22%3A1%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A%5B1%2C2%2C3%5D%2C%22delivery%22%3A%5B2%5D%2C%22linearity%22%3A1%7D%7D%5D%7D
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
020e42187c4def3b2ae3fff87d07a1cc423189c2ef39424a5584f7ac21e73e00

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:07 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[83.97.23.12], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ibtimes.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Thu, 08 Apr 2021 19:34:07 GMT
c
prebid.a-mo.net/a/ 		741 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
6c42e28bdb2ece0c67ac6b77ae7dfd6217849851b9e6abf298d51347377636e6

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Apr 2021 19:34:06 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ibtimes.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
64
content-length
306
Cookie set /
ibt-mail.com/site2/ibt_us_2021/ Frame 80DC 		76 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
Requested by
Host: ibt-mail.com
URL: https://ibt-mail.com/view_webform_v2.js?u=t&webforms_id=12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.77.202 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
Software
nginx /
Resource Hash
0f96fb93bc2b3fa5fdc93e7e3818e9dcb44cf94838f2ad250d02baf4b857b24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ibt-mail.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Server
nginx
Date
Thu, 08 Apr 2021 19:34:07 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
timeout=logout_43200; expires=Fri, 09-Apr-2021 07:34:07 GMT; Max-Age=43200; path=/; domain=ibt-mail.com webformv2_opened_12=0; expires=Sat, 07-Aug-2021 19:34:07 GMT; Max-Age=10454400; path=/; domain=.ibt-mail.com webformv2_opened_12=0; expires=Sat, 07-Aug-2021 19:34:07 GMT; Max-Age=10454400; path=/; domain=.ibt-mail.com
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Feature-Policy
accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
Content-Encoding
gzip
gr_wf_v2.css
ibt-mail.com/stylesheets/core/pages/webFormV2/public/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibt-mail.com/stylesheets/core/pages/webFormV2/public/gr_wf_v2.css
Requested by
Host: ibt-mail.com
URL: https://ibt-mail.com/view_webform_v2.js?u=t&webforms_id=12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.77.202 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
Software
nginx /
Resource Hash
0c9ac233a87095c82fb409d77e1e8214461f3cffad4ddf119072b3f37caff6b1

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:07 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Server
nginx
ETag
W/"1dc09d84-1fd8"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=14400
Connection
keep-alive
Expires
Thu, 08 Apr 2021 23:34:07 GMT
tm-hits-widget.js
cdn.feeds.ibt.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.feeds.ibt.com/tm-hits-widget.js?story_type=analysis%2Carticle%2Ccolumn%2Ceditorial%2Cinterview%2Cop_ed%2Copinion%2Cpulse%2Cslideshow%2Cblog_entry&created=1617651242&syndication=1&numbered=0&numbered2=1&placeholder_id=most_popular_widget&include_categories=0&exclude_cateids=1060003%7C26%7C1630%7C19%7C12%7C34%7C1060006%7C2%7C1059213%7C315%7C38%7C6%7C10%7C35%7C14&include_images=1&include_shares=0&limit=5&sponsor=&include_spons1=&include_spons2=&include_spons3=&site=www.ibtimes.com
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ba00:17:1429:b980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
fb690ddebf5603a3b25ccf9aefd346be7b4781470181ec746e5ef78369581eb3
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:07 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-content-type-options
nosniff, nosniff
server
Apache/2.4.18 (Ubuntu)
x-amz-cf-pop
FRA2-C1
etag
"7807b871296f0acae449922444da0dd4"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
text/javascript; utf-8;charset=UTF-8
cache-control
public, max-age=900
x-drupal-cache
MISS
content-length
4666
x-amz-cf-id
57fIwW7UDisQXCPkWL9WO1uoADRWzYJxoDhixqr-EJ8-v-gB7KXCNw==
expires
Sun, 19 Nov 1978 05:00:00 GMT
pubads_impl_2021040101.js
securepubads.g.doubleclick.net/gpt/ 		286 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 08:39:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103004
x-xss-protection
0
expires
Thu, 08 Apr 2021 19:34:07 GMT
smart3-b9c58ac9.html
frontend.1worldonline.com/widget/ Frame 2E0F 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frontend.1worldonline.com/widget/smart3-b9c58ac9.html
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/poller-constructor.js?ncu=%%CLICK_URL_ESC%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
6b29abc8436956e066a873ce5c1b926fdcad37a4d0e1ba5fddb6d015d7b4cb42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
frontend.1worldonline.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=604800
Content-Encoding
gzip
Date
Fri, 02 Apr 2021 12:19:46 GMT
ETag
W/"6066f360-3f02"
Expires
Fri, 09 Apr 2021 12:19:46 GMT
Last-Modified
Fri, 02 Apr 2021 10:35:12 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Cache
Hit from cloudfront
Via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
-JpZSX3yyLaWztegelMTRqkqndEXRTNX1RujHpIBmkNp4bfqwYh7KA==
Age
544461
start-load
app.1worldonline.com/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401/view/ 		24 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.1worldonline.com/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401/view/start-load?deviceType=desktop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.172.53 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:08 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
p3p
CP="CAO PSA OUR"
Cache-Control
no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
24
5154892.js
js.hs-analytics.net/analytics/1617910200000/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1617910200000/5154892.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5154892.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
697d1279d73b958fd39429e9d0cbc92b511747ed4cd5cd83927f7934d4dc713b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:08 GMT
content-encoding
br
cf-cache-status
HIT
age
215
x-amz-server-side-encryption
AES256
x-amz-request-id
ZMRBZ03P31PAHMRD
x-amz-id-2
coTTberoAjRh77Rj4hQ6dFBW7IvdUjwPF2PKhqFWk+A4Ldf499Xo5sTWoM7uAVJ+vPNogs0f2YM=
last-modified
Tue, 23 Feb 2021 22:41:22 GMT
server
cloudflare
etag
W/"a40cab4299dcb1b7ec1eb5c7ed2726af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-request-id
09549357b000004e558f02c000000001
cf-ray
63cdee6c4b284e55-FRA
expires
Thu, 08 Apr 2021 19:35:32 GMT
5154892.js
js.hs-banner.com/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/5154892.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5154892.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a6a2855f33b803d6785165a5a70a17fb3d2b8a9a5c0b0403c87b438182f2182

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:08 GMT
content-encoding
br
cf-cache-status
HIT
age
209
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-request-id
9MACYEXSSGBQA3AX
x-amz-id-2
XnbJxs39nGZyBVm68EYlPswNkO40cwofeNU7GdrkKNApacGoTg/Uk5jQPVcJx/1JgK+RmW3dcqU=
timing-allow-origin
*
last-modified
Tue, 09 Mar 2021 21:37:29 GMT
server
cloudflare
etag
W/"2669a9f5a8bac5f845a5f60c81b7b760"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
crbblsWX0h0eYZxLmK.RceB67Fwltvmg
access-control-allow-origin
https://www.ibtimes.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-request-id
09549357af00002b4d8793c000000001
cf-ray
63cdee6c4efc2b4d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 08 Apr 2021 19:35:39 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
49350
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Thu, 08 Apr 2021 05:55:00 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
QEWVr--rgsJFUuKpHAvZIdgtvifssUCYTd0BNkg1CqjLQoVXbpEJNg==
implement-r.js
fqtag.com/tag/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fqtag.com/tag/implement-r.js?org=8adasewre3atrefrejuj&p=www.ibtimes.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
cf3192fb2333a369d054f9f888f83d5efff40a9e231ebc143e892f38cc4380f3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:08 GMT
via
1.1 google
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2503
x-xss-protection
0
expires
0
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 17:35:15 GMT
server
ESF
date
Thu, 08 Apr 2021 19:34:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Apr 2021 19:34:08 GMT
css
fonts.googleapis.com/ 		2 KB
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 19:12:23 GMT
server
ESF
date
Thu, 08 Apr 2021 19:34:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Apr 2021 19:34:08 GMT
/
c.mgid.com/pv/ 		0
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=161791044913723172457&ogtitle=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&childs=725222,863739,947807,1086935&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369&lu=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&pageView=1&site=48526&pvid=178b2fa43f2acaac056&implVersion=10&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63cdee734c7d083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0954935c0f0000083f36230000000001
ibtimes.com.js
ghb.adtcontent.com/prebidmg/449419/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ghb.adtcontent.com/prebidmg/449419/ibtimes.com.js?cb=449419
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
3c582c13afb2e573b58d9802cc8c8099a42502675d9302824f3da4540a266096

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:08 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Length
1570
Content-Type
application/javascript; charset=UTF-8
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3794&u=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&pid=hvB9XXjccHXYE&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right3%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22id%22%3A%22IBT_videoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22cmp-timeout%22%2C%22cmpTimeout%22%3A200%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:09 GMT
via
1.1 a6e1678aced1951bb094538ec62256f5.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HAM50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ibtimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
qWJ_8YWJS4LF__-uQoZD2GxPpA741SLWaW1Tay8rP9tFnXk6m25GvQ==
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Server
13.225.74.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.ibtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Thu, 08 Apr 2021 19:34:09 GMT
x-amzn-requestid
13b17bef-a577-4954-a841-320353c5647b
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
desbvHO7DoEFRWg=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront), 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1 FRA2-C2
x-cache
Miss from cloudfront
x-amz-cf-id
45jkeq5wbuQx1O8dOd1lGJTlS0HLlML70jZLevEkHoi6We9mOdSwnA==
/
geo.privacymanager.io/ 		30 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ccpa.privacymanager.io
URL: https://ccpa.privacymanager.io/1/ccpa.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

Accept
application/json
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Apr 2021 00:18:29 GMT
via
1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront), 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
age
69340
x-amzn-requestid
2cfb682b-0b25-490d-a9f3-736e267c0ed2
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-606e4bd5-640780b21b4ab85944631fbd;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
HAM50-C3, FRA2-C2
x-amz-apigw-id
dcDJXE7UDoEF3aw=
content-length
30
x-amz-cf-id
6XtxaFPd4EPQ0Qmq15TNTH-IaK77AvFY-ytxmW3u102CGI5wBBFuWw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
connatix.playspace.css
cds.connatix.com/p/112385/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/112385/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5c4ec4036fad42dce40b7218251fa00105aa29be0cf09e95bc7567094b939793

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:10 GMT
content-encoding
br
last-modified
Thu, 08 Apr 2021 13:16:59 GMT
age
13498
etag
"36e441360e0d5e3daad2cac13c225376"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=31557600
accept-ranges
bytes
content-length
14301
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: cdn.feeds.ibt.com
URL: https://cdn.feeds.ibt.com/tm-hits-widget.js?story_type=analysis%2Carticle%2Ccolumn%2Ceditorial%2Cinterview%2Cop_ed%2Copinion%2Cpulse%2Cslideshow%2Cblog_entry&created=1617651242&syndication=1&numbered=0&numbered2=1&placeholder_id=most_popular_widget&include_categories=0&exclude_cateids=1060003%7C26%7C1630%7C19%7C12%7C34%7C1060006%7C2%7C1059213%7C315%7C38%7C6%7C10%7C35%7C14&include_images=1&include_shares=0&limit=5&sponsor=&include_spons1=&include_spons2=&include_spons3=&site=www.ibtimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:30:06 GMT
x-content-type-options
nosniff
age
244
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92629
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 19:30:06 GMT
pixel.js
cdn.fqtag.com/1.27.339-ccfb11a/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by
Host: fqtag.com
URL: https://fqtag.com/tag/implement-r.js?org=8adasewre3atrefrejuj&p=www.ibtimes.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 18:43:19 GMT
age
3052
x-guploader-uploadid
ABg5-Uy-2R0ywbelfKG9mKPeg1xHqavt41rZHWPl5_uuaY8NAhUvg2YBFFyJMbG07M5q6xqztyIT_rUr39AibF_ctQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89647
last-modified
Wed, 27 Jan 2021 19:48:44 GMT
server
UploadServer
etag
"e0eff30579598f76147c9ea12f490d21"
x-goog-hash
crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
content-language
en
x-goog-generation
1611776924905378
x-goog-expiration
Sun, 11 Nov 2294 19:48:44 GMT
cache-control
public, max-age=3600
x-goog-stored-content-length
89647
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 08 Apr 2021 19:43:19 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:10 GMT
content-encoding
br
cf-cache-status
HIT
age
629
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
09549361470000083fc9a52000000001
cf-ray
63cdee7babf8083f-CDG
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:10 GMT
content-encoding
br
cf-cache-status
HIT
age
3254
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
09549361470000083ff38fe000000001
cf-ray
63cdee7babfa083f-CDG
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
widget-smart.min-95bff20c.js
frontend.1worldonline.com/widget/js/static/ Frame 2E0F 		315 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend.1worldonline.com/widget/js/static/widget-smart.min-95bff20c.js
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/smart3-b9c58ac9.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
03d283f2f17be4c04ea761850cc390566dd28088987cfde0a82d227208027962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://frontend.1worldonline.com/widget/smart3-b9c58ac9.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Apr 2021 11:55:21 GMT
Content-Encoding
gzip
Age
286729
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 02 Apr 2021 10:35:12 GMT
Server
nginx
ETag
W/"6066f360-4ea2c"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
-NS4e5Ef_4-N5Hum-fWT7ieyjZmYuVTO2T4AI3kRBUnGAAGwcNqL0Q==
Expires
Mon, 12 Apr 2021 11:55:21 GMT
overall-widget-smart-4f99cf57.css
frontend.1worldonline.com/widget/js/static/css/ Frame 2E0F 		111 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frontend.1worldonline.com/widget/js/static/css/overall-widget-smart-4f99cf57.css
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/smart3-b9c58ac9.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-90.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
73248d8a0e6784a368c58169f9e9357a2ea27eff985598f0725f66fed67b59f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://frontend.1worldonline.com/widget/smart3-b9c58ac9.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Apr 2021 11:55:21 GMT
Content-Encoding
gzip
Age
286729
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 02 Apr 2021 10:35:12 GMT
Server
nginx
ETag
W/"6066f360-1ba51"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
IQuXfAqV1dEQhLCT6WvilH1uFXg4VSTM6ZwA8ZBfNDuP8rMDpLTyfA==
Expires
Mon, 12 Apr 2021 11:55:21 GMT
analytics.js
www.google-analytics.com/ Frame 2E0F 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/smart3-b9c58ac9.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
6552
date
Thu, 08 Apr 2021 17:44:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Thu, 08 Apr 2021 19:44:58 GMT
manifest.35779c62dedb17e0486d.js
ibt-mail.com/javascripts/core/webforms/dist/ Frame 80DC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibt-mail.com/javascripts/core/webforms/dist/manifest.35779c62dedb17e0486d.js
Requested by
Host: ibt-mail.com
URL: https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.77.202 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
Software
nginx /
Resource Hash
47f1eb008ae9ca3984834143fa71106a1c727579fe8feeb6de781bc73bd2393c

Request headers

Referer
https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:10 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Server
nginx
ETag
W/"1dc09d84-62e"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=14400
Connection
keep-alive
Expires
Thu, 08 Apr 2021 23:34:10 GMT
show_webform_shared.chunk.b282ba4f5e50b895114e.js
ibt-mail.com/javascripts/core/webforms/dist/ Frame 80DC 		283 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibt-mail.com/javascripts/core/webforms/dist/show_webform_shared.chunk.b282ba4f5e50b895114e.js
Requested by
Host: ibt-mail.com
URL: https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.77.202 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
Software
nginx /
Resource Hash
f1ae709d1eab82473090c2ef2fbb1e5b60aaeb0cf42727da89a5789fa2af3166

Request headers

Referer
https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:10 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Server
nginx
ETag
W/"1dc09d84-46de1"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=14400
Connection
keep-alive
Expires
Thu, 08 Apr 2021 23:34:10 GMT
show.chunk.101b68a25478abdd7466.js
ibt-mail.com/javascripts/core/webforms/dist/ Frame 80DC 		807 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibt-mail.com/javascripts/core/webforms/dist/show.chunk.101b68a25478abdd7466.js
Requested by
Host: ibt-mail.com
URL: https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.77.202 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
Software
nginx /
Resource Hash
9efa9dc62458c1ed04de966934e85eb096326a077f83c49bdd5fe1f3c4d0a1e2

Request headers

Referer
https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:10 GMT
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Server
nginx
ETag
"1dc09d84-327"
Content-Type
application/javascript
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
807
Expires
Thu, 08 Apr 2021 23:34:10 GMT
tracking
ghb.adtelligent.com/adunit/ 		43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ghb.adtelligent.com/adunit/tracking?site_id=6705&client_id=303941&event=22&type=0&adid=3B733EA804E263F7&vpbv=1.0&pubbid=0.65&subtype=0
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.ibtimes.com
Date
Thu, 08 Apr 2021 19:34:11 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ibtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 19:34:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ibtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 19:34:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
totop.png
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/images/ 		599 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/images/totop.png
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
240981ff82edee24ab6fec83feeff0b7eed77153d92802cb6cd63cc2cd812ab8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:10 GMT
x-content-type-options
nosniff
age
23886
grace
none
x-cache
HIT
x-ua-device
pc
content-length
599
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"257-5a06f881d00ce"
x-hw
1617910450.cds157.fr8.hn,1617910450.cds131.fr8.c
content-type
image/png
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
1
ads
securepubads.g.doubleclick.net/gampad/ 		155 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2705536253074341&correlator=198090546025651&output=ldjh&impl=fifs&eid=31060550%2C31060703%2C31060704%2C21068031%2C44739387&vrg=2021040101&ptt=17&rdp=1&npa=1&sc=1&sfv=1-0-38&ecs=20210408&iu_parts=43459271%2Cus.ibtimes%2Ctop%2Cright1%2Cright2%2Cright3%2Coop1%2Coop2%2Coop3&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=728x90%2C320x50%7C300x250%7C300x600%7C336x280%2C320x50%7C300x250%7C300x600%7C336x280%2C320x50%7C300x250%7C300x600%7C336x280%7C160x600%2C1x1%2C1x1%2C1x1&fluid=0%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0&ists=7&prev_scp=pos%3Dtop%7Cpos%3Dright1%26hb_format_pubmatic%3Dbanner%26hb_source_pubmatic%3Dclient%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.08%26hb_adid_pubmatic%3D6089954d67b015c%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.08%26hb_adid%3D6089954d67b015c%26hb_bidder%3Dpubmatic%7Cpos%3Dright2%26hb_format_pubmatic%3Dbanner%26hb_source_pubmatic%3Dclient%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.08%26hb_adid_pubmatic%3D61b2b4a6e90e4e%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.08%26hb_adid%3D61b2b4a6e90e4e%26hb_bidder%3Dpubmatic%7Cpos%3Dright3%7Cpos%3Doop1%7Cpos%3Doop2%7Cpos%3Doop3&eri=1&cust_params=article_id%3D3096369%26focus%3DY%26amp%3DN%26refresh%3DN%26content%3DCoronavirus%252CUS%2520News%252CHealth%252CNews%26video%3DY%26topics%3DCoronavirus%26video_type%3DNo%26layout%3Dweb%26paragraphs%3D10%26total_ads%3D4%26page_type%3Darticle%26w1200%3DY%26referrer%3Dexternal%26ts%3Dnonpromoted%26trsource%3DDirect%26keywords%3Dtrending%252Cwho%2520is%2520Dr.%2520Rochelle%2520Walensky%252Cbiden%27s%2520cdc%2520director%2520pick%252Cwho%2520did%2520biden%2520pick%2520for%2520cdc%2520director%252Ccenters%2520for%2520disease%2520control%2520and%2520prevention%2520director%252Cwho%2520is%2520the%2520cdc%2520director%2520now%252Cwho%2520is%2520the%2520new%2520cdc%2520director%252Cwho%2520is%2520dr.%2520walensky%252Cmeet%2520dr%2520walensky%252C%26adunit%3Dus.ibtimes%252Fnational%252Farticles%26abt%3D4%26NoPassFQ%3DY&cookie_enabled=1&bc=31&abxe=1&lmt=1617910442&dt=1617910450852&dlt=1617910443649&idt=6137&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1033%2C1033%2C1033%2C800%2C608%2C800&adys=10%2C470%2C784%2C1713%2C5107%2C1589%2C5108&adks=1064811227%2C707301492%2C2035655821%2C2264556856%2C3118683528%2C3827497269%2C2759785204&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x110%7C353x250%7C353x250%7C353x250%7C1120x1%7C736x2169%7C1120x1&msz=1600x110%7C353x250%7C353x250%7C353x250%7C1120x1%7C736x1%7C1120x1&ga_vid=1779260300.1617910451&ga_sid=1617910451&ga_hid=730939292&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
0ccb3ef69052cc24ba622cbd07050ee6ed12ec3f18db8da76f254d8496609e93
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2L1Y2y7-8CFWUX0wodu4UCEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/13064758606153383936/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIuL1Y2y7-8CFWUX0wodu4UCEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/15820888000315199420/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2L1Y2y7-8CFWUX0wodu4UCEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/13064758606153383936/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIuL1Y2y7-8CFWUX0wodu4UCEA&gqi=&layout=/sadbundle/%24csp%253Der3%24/15820888000315199420/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
google-creative-id
-2,-1,138285577872,-1,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30435
x-xss-protection
0
google-lineitem-id
-2,-1,5158660976,-1,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Thu, 08 Apr 2021 19:34:11 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ibtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1
servicer.mgid.com/307820/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/307820/1?pv=5&cbuster=1617910450993448860382&ogtitle=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&childs=725222,863739,947807,1086935&niet=4g&nisd=false&w=736&h=1487&p2_w=235&p2_h=184&maxw_2=235&maxh_2=184&cols=3&consentData=&gdprApplies=false&uspString=&ref=&cxurl=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369&lu=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&pageView=1&pvid=178b2fa4b3193031c70&implVersion=10&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fbe4d47cb7ba8ac6cbb1cd9ddbe68067cf9cbdf6903c7c302bb97ae3b203d18

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63cdee7edcc4083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
095493634a0000083fd08ca000000001
records
dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/ 		110 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/records
Requested by
Host: ccpa.privacymanager.io
URL: https://ccpa.privacymanager.io/1/ccpa.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-101.dus51.r.cloudfront.net
Software
/
Resource Hash
ed0c17e3e2146ed5c42a42556b1cbb2a6af3142c5edd1e22a0045aaa95388960

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Apr 2021 19:34:12 GMT
via
1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amzn-requestid
f45f9717-95d0-431b-a253-bc069df3e255
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-606f5ab4-1be7708f18c3556c295128a2
x-amz-apigw-id
descLEsaIAMF9SA=
content-length
110
x-amz-cf-id
AMj5J1c6VnYYWIIR80M-tUypdpg7hS1ezTSc0HFxxe3q9fT06B9lnQ==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d389befa875a881d33ed655e148856e40715ccaa3ad553f39568d406d71139e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
hNfvI++co+0CcLfxozwm6g==
cross-origin-resource-policy
cross-origin
expires
Thu, 08 Apr 2021 19:38:31 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1778
x-fb-rlafr
0
x-fb-debug
IoZkCFQWt4Liwpe1oiLSHE6fEYThIfKdBIQMJTm3HNe4OC2H79w8cm3NMtmjA2pD3i8Ft1ynioY+iVQzx3ve5g==
x-fb-trip-id
664085054
x-fb-content-md5
59356046cbe429e9ce134e1a4a81113c
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 08 Apr 2021 19:34:11 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"1f328c64cb27b8be490ad583101d2a68"
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
gtm.js
www.googletagmanager.com/ 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5F22G6
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__SlxZR0T0y0knhPGspoKKlEQqbk_RdNNsHwLrlCQRTSo__RgpPVro9wK40GN-tQHmx9y4C2ci20sAMPuS9ueFsEv8__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d7a70eb588ac7af234071187f8adc8c33b28e71a97fe218e8fb21325382b1642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43310
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Apr 2021 19:34:11 GMT
widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html
platform.twitter.com/widgets/ Frame 3AEA 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html?origin=https%3A%2F%2Fwww.ibtimes.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B83) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
50329
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 08 Apr 2021 19:34:11 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Mon, 05 Apr 2021 23:22:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B83)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
playfairdisplay-regular-webfont.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/playfairdisplay-regular-webfont.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
0b5735b14f45d2be0b5aa6c83855e88d323751ee3855d87aea82c81c501c0731
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:11 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
31820
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"7c4c-5a06f881d00ce"
x-hw
1617910451.cds098.fr8.hn,1617910451.cds260.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
GothamNarrow-Book.woff2
s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/themes/us_ibtimes/fonts/GothamNarrow-Book.woff2
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d297ed5bc864561563c23526a7e616c5aa859c02eb00845dfae4439f83f09354
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:11 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
20328
last-modified
Mon, 09 Mar 2020 17:42:48 GMT
etag
"4f68-5a06f881cc24d"
x-hw
1617910451.cds098.fr8.hn,1617910451.cds277.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
track.gif
feeds.ibt.com/ 		35 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feeds.ibt.com/track.gif?type=tm_hits&id=3096369&site=www.ibtimes.com&title=Biden+Names+Dr.+Rochelle+Walensky+As+CDC+Director&category=National&category_id=1059213&category_url=https%3A%2F%2Fwww.ibtimes.com%2Fnational&story_type=article&syndication=1&created=1607348289&uid=1311719&image=https%3A%2F%2Fs1.ibtimes.com%2Fsites%2Fwww.ibtimes.com%2Ffiles%2Fstyles%2Fthumbnail%2Fpublic%2F2020%2F11%2F20%2Fpresident-elect-joe-bidens-team-is-plowing-ahead.jpg&url=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369&t=1617910451276&st=1617910443
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.187.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jan 2019 20:06:08 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"23-57ef7e047b920"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
35
expires
0
story
capi.connatix.com/core/ Frame 8D8A 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=112385
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
617ed1372202ef2e46b7eace062da683f3d0799c80903e48d178963aeccff097

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Apr 2021 19:34:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1922
truncated
/ Frame 2E0F 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Bztdkt
ad.doubleclick.net/ddm/adj/Baral/ 		11 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/Baral/Bztdkt
Requested by
Host: stalesummer.com
URL: https://stalesummer.com/v2jwa09-ea5JgtGMI8UDv_W4HlKfJLPJbfeNXviAWNmyjExu0se_D1bU_Pr8x9zyUiVxfGFG-_0hNq8v4c7qG8GBjE4T6vWc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 2E0F 		2 KB
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700&amp;subset=cyrillic
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/css/overall-widget-smart-4f99cf57.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d3b19b5e8f21c96321e4fb9f6eae461d1a37a7e0ff32246456c9e9ad7100e3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 17:59:39 GMT
server
ESF
date
Thu, 08 Apr 2021 19:34:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Apr 2021 19:34:11 GMT
css2
fonts.googleapis.com/ Frame 2E0F 		2 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro&display=swap
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/css/overall-widget-smart-4f99cf57.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f837e34ead3df38437a99751739937715d9e7af680fd3c15f348227649bedb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 19:17:56 GMT
server
ESF
date
Thu, 08 Apr 2021 19:34:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Apr 2021 19:34:11 GMT
records
dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/records
Protocol
H2
Server
13.226.159.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-101.dus51.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.ibtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Thu, 08 Apr 2021 19:34:11 GMT
x-amzn-requestid
de025973-4e03-4b17-baf1-7f4d1a499333
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
descHEgRoAMFVxw=
access-control-allow-methods
GET,OPTIONS,POST
x-cache
Miss from cloudfront
via
1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
HzQnlFUbHbmQMPGg_BbgJUkGpMLLJ13060EPaVpcUY9fs-KVStOQ2A==
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 4288 		3 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Requested by
Host: stalesummer.com
URL: https://stalesummer.com/v2jwa09-ea5JgtGMI8UDv_W4HlKfJLPJbfeNXviAWNmyjExu0se_D1bU_Pr8x9zyUiVxfGFG-_0hNq8v4c7qG8GBjE4T6vWc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-23/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1479
date
Wed, 07 Apr 2021 18:25:51 GMT
expires
Thu, 07 Apr 2022 18:25:51 GMT
last-modified
Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
90500
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
5eff8cfa4b5f601334e201d0
api.pushnami.com/scripts/v1/pushnami-adv/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5eff8cfa4b5f601334e201d0
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-120.ham50.r.cloudfront.net
Software
/
Resource Hash
10236c9dc90b3bef0ded671457b4ce84702787b7a179d1f94d89d0a243a442f8

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:24:58 GMT
via
1.1 afb36b97df2ff6c76fed5bd6ee23619b.cloudfront.net (CloudFront)
age
554
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-pop
HAM50-C1
content-encoding
gzip
x-amz-cf-id
sj_j_jlSQywa6L-a6lbG_iRLgKXn5NbHkYK2lyQBNfkHAkk0mx9f6A==
envelope
api.rlcdn.com/api/identity/ 		44 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=56
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Apr 2021 19:34:14 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.ibtimes.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
check.html
biddr.brealtime.com/ Frame FF54 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Date
Thu, 08 Apr 2021 19:34:14 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
F3Cx2Ql2kh1/kNe0XXuHQPi5qmtD2acOwqIVnKgs19LLCao1mhzjOw9CJRCcUeEsLREotcLCpGY=
x-amz-request-id
C4756C602B5CAED9
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
4334
Expires
Thu, 08 Apr 2021 19:35:14 GMT
Cache-Control
public, max-age=60
cf-request-id
09549371d30000edd72e88f000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
63cdee961fc4edd7-CDG
Content-Encoding
gzip
Cookie set sync_iframe
sync.bfmio.com/ Frame 5344 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=9950dc87-e457-40ab-84d2-0662b604390c&gdpr=0&gc=&gce=1&us_privacy=
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.136.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Thu, 08 Apr 2021 19:34:13 GMT
Set-Cookie
__io_cid=59892394d503c1ad6b479fd0d4349660e5925fe2; Domain=.bfmio.com; Max-Age=31536000; Expires=Fri, 08-Apr-2022 15:34:14 GMT-0400; Path=/; SameSite=None; Secure
Content-Length
217
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame EF15 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Apr 2021 19:34:14 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 6FD3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Thu, 08 Apr 2021 19:34:14 GMT
Content-Length
1151
Connection
keep-alive
sync
eb2.3lift.com/ Frame ECEB
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
705e550f64fba3e0bcbb75e01203a90f7c6e66db64971a5bad3649bcf757194e

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=11277686311142193948
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

date
Thu, 08 Apr 2021 19:34:16 GMT
content-type
text/html; charset=utf-8
content-length
480
set-cookie
sync=CgoIgQIQwL7pl4svCgoIkQIQwL7pl4svCgoI4gEQwL7pl4svCgoIkgIQwL7pl4svCgoI5gEQwL7pl4svCgoIhwIQwL7pl4svCgkIOhDAvumXiy8KCQgLEMC-6ZeLLwoJCF8QwL7pl4svCgkIHxDAvumXiy8=; Max-Age=7776000; Expires=Wed, 07 Jul 2021 19:34:16 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=11277686311142193948; Max-Age=7776000; Expires=Wed, 07 Jul 2021 19:34:16 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Thu, 08 Apr 2021 19:34:14 GMT
content-length
0
set-cookie
tluid=11277686311142193948; Max-Age=7776000; Expires=Wed, 07 Jul 2021 19:34:14 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 394A
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://u.openx.net/w/1.0/pd?cc=1
668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?cc=1
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
43908b5888a6e00ec02b5fc6dfcec351dbbe67b5740c67a399f1e7bdc561f69b

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=6ffc5e29-5b71-48b7-895c-7ebee6794b61|1617910452
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=6ffc5e29-5b71-48b7-895c-7ebee6794b61|1617910452; Version=1; Expires=Fri, 08-Apr-2022 19:34:12 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1617910452|gekin0vNiygu; Version=1; Expires=Fri, 23-Apr-2021 19:34:12 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 08 Apr 2021 19:34:12 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=6ffc5e29-5b71-48b7-895c-7ebee6794b61|1617910452; Version=1; Expires=Fri, 08-Apr-2022 19:34:12 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/pd?cc=1
date
Thu, 08 Apr 2021 19:34:12 GMT
content-length
0
via
1.1 google
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame 342A 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=155199
Expires
Sat, 10 Apr 2021 14:40:53 GMT
Date
Thu, 08 Apr 2021 19:34:14 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C969 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 09 Apr 2021 19:34:16 GMT
Date
Thu, 08 Apr 2021 19:34:14 GMT
Connection
keep-alive
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0c1e1e5e-687c-470f-b014-0b2ce0a47152%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0c1e1e5e-687c-470f-b014-0b2ce0a47152%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1
  • https://prebid.a-mo.net/setuid?A=0c1e1e5e-687c-470f-b014-0b2ce0a47152&D=&bidder=index_rtb&uid=YG9atlvalBcYMKJDxxUKDwAA%261126
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=0c1e1e5e-687c-470f-b014-0b2ce0a47152&D=&bidder=index_rtb&uid=YG9atlvalBcYMKJDxxUKDwAA%261126
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:15 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=0c1e1e5e-687c-470f-b014-0b2ce0a47152&D=&bidder=index_rtb&uid=YG9atlvalBcYMKJDxxUKDwAA%261126
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Thu, 08 Apr 2021 19:34:15 GMT
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP66d629fa-98a1-11eb-9534-0263496c090c
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP66d629fa-98a1-11eb-9534-0263496c090c&verify=true
0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP66d629fa-98a1-11eb-9534-0263496c090c&verify=true
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:20 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Thu, 08 Apr 2021 19:34:18 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP66d629fa-98a1-11eb-9534-0263496c090c&verify=true
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YG9atgAAAI8zZBcV&_origin=0&gdpr=0&gdpr_consent=&_test=YG9atgAAAI8zZBcV
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YG9atgAAAI8zZBcV&_origin=0&gdpr=0&gdpr_consent=&_test=YG9atgAAAI8zZBcV&apid=UP66d629fa-98a1-11eb-9534-0263496c090c
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YG9atgAAAI8zZBcV&_origin=0&gdpr=0&gdpr_consent=&_test=YG9atgAAAI8zZBcV&apid=UP66d629fa-98a1-11eb-9534-0263496c090c&verify=true
0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YG9atgAAAI8zZBcV&_origin=0&gdpr=0&gdpr_consent=&_test=YG9atgAAAI8zZBcV&apid=UP66d629fa-98a1-11eb-9534-0263496c090c&verify=true
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:20 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Thu, 08 Apr 2021 19:34:18 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YG9atgAAAI8zZBcV&_origin=0&gdpr=0&gdpr_consent=&_test=YG9atgAAAI8zZBcV&apid=UP66d629fa-98a1-11eb-9534-0263496c090c&verify=true
Connection
keep-alive
Content-Length
0
UCookieSetPug
image2.pubmatic.com/AdServer/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0c1e1e5e-687c-470f-b014-0b2ce0a47152%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0c1e1e5e-687c-470f-b014-0b2ce0a47152%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0c1e1e5e-687c-470f-b014-0b2ce0a47152%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=0c1e1e5e-687c-470f-b014-0b2ce0a47152&D=&bidder=sovrn&uid=1834493104d4c56287123a7c
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=0c1e1e5e-687c-470f-b014-0b2ce0a47152&D=&bidder=sovrn&uid=1834493104d4c56287123a7c
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:15 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

Date
Thu, 08 Apr 2021 19:34:15 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=0c1e1e5e-687c-470f-b014-0b2ce0a47152&D=&bidder=sovrn&uid=1834493104d4c56287123a7c
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0c1e1e5e-687c-470f-b014-0b2ce0a47152%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D0c1e1e5e-687c-470f-b014-0b2ce0a47152%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID
  • https://prebid.a-mo.net/setuid?A=0c1e1e5e-687c-470f-b014-0b2ce0a47152&D=&bidder=appnexus&uid=6432360340197260526
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=0c1e1e5e-687c-470f-b014-0b2ce0a47152&D=&bidder=appnexus&uid=6432360340197260526
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:13 GMT
X-Proxy-Origin
83.97.23.12; 83.97.23.12; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.153:80
AN-X-Request-Uuid
7fdbe584-3fec-4d55-92dd-9d19c2273280
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=0c1e1e5e-687c-470f-b014-0b2ce0a47152&D=&bidder=appnexus&uid=6432360340197260526
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=582462df-6a5e-4e51-baf7-2156e043ee52&_origin=1&gdpr=1&gdpr_consent=
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=582462df-6a5e-4e51-baf7-2156e043ee52&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:18 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=582462df-6a5e-4e51-baf7-2156e043ee52&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
nr-1208.min.js
js-agent.newrelic.com/ Frame 80DC 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1208.min.js
Requested by
Host: ibt-mail.com
URL: https://ibt-mail.com/site2/ibt_us_2021/?u=B&webforms_id=12&v=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer
https://ibt-mail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding
gzip
etag
"1a71e4208296f97b465116492f59124d"
x-amz-request-id
DQBP5F9F5JS7YNEW
x-cache
HIT
content-length
11777
x-amz-id-2
FVXg+AVnRXpg5FQr+SF/pThU/leQLF+WNEpdaO1CL+iLua/z4ohS/dyyLXoMlsVR4BDZQ3cHQSY=
x-served-by
cache-fra19130-FRA
last-modified
Wed, 10 Mar 2021 16:24:28 GMT
server
AmazonS3
x-timer
S1617910452.254786,VS0,VE0
date
Thu, 08 Apr 2021 19:34:12 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
21163
container.html
3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D481 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 08 Apr 2021 19:34:11 GMT
expires
Fri, 08 Apr 2022 19:34:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 69DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssy69R5FC4aiCiQ18OZK48iqoe33kM8wK-6OpG6Xz97rCn3_-rILnVCXDv7cuxmkKRe6ms4ypEZ8ToAbkNjz7cyvogAH3nSp0whAi9aPE3O5oWpTZ3wvyHecCHmwL76_X1HIb94nfxfLsQndkO5faAhHNAxuohCKnVRIy9QfyeVPI9E5nIp3dx23_mq9N_7lwJYnLaubNTsCrwqqQ_ZbX8tcFIvHTb7SMAntwKJ0RqhUo035WrY8qmsG3b54BEAxRPYxOL7rITtLmDPoz7-AKOrHXT2IROdWiEonhI-nHvRNio17gbvJ8M&sai=AMfl-YTPZauDUGhstHyN1LMNnoKRo9X9HrX1qRrGE4NGlWOmB5WXwYV_WfU3_FP5zuM4H1iviIqb2Qmi6UlnY0H8uODpEcCgaJ2RZdnD8MaOLIsdMbOWW7n6wAyCp1oddDQ&sig=Cg0ArKJSzDuCdpaCBpIREAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 19:34:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 08 Apr 2021 19:34:12 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 69DB 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e17ba7f7adef76f755128e7a9fa4d16b2eeade4408de77e87d31456d38aa515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
40484
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
8623
etag
W/"6568-1ngjDPyuAAmZwhNLatux85Ckam0"
x-served-by
cache-fra19142-FRA
date
Thu, 08 Apr 2021 19:34:12 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69DB 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Thu, 08 Apr 2021 19:34:12 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 69DB 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4784975722&ord=2593673425&litm=5158660976&scrt=138285577872&splc=/43459271/us.ibtimes/right2&adu=21842032368&unit=300x250&btreg=5158660976138285577872&btadsrv=5158660976138285577872&ctx=19955922&cmp=DV451308
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
554bc1440e7f58e518aae4facf8b6d5f34af6695c3a8d03c12003d1eb973989b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 17:07:15 GMT
Server
Microsoft-IIS/10.0
ETag
"80e34b4c5026d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3005
implement-r.js
fqtag.com/tag/ Frame 69DB 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fqtag.com/tag/implement-r.js?rt=display&fmt=banner&org=8adasewre3atrefrejuj&fq=1&sl=1&p=web_4784975722&a=2593673425&cmp=5158660976&rd=https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&c1=N&c2=21842032368&c3=138285577872&c4=f_Y&c5=article&c6=right2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a35512fef250ca64bd15dbd398e9d01a0ea87def3309ba14a6be92855aa6d992
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:12 GMT
via
1.1 google
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2681
x-xss-protection
0
expires
0
container.html
3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3C53 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 08 Apr 2021 19:34:11 GMT
expires
Fri, 08 Apr 2022 19:34:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795245888949"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Thu, 08 Apr 2021 19:34:12 GMT
us-president-joe-biden-backs-a-return-to.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/04/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/04/02/us-president-joe-biden-backs-a-return-to.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
e249a830e366c8b896fbce760368a50c1e753c09c854fc14d6392556cf563e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
2916
last-modified
Sat, 03 Apr 2021 00:24:42 GMT
etag
"b64-5bf067daf104e"
x-hw
1617910452.cds157.fr8.hn,1617910452.cds212.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
us-president-donald-trump-during-a-february-16.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/03/25/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/03/25/us-president-donald-trump-during-a-february-16.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c472f60143a65c1db28b06f8eb8f7938cbd01d52eedb846d3dc237a751a8f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
mobile
content-length
3865
last-modified
Fri, 26 Mar 2021 00:27:19 GMT
etag
"f19-5be6598468859"
x-hw
1617910452.cds157.fr8.hn,1617910452.cds276.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
mickey-mouse.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2017/07/20/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2017/07/20/mickey-mouse.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
3ae3d3eb1219288546fde8f0528e0301e9638dd52049d4d99c5a2a439d2e2211
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
4506
last-modified
Sun, 23 Sep 2018 18:14:57 GMT
etag
"119a-5768dd9aad9cd"
x-hw
1617910452.cds157.fr8.hn,1617910452.cds127.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
US
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
the-shed-is-so-far-one-of-the.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/04/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/04/03/the-shed-is-so-far-one-of-the.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
18c83a8262d369cf9fbbb50c4dfb646bda041a21519adc1f378d9048d83283bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
pc
content-length
3612
last-modified
Sat, 03 Apr 2021 06:25:15 GMT
etag
"e1c-5bf0b870f29e5"
x-hw
1617910452.cds157.fr8.hn,1617910452.cds281.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
PH
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
the-federal-reserve-is-expected-to-maintain-its.jpg
s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/03/16/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/thumbnail/public/2021/03/16/the-federal-reserve-is-expected-to-maintain-its.jpg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
779d95f5d44d04cf408cb5e8186b65fc910b5a01f1aecef0c04cd768303caae5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:12 GMT
x-content-type-options
nosniff
age
0
grace
none
x-cache
MISS
x-ua-device
bot
content-length
4278
last-modified
Tue, 16 Mar 2021 17:51:26 GMT
etag
"10b6-5bdab03ef4230"
x-hw
1617910452.cds157.fr8.hn,1617910452.cds120.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
x-geoip
OTHER
cache-control
max-age=1209600, public
accept-ranges
bytes
x-cache-hits
0
8ad38099-acf3-4953-9aa9-dd5c847fe401
app.1worldonline.com/widget/ Frame 2E0F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.1worldonline.com/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/widget-smart.min-95bff20c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.172.53 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
39428176597747b6e30c4f9e649d468c5e64c1bbcbed422fc9e78055066ee032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json
Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:13 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://frontend.1worldonline.com
Access-Control-Expose-Headers
Content-Disposition, Cache-Control
Cache-Control
max-age=600, public
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
sr
capi.connatix.com/tr/ Frame 8D8A 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=112385
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Apr 2021 19:34:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
7aa454a248dd562f15cc9ef4ca5ead5f1243ab499856d5eff79c94e425c5c4e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"837 / 738 of 1000 / last-modified: 1617880546"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20379
x-xss-protection
0
expires
Thu, 08 Apr 2021 19:34:13 GMT
fallbackstory
capi.connatix.com/core/ Frame 8D8A 		44 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/fallbackstory
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5728076234018dbf1689084e616e63f2e3c6d21734d132ef66018dc08583d52c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Apr 2021 19:34:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
44
1305bc2b-de55-49f5-b463-842e1a13a5bd.bin
vid.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ Frame 8D8A 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/1305bc2b-de55-49f5-b463-842e1a13a5bd.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b2f04c2b0aa806909c251172702b0a37aa8aab7cc979689e7789728f7140a69

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:16 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 03:20:20 GMT
age
58351
etag
"04e8fdb682ef1cc3b26c682df88cf79a"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=31557600
accept-ranges
bytes
content-length
950
1.png
img.connatix.com/31e6619b-4bfe-49be-9083-d8ec2c6b8340/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/31e6619b-4bfe-49be-9083-d8ec2c6b8340/1.png
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
675c6f677b3cb70247991150c36e460ccbaf94546161828f759d11a0709c2d2a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
age
667094
etag
"6YGbQefqA1BXk+1uT8hMf76vaxxnFV3rHv5HJMDDGWw"
access-control-max-age
86400
fastly-io-info
ifsz=41633 idim=838x589 ifmt=png ofsz=22314 odim=838x589 ofmt=png
access-control-allow-origin
*
cache-control
max-age=31557600
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
22314
mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
fonts.gstatic.com/s/roboto/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jan 2015 22:48:53 GMT
server
sffe
age
552636
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19684
x-xss-protection
0
expires
Sat, 02 Apr 2022 10:03:37 GMT
i.js
cm.mgid.com/ 		1 KB
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?consentData=&gdprApplies=0&cbuster=1617910453448535698732
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c559f1b98e4a42455af1f164441d2f8a775415212cdd301522fc267e218b6c

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
13ee69b0-7934-4c2b-a9cd-b690c2442c29
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63cdee8e29ae083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0954936cdd0000083f3e86e000000001
server
cloudflare
i-noref.js
cm.mgid.com/ Frame 9865 		19 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1617910453460441839178
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
d5dd27e9-b8d1-41e9-a136-a1f80da6aa77
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63cdee8e39f7083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0954936ce80000083ff0039000000001
server
cloudflare
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Fri, 09 Apr 2021 19:34:16 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x277/0x0x1001x667/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164884/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1617910451-6DCSKY3eC-aTCmW2KmRO_TU5Tpc2rLdrElwPB7zc2kA
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521650f230fb40fdbfa06b56e8c084f9347fbf2a2e9fccd8216080f56cfb638b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
6747c35f-08e7-4b7b-b8bf-78ef28a914d2
age
5130692
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17234
cf-request-id
0954936d4a0000083ff0048000000001
last-modified
Mon, 08 Feb 2021 10:20:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee8edb93083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2VhYWM3OGU0MjFiMTFiOTI1NjU1YmJkMDU0YWE3YmE1LnBuZw.webp
s-img.mgid.com/g/8164927/492x277/0x41x1152x768/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164927/492x277/0x41x1152x768/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2VhYWM3OGU0MjFiMTFiOTI1NjU1YmJkMDU0YWE3YmE1LnBuZw.webp?v=1617910451-nxS1Yg0_LaSjlvsu1Ynl4MENhBl6cdRu21WwmsPNb2c
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe500530f7952787f7e1e3fc7483621a4c2371a0770db64264c646c61986343

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
3c3526d5-317d-47f3-a7bb-eb6cb9b4af73
age
5130272
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8802
cf-request-id
0954936d4a0000083f2c0f7000000001
last-modified
Mon, 08 Feb 2021 10:20:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee8edb95083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp
s-img.mgid.com/g/8164849/492x277/0x131x607x404/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164849/492x277/0x131x607x404/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp?v=1617910451-YjrJREXFCTyyFIvzg39zDcipKh9cae-n1am8_WvE3wY
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc65cb8e6058c454287b57dae5a51978cdc67cabb8ba4c20f7048e0804b7314

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
385b364b-0805-4b0f-8a6e-00529df8c978
age
5130267
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13460
cf-request-id
0954936d7c0000083f2da5a000000001
last-modified
Mon, 08 Feb 2021 10:20:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee8f2c73083f-CDG
aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDQvMDgvYS1kZW1vbnN0cmF0b3ItaG9sZHMtYS1zaWduLXdpdGgtYS1waWN0dXJlLmpwZw.webp
s-img.mgid.com/g/0/492x277/0x0x0x0/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/0/492x277/0x0x0x0/aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDQvMDgvYS1kZW1vbnN0cmF0b3ItaG9sZHMtYS1zaWduLXdpdGgtYS1waWN0dXJlLmpwZw.webp?v=1617910451-XXd_M6roraT_VdCNwaFg9N0oG4L-mh8pBeByqP-8pNo
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd6761f8a2462086539971205c01c3c7a8b8344eee474e1b3e4c3b22f19e8e66

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
2463e258-7fbb-4598-a52f-5744b6435ab0
age
37
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12696
cf-request-id
0954936d7c0000083fc5a02000000001
last-modified
Thu, 08 Apr 2021 19:25:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee8f2c76083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5M2RiOGJlNTg5ZDYxZGFmYmRmMmNlM2U0MDdlOTBmLmpwZWc.webp
s-img.mgid.com/g/8164845/492x277/0x0x1083x722/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164845/492x277/0x0x1083x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5M2RiOGJlNTg5ZDYxZGFmYmRmMmNlM2U0MDdlOTBmLmpwZWc.webp?v=1617910451-iJo2btyhsfWnxNPkGW784Os3H66FjWfiYurdX1zSsN8
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd3acd4266fa174e614bf689b6a75d459d14ef572a8e997f76feae53ebf2bad3

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
ecc9555f-8086-49e3-a826-0063cf0883ba
age
5130687
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19822
cf-request-id
0954936da90000083f17086000000001
last-modified
Mon, 08 Feb 2021 10:20:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee8f7d3d083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/492x277/0x89x1080x720/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164857/492x277/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1617910451-SumXK0uaIwZeNyWiLnF8NyIET90VH0Nnn1gIB4e4PD4
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48051e4b1aa3d6ed46f83b00f861735ae4b367785242a14882c420143401288e

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
c021fbc8-ad0f-47f6-bca7-4dafde137f45
age
5130763
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6240
cf-request-id
0954936dae0000083ffc971000000001
last-modified
Mon, 08 Feb 2021 10:20:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee8f7d3f083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp
s-img.mgid.com/g/8164894/492x277/72x0x1009x672/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164894/492x277/72x0x1009x672/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp?v=1617910451-vzA6O9mzxVPCq-PEAF1ggkomljds2qdKSz9B55bINWs
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6741c1af7a6d2b28fabcb8af36b65da11f1ab49021cb619a13700e2e9685996a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
72620448-8780-439f-99e9-7aa56c52617e
age
5130713
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12158
cf-request-id
0954936dd10000083f3603e000000001
last-modified
Mon, 08 Feb 2021 10:20:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee8fbdfe083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.mgid.com/g/8193525/492x277/0x311x684x456/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193525/492x277/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1617910451-ZoTMZWBx3FwLjDR0tCDqR0I5a_N34YlXT9cvBis_YVQ
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aae7f67b0a890728d141dd89c222472429682a0f2fc6273eb92dfc2f58126d6

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
eaf15120-bd53-4115-abd7-2d1c1ff713ce
age
4968631
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13282
cf-request-id
0954936dd50000083fff388000000001
last-modified
Wed, 10 Feb 2021 07:15:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee8fbe27083f-CDG
aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDQvMDgvaGlnaC1zY2hvb2wtbXVzaWNhbC1tdXNpY2FsLXNlcmllcy5qcGVn.webp
s-img.mgid.com/g/0/492x277/0x0x0x0/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/0/492x277/0x0x0x0/aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDQvMDgvaGlnaC1zY2hvb2wtbXVzaWNhbC1tdXNpY2FsLXNlcmllcy5qcGVn.webp?v=1617910451-0BuRz8yNXuDFnllhE46dVKMgqR1MJsCmVXbkGt74dvs
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57af3dea3ba0fd1dc43dcb995eb3f260eeb518966d9591a47c524a43bbdad824

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
2e44fac3-4162-4fac-bcfa-5591fbf4619d
age
2104
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19184
cf-request-id
0954936df70000083ff005c000000001
last-modified
Thu, 08 Apr 2021 18:56:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee8ffec9083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp
s-img.mgid.com/g/8193537/492x277/0x168x510x340/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193537/492x277/0x168x510x340/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp?v=1617910451-WKag_hlBAKQDV_nGd-0Otmme3ihusykH7QmI1lagYAs
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
840562b26a634bce064f4daf252502998ccee199d44a4063d85ec1153871eaa5

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
fdd9ba1b-b539-4585-ba79-b2ec6e9e8f3a
age
4968680
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37064
cf-request-id
0954936df80000083fe6a24000000001
last-modified
Wed, 10 Feb 2021 07:15:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee8ffece083f-CDG
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmM...
s-img.mgid.com/g/8164852/492x277/-/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164852/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmMzU0N2QwODgzZjFjMmJiZDguanBn.webp?v=1617910451-cg70IEacXMr3u4rx56uohd7Hh9jqjrn8Ih3VmCUeRDs
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de9c497969d31eee2b8be2e28ceadf5e64248f95c5e4589eda73b2c1e12718bc

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
b7fff1af-e1fe-43fa-8483-598a08463658
age
5130637
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20250
cf-request-id
0954936e190000083fdbad6000000001
last-modified
Mon, 08 Feb 2021 10:20:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee902f4c083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp
s-img.mgid.com/g/8164885/492x277/0x0x1100x733/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164885/492x277/0x0x1100x733/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp?v=1617910451-W3b80rlRe5tBYnGg9qrrEM7mcxuVW_prlRtz5wlHnwk
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21ee5f6ac93e81bc1475113846a49fe87e86a2b1c9c6ccae82e675e4a278b3e0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
05e4629f-db5b-4c01-8902-0402c45cc6cd
age
5130464
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21080
cf-request-id
0954936e380000083f3f9dd000000001
last-modified
Mon, 08 Feb 2021 10:20:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee905fdf083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0Lzc1M2JjNGVkZjQyYjkwNDAzNWE1MDZkMGJlNzNhMzkxLmpwZWc.webp
s-img.mgid.com/g/8164869/492x277/0x0x960x640/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164869/492x277/0x0x960x640/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0Lzc1M2JjNGVkZjQyYjkwNDAzNWE1MDZkMGJlNzNhMzkxLmpwZWc.webp?v=1617910451-oeEM7AKh3Z_lqClrjcP_w7zZ3dc_uKIJ7eP_ZGFEbck
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ebf887aa4642f5a7fbe1fda709819c682a97ee4c21efd54f5774aa35b025cd1

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
5e085a7a-bb0b-4813-84cf-b1e1a1b0e6ff
age
5130530
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11316
cf-request-id
0954936e440000083fe306e000000001
last-modified
Mon, 08 Feb 2021 10:20:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee90680c083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzJmYzI5NzEyY2Y1ZmY5NDlkZjUwYzg4NzFkMzc5OTA2LmpwZWc.webp
s-img.mgid.com/g/8164863/492x277/0x0x561x374/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164863/492x277/0x0x561x374/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzJmYzI5NzEyY2Y1ZmY5NDlkZjUwYzg4NzFkMzc5OTA2LmpwZWc.webp?v=1617910451-MV-2kJGtzZbsQM3aacgxEERwi5PfzZK_uaA8VCNkJi4
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9716b127a75c050c3255fa967732faf807d14bcbb1d2d15c1fa0ac97feb8107

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
cc97bbd4-1175-4c78-97a2-8a5e00e718c5
age
4974294
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19004
cf-request-id
0954936e620000083fc9bdc000000001
last-modified
Mon, 08 Feb 2021 10:20:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee90988b083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8164909/492x277/16x0x492x328/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164909/492x277/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1617910451-kstqI3H7fNmm7KELOhXfm-pcN5ls1SVk3lklaEOzUNg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8ebc460823b2461b87289b3d3b0684ceda3894de7a8ffbab739d5ab29dab15

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
4ec28f1b-43f8-4183-88c3-856682ead5a7
age
5130702
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8002
cf-request-id
0954936e670000083f20243000000001
last-modified
Mon, 08 Feb 2021 10:20:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee90a8a1083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x277/0x0x1001x667/ Frame 065A 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164884/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1617910451-6DCSKY3eC-aTCmW2KmRO_TU5Tpc2rLdrElwPB7zc2kA
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521650f230fb40fdbfa06b56e8c084f9347fbf2a2e9fccd8216080f56cfb638b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
6747c35f-08e7-4b7b-b8bf-78ef28a914d2
age
5130692
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17234
cf-request-id
0954936e810000083fe12f7000000001
last-modified
Mon, 08 Feb 2021 10:20:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee90c91e083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2VhYWM3OGU0MjFiMTFiOTI1NjU1YmJkMDU0YWE3YmE1LnBuZw.webp
s-img.mgid.com/g/8164927/492x277/0x41x1152x768/ Frame 065A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164927/492x277/0x41x1152x768/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2VhYWM3OGU0MjFiMTFiOTI1NjU1YmJkMDU0YWE3YmE1LnBuZw.webp?v=1617910451-nxS1Yg0_LaSjlvsu1Ynl4MENhBl6cdRu21WwmsPNb2c
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe500530f7952787f7e1e3fc7483621a4c2371a0770db64264c646c61986343

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
3c3526d5-317d-47f3-a7bb-eb6cb9b4af73
age
5130272
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8802
cf-request-id
0954936e860000083f082cc000000001
last-modified
Mon, 08 Feb 2021 10:20:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee90d932083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp
s-img.mgid.com/g/8164849/492x277/0x131x607x404/ Frame 065A 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164849/492x277/0x131x607x404/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp?v=1617910451-YjrJREXFCTyyFIvzg39zDcipKh9cae-n1am8_WvE3wY
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc65cb8e6058c454287b57dae5a51978cdc67cabb8ba4c20f7048e0804b7314

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
385b364b-0805-4b0f-8a6e-00529df8c978
age
5130267
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13460
cf-request-id
0954936ea20000083fe1909000000001
last-modified
Mon, 08 Feb 2021 10:20:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee9109bc083f-CDG
aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDQvMDgvYS1kZW1vbnN0cmF0b3ItaG9sZHMtYS1zaWduLXdpdGgtYS1waWN0dXJlLmpwZw.webp
s-img.mgid.com/g/0/492x277/0x0x0x0/ Frame 065A 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/0/492x277/0x0x0x0/aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDQvMDgvYS1kZW1vbnN0cmF0b3ItaG9sZHMtYS1zaWduLXdpdGgtYS1waWN0dXJlLmpwZw.webp?v=1617910451-XXd_M6roraT_VdCNwaFg9N0oG4L-mh8pBeByqP-8pNo
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd6761f8a2462086539971205c01c3c7a8b8344eee474e1b3e4c3b22f19e8e66

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
2463e258-7fbb-4598-a52f-5744b6435ab0
age
37
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12696
cf-request-id
0954936ea60000083f2f96a000000001
last-modified
Thu, 08 Apr 2021 19:25:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee9109cf083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5M2RiOGJlNTg5ZDYxZGFmYmRmMmNlM2U0MDdlOTBmLmpwZWc.webp
s-img.mgid.com/g/8164845/492x277/0x0x1083x722/ Frame 065A 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164845/492x277/0x0x1083x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5M2RiOGJlNTg5ZDYxZGFmYmRmMmNlM2U0MDdlOTBmLmpwZWc.webp?v=1617910451-iJo2btyhsfWnxNPkGW784Os3H66FjWfiYurdX1zSsN8
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd3acd4266fa174e614bf689b6a75d459d14ef572a8e997f76feae53ebf2bad3

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
ecc9555f-8086-49e3-a826-0063cf0883ba
age
5130687
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19822
cf-request-id
0954936ec30000083ffdae3000000001
last-modified
Mon, 08 Feb 2021 10:20:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee913a5c083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/492x277/0x89x1080x720/ Frame 065A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164857/492x277/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1617910451-SumXK0uaIwZeNyWiLnF8NyIET90VH0Nnn1gIB4e4PD4
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48051e4b1aa3d6ed46f83b00f861735ae4b367785242a14882c420143401288e

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
c021fbc8-ad0f-47f6-bca7-4dafde137f45
age
5130763
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6240
cf-request-id
0954936ec20000083f2f96e000000001
last-modified
Mon, 08 Feb 2021 10:20:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee913a6c083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp
s-img.mgid.com/g/8164894/492x277/72x0x1009x672/ Frame 065A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164894/492x277/72x0x1009x672/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp?v=1617910451-vzA6O9mzxVPCq-PEAF1ggkomljds2qdKSz9B55bINWs
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6741c1af7a6d2b28fabcb8af36b65da11f1ab49021cb619a13700e2e9685996a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
72620448-8780-439f-99e9-7aa56c52617e
age
5130713
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12158
cf-request-id
0954936ee00000083f1d95b000000001
last-modified
Mon, 08 Feb 2021 10:20:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee916afe083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.mgid.com/g/8193525/492x277/0x311x684x456/ Frame 065A 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193525/492x277/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1617910451-ZoTMZWBx3FwLjDR0tCDqR0I5a_N34YlXT9cvBis_YVQ
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aae7f67b0a890728d141dd89c222472429682a0f2fc6273eb92dfc2f58126d6

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:14 GMT
cf-cache-status
HIT
x-mg-request-uuid
eaf15120-bd53-4115-abd7-2d1c1ff713ce
age
4968631
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13282
cf-request-id
0954936ee70000083f0a0ab000000001
last-modified
Wed, 10 Feb 2021 07:15:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee916b1a083f-CDG
aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDQvMDgvaGlnaC1zY2hvb2wtbXVzaWNhbC1tdXNpY2FsLXNlcmllcy5qcGVn.webp
s-img.mgid.com/g/0/492x277/0x0x0x0/ Frame 065A 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/0/492x277/0x0x0x0/aHR0cHM6Ly9zMS5pYnRpbWVzLmNvbS9zaXRlcy93d3cuaWJ0aW1lcy5jb20vZmlsZXMvc3R5bGVzL2Z1bGwvcHVibGljLzIwMjEvMDQvMDgvaGlnaC1zY2hvb2wtbXVzaWNhbC1tdXNpY2FsLXNlcmllcy5qcGVn.webp?v=1617910451-0BuRz8yNXuDFnllhE46dVKMgqR1MJsCmVXbkGt74dvs
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57af3dea3ba0fd1dc43dcb995eb3f260eeb518966d9591a47c524a43bbdad824

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:14 GMT
cf-cache-status
HIT
x-mg-request-uuid
2e44fac3-4162-4fac-bcfa-5591fbf4619d
age
2105
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19184
cf-request-id
0954936eff0000083f3c05d000000001
last-modified
Thu, 08 Apr 2021 18:56:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee919b95083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp
s-img.mgid.com/g/8193537/492x277/0x168x510x340/ Frame 065A 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193537/492x277/0x168x510x340/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp?v=1617910451-WKag_hlBAKQDV_nGd-0Otmme3ihusykH7QmI1lagYAs
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
840562b26a634bce064f4daf252502998ccee199d44a4063d85ec1153871eaa5

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:14 GMT
cf-cache-status
HIT
x-mg-request-uuid
fdd9ba1b-b539-4585-ba79-b2ec6e9e8f3a
age
4968681
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37064
cf-request-id
0954936f0a0000083f24b54000000001
last-modified
Wed, 10 Feb 2021 07:15:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee91abb6083f-CDG
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmM...
s-img.mgid.com/g/8164852/492x277/-/ Frame 065A 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164852/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmMzU0N2QwODgzZjFjMmJiZDguanBn.webp?v=1617910451-cg70IEacXMr3u4rx56uohd7Hh9jqjrn8Ih3VmCUeRDs
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de9c497969d31eee2b8be2e28ceadf5e64248f95c5e4589eda73b2c1e12718bc

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:14 GMT
cf-cache-status
HIT
x-mg-request-uuid
b7fff1af-e1fe-43fa-8483-598a08463658
age
5130638
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20250
cf-request-id
0954936f270000083fce90a000000001
last-modified
Mon, 08 Feb 2021 10:20:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee91dcbd083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp
s-img.mgid.com/g/8164885/492x277/0x0x1100x733/ Frame 065A 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164885/492x277/0x0x1100x733/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp?v=1617910451-W3b80rlRe5tBYnGg9qrrEM7mcxuVW_prlRtz5wlHnwk
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21ee5f6ac93e81bc1475113846a49fe87e86a2b1c9c6ccae82e675e4a278b3e0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:14 GMT
cf-cache-status
HIT
x-mg-request-uuid
05e4629f-db5b-4c01-8902-0402c45cc6cd
age
5130465
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21080
cf-request-id
0954936f350000083fef9ba000000001
last-modified
Mon, 08 Feb 2021 10:20:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee91ed13083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0Lzc1M2JjNGVkZjQyYjkwNDAzNWE1MDZkMGJlNzNhMzkxLmpwZWc.webp
s-img.mgid.com/g/8164869/492x277/0x0x960x640/ Frame 065A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164869/492x277/0x0x960x640/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0Lzc1M2JjNGVkZjQyYjkwNDAzNWE1MDZkMGJlNzNhMzkxLmpwZWc.webp?v=1617910451-oeEM7AKh3Z_lqClrjcP_w7zZ3dc_uKIJ7eP_ZGFEbck
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ebf887aa4642f5a7fbe1fda709819c682a97ee4c21efd54f5774aa35b025cd1

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:14 GMT
cf-cache-status
HIT
x-mg-request-uuid
5e085a7a-bb0b-4813-84cf-b1e1a1b0e6ff
age
5130531
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11316
cf-request-id
0954936f710000083fef9c4000000001
last-modified
Mon, 08 Feb 2021 10:20:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee924e41083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzJmYzI5NzEyY2Y1ZmY5NDlkZjUwYzg4NzFkMzc5OTA2LmpwZWc.webp
s-img.mgid.com/g/8164863/492x277/0x0x561x374/ Frame 065A 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164863/492x277/0x0x561x374/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzJmYzI5NzEyY2Y1ZmY5NDlkZjUwYzg4NzFkMzc5OTA2LmpwZWc.webp?v=1617910451-MV-2kJGtzZbsQM3aacgxEERwi5PfzZK_uaA8VCNkJi4
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9716b127a75c050c3255fa967732faf807d14bcbb1d2d15c1fa0ac97feb8107

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:14 GMT
cf-cache-status
HIT
x-mg-request-uuid
cc97bbd4-1175-4c78-97a2-8a5e00e718c5
age
4974295
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19004
cf-request-id
0954936f720000083f082e8000000001
last-modified
Mon, 08 Feb 2021 10:20:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee924e45083f-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8164909/492x277/16x0x492x328/ Frame 065A 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164909/492x277/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1617910451-kstqI3H7fNmm7KELOhXfm-pcN5ls1SVk3lklaEOzUNg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8ebc460823b2461b87289b3d3b0684ceda3894de7a8ffbab739d5ab29dab15

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:14 GMT
cf-cache-status
HIT
x-mg-request-uuid
4ec28f1b-43f8-4183-88c3-856682ead5a7
age
5130703
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8002
cf-request-id
0954936f9b0000083f2c147000000001
last-modified
Mon, 08 Feb 2021 10:20:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
63cdee929ee0083f-CDG
int_exchange_wages_ad.svg
cdn.mgid.com/images/mgid/ 		1 KB
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 12:16:53 GMT
server
cloudflare
age
3227
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-id-2
AGTEZwBxGbSWoaniCgxSch6mKkvdXP64eVSHfRIUTfWOYpOMeRmk0rEpV385mnCS06k3FCX5380=
content-type
image/svg+xml
cf-ray
63cdee920d9c083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
F1D81C6AA14B284C
cf-request-id
0954936f4a0000083fef9bf000000001
sdk.js
connect.facebook.net/en_US/ 		199 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=19cd3b00a3363c394200adb53cec3cf1&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a1550ff58a5feee216a1ecdd4600d93f10d3341fd159785f6749cba7401f84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.ibtimes.com
Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
YrbaxdSGaX7NXGPPMKt5/g==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
61302
x-fb-rlafr
0
x-fb-debug
ukeDDBKyLAq+KL9kxDLQU9TP85WEOxMTxwQB/BYVky3eYFdrE9fyPbJrOPRAyJqgztAGt4ycml8sHeSPNE0IjQ==
x-fb-trip-id
2050670934
x-fb-content-md5
b37cb97a2d0bc2f2466a83e47d26d608
x-frame-options
DENY
date
Thu, 08 Apr 2021 19:34:14 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"1c813a8d3f97eb9a34f0f62f6f81175e"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Apr 2022 19:03:31 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F22G6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
6557
date
Thu, 08 Apr 2021 17:44:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Thu, 08 Apr 2021 19:44:58 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1617910455653&ns_c=UTF-8&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ib...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1617910455653&ns_c=UTF-8&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.i...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1617910455653&ns_c=UTF-8&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&c9=&cs_ak_ss=1
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:16 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1617910455653&ns_c=UTF-8&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:16 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
d
aux.fqtag.com/aux/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/d
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Apr 2021 19:34:17 GMT
via
1.1 google
alt-svc
clear
collect
www.google-analytics.com/j/ Frame 2E0F 		4 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=298844806&t=pageview&_s=1&dl=https%3A%2F%2Ffrontend.1worldonline.com%2Fwidget%2Fsmart3-b9c58ac9.html&dr=https%3A%2F%2Fwww.ibtimes.com%2F&dp=%2Fwidget&ul=en-us&de=UTF-8&dt=1World%20Online%20-%20Social%20Research%20Engine&sd=24-bit&sr=1600x1200&vp=737x250&je=0&_u=aEBAAEABAAAAAC~&jid=808330277&gjid=154241557&cid=1631863792.1617910455&tid=UA-31689716-1&_gid=843579511.1617910455&_r=1&_slc=1&cd1=8ad38099-acf3-4953-9aa9-dd5c847fe401&cd3=3e991b72-2810-4ace-9250-ce3556f172e9&cd4=smart-desktop&cd5=desktop&z=1123233872
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://frontend.1worldonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
en
app.1worldonline.com/poll/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401/ Frame 2E0F 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.1worldonline.com/poll/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401/en?pageSize=10&location=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/widget-smart.min-95bff20c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.172.53 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c01de32b7b329b84aa4110b78e0137970e26f417544278f61a8c8c89e7b0f032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:15 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://frontend.1worldonline.com
Access-Control-Expose-Headers
Content-Disposition, Cache-Control
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
account
app.1worldonline.com/ Frame 2E0F 		140 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.1worldonline.com/account
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/widget-smart.min-95bff20c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.172.53 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cd047496f3b2feef020541fe6d3b33b7459cb4953fe716942ea621feddbc2d88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json
Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:16 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://frontend.1worldonline.com
Access-Control-Expose-Headers
Content-Disposition, Cache-Control
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
AdDisplayTrackerServlet
pr.ybp.yahoo.com/ab/secure/true/imp/yf7IpAhJvMLarWrd8FKFGjzCAR2SD69Hf39rj7fu_FeqGOSD8YQSKzAVGoUWqWMx7QPUTE_NXYZcYXvGrV6znUY_N1g8migrdR0egtmKYvcNCXHazwaRMyNNiDJCa3YWXM3-IGW7ZzUKV2xVQaCCUg9-yo_7qIJxF... Frame 69DB 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pr.ybp.yahoo.com/ab/secure/true/imp/yf7IpAhJvMLarWrd8FKFGjzCAR2SD69Hf39rj7fu_FeqGOSD8YQSKzAVGoUWqWMx7QPUTE_NXYZcYXvGrV6znUY_N1g8migrdR0egtmKYvcNCXHazwaRMyNNiDJCa3YWXM3-IGW7ZzUKV2xVQaCCUg9-yo_7qIJxFpro4g3U7ThK6VGC_XsMTScM4f06rZog8Wdds0PtT7usg5YagaqfOIg43inysMWZi7ABbgL-BFNF-T6vzGSrReh2YUm64TyWYqezKl5ZEB4cxmRLt1sBOvZInwFt-Bcva80YUniLwRZrscTeW1ANkon66G7Usaqxi2bZnYDpSB3WMGxl8mtaSsS5FovnzRrin5lrp3IHwnggec_7bW9grtbyDnSv9SQjWcK_rsGMZ1ef36YuZUuRABT6F6vL9sMd7JeYANyDQWPLXEswKzM0tFmDvVVb2jwbQbkCgfvfyXNCLRBf3xkr20Mr2L5m2DObo-3DG1Nio_Hj6pjQvJpBH-vjCQl_AeUAWX7Q5NAcCD89OHVTBuevcaioCBbw4lU_ymPd1DPJ6-1iI59GkZiGRrPyc9zQ09yeynIpNbxY5QOyXPMfpQ44Ei67ZOzd95iYFThv1cIJ8qOvscX8Ys2zyGsZ6tQvmsCktq9enPmoABcxFt3t1BCeF3u5ChULIVem24ez7JzCx3thBEnAEIkhz4bhgS8rqWaYuZWLXoKMoMV1lj5fhuJD8wj6L9Hf8W61xvl7lzQRUMXwNGFN6EhFMAF7mdoUnQ_lorwi5dWSVl3rfeW12_GPNYKGeoqPYou6ERKzKYVGscKLkmDiTEW9pWYmps5V43k-L4GuPhsRLrTp6AVP-cG_gkLE4sWFwC_DDm6j6s2fLwNaCm4Hq4T0e_L3NeIEa3kEo8ue0mqQFesiT_e5Q43DLo_dJY9cR2NoAA8u3-516evRgZ7WBJkcLdW4VHneJBwRC7R60hIglfCwSZ_QlAjUXYp5ACT3mCrW3Mc9uDIKsJTIv8ctVY3Y2Wza9t06_r8G3xkwgb3B4uxQO1Wxlvmh51ottWTQjBN2WfGyo7ryDxpJTTlnCCXXHWcq730nBk5WCBY-v--hEiiczugkOW3dw913U_vCRBg70U5VxNT1FLW3c68J5-Xw5H7sYwKLFfo7tW3p8E5-4l6FM1phFeFZQb-Ixa85_StXru4d_ST2BtXPk8GNnhxBit6Wwf8OYakYnB9M29_lQLWOVI6kLSmoKgI9Ulapc9WWDLqH5JN9KJmfipNMrYpS1SWVioY3uZ_z5bIzqI1IY4Spm-zhhihJsRg1ck7QNVrJ-V9vHTIbkr4AZfAFYB3iRBkWMdyZXxAzHNlIdAaiJNCuekfNWiQqZlaGM3Fq7tcw_fr5SDLOW0c6fd3rUpf6hIKIr4nKpGHsXpr6M9tqMP5ETUEoQDgjfd01bh9F0nmt-lStjUHxgTiSGcewb9d29izRruEfE9EOu1iTdTb7MPn1OuxinzMt666LTLYuK9hDITenYxBgbf0/wp/0.078414/pclick/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1ODAwMyZzaXRlSWQ9NTc2Mzg2JmFkSWQ9MjExNzk2MyZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjMwMjYmY3JlYXRpdmVJZD0wJnVjcmlkPTI5OTYxODg1NDk3MTk1MTEwNDYmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9N0FBRjk2NkMtMTZGRi00RTY3LUI5NjAtMjk2NDM2QTUzOEEzJnBhc3NiYWNrPTA=_url=
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
8e3ebba45a261dc12e0748ecd46ae53aa361689056a79843615eaf3ffb52805f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:18 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
text/javascript
x-xss-protection
1; mode=block
expiry
Thu, 01 Jan 1970 00:00:00 GMT
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
content-length
3186
x-content-type-options
nosniff
aa.js
q.adrta.com/s/pbm/ Frame 69DB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/s/pbm/aa.js?cb=592022649_1617910447_157297
Requested by
Host: s1.ibtimes.com
URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.97.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-97-1.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6ad72c113d75bbfaae90516977a77e8d1c9b098b9d6d3e0a253d17e62ee267b1

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Apr 2021 19:34:19 GMT
content-encoding
gzip
server
nginx/1.18.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
ee0b9c04dc
bam-cell.nr-data.net/1/ Frame 80DC 		57 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/ee0b9c04dc?a=363164778&v=1208.49599aa&to=NQQGNhBXV0BZVkJdDgxOJxcRQlZeF3hZUDYHAyINEFtvAQIPZVwOFTYBACRZS14YGAgUEgsVAVA%3D&rst=8589&ck=1&ref=https://ibt-mail.com/site2/ibt_us_2021/&ap=109&be=3278&fe=4910&dc=4909&perf=%7B%22timing%22:%7B%22of%22:1617910447327,%22n%22:0,%22f%22:6,%22dn%22:6,%22dne%22:6,%22c%22:6,%22ce%22:6,%22rq%22:334,%22rp%22:656,%22rpe%22:715,%22dl%22:1890,%22di%22:4909,%22ds%22:4909,%22de%22:4910,%22dc%22:4910,%22l%22:4910,%22le%22:4912%7D,%22navigation%22:%7B%7D%7D&at=GUMRQFhNG0BdRkVdDgw%2BFwsYUxsJCBkURwQREg0NDGlQVxoPFBZNQBEFDAdaZkdBRVMWW0AOCAZAGhtQSkxGQA5AW0YLAEIbThQXVxZbGRwZ&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://ibt-mail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:16 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
63cdee9dfbaecdb7-CDG
cf-request-id
09549376c00000cdb78d181000000001
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame A163
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?consentData=&gdprApplies=0&cbuster=1617910453448535698732
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Apr 2021 19:34:20 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Thu, 08 Apr 2021 19:34:19 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=lD7RBFudZEleBIJiZiQW&pi=mgid&tc=1
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=lD7RBFudZEleBIJiZiQW&pi=mgid&tc=1
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
a206ba51-65da-4e62-b889-36d99ed2e16d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63cdeebabee1083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09549388b20000083fc5947000000001
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=lD7RBFudZEleBIJiZiQW&pi=mgid&tc=1
pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT, Thu, 08 Apr 2021 19:34:20 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=743a81c6-aa2d-4d84-9ae9-16286d9b9ae6&ttl=1620502457
43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=743a81c6-aa2d-4d84-9ae9-16286d9b9ae6&ttl=1620502457
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:17 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
14a3712e-75bc-4fc7-9dd1-bd98a7eda8f1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63cdeea70c43083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0954937c660000083fdeb9d000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=743a81c6-aa2d-4d84-9ae9-16286d9b9ae6&ttl=1620502457
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=Hs7WK7SdsFZyV4uRSlZaWm92&ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=270&expires=10&user_id=Hs7WK7SdsFZyV4uRSlZaWm92&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=af45407f-5674-46c5-bfa8-e01a2a458114&gdpr=&gdpr_consent=&us_privacy=
43 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=af45407f-5674-46c5-bfa8-e01a2a458114&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:22 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
65517216-bc35-449b-908e-13ec3913917a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63cdeec38f04083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0954938e370000083f24ad1000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=af45407f-5674-46c5-bfa8-e01a2a458114&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 08 Apr 2021 19:34:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
cm.lentainform.com/setmuidn/ 		0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l389Jyuq35yc
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
63cdeeb559e968dc-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0954938558000068dc73a58000000001
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=82ca9412-0e1c-4ec6-a9a4-6e93a4148ede
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=82ca9412-0e1c-4ec6-a9a4-6e93a4148ede
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:22 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
aa706001-0c9d-4d47-bb7d-0b692104487e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63cdeec38f08083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0954938e370000083fef96f000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=82ca9412-0e1c-4ec6-a9a4-6e93a4148ede
date
Thu, 08 Apr 2021 19:34:20 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
/
cm.idealmedia.io/setmuidn/ 		0
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l389Jyuq35yc
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
63cdeeb09c32b7e7-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
cf-request-id
09549382630000b7e78f2ce000000001
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l389Jyuq35yc
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=1d724839-3ce1-41ad-8526-afa5377e85c9&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
68 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=1d724839-3ce1-41ad-8526-afa5377e85c9&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.199.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:17 GMT
content-length
68
content-type
image/png

Redirect headers

location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=1d724839-3ce1-41ad-8526-afa5377e85c9&seat_user_id=&seat_key= &gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
date
Thu, 08 Apr 2021 19:34:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDM4OUp5dXEzNXlj&muidn=l389Jyuq35yc
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDM4OUp5dXEzNXlj&muidn=l389Jyuq35yc&google_tc=
  • https://cm.mgid.com/google?muidn=l389Jyuq35yc&google_ula={guid},5&google_gid=CAESEEDS0ZcgJhxKCCM897RXq8k&google_cver=1
0
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l389Jyuq35yc&google_ula={guid},5&google_gid=CAESEEDS0ZcgJhxKCCM897RXq8k&google_cver=1
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
63cdeeab38f9083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0954937f080000083fefbca000000001

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l389Jyuq35yc&google_ula={guid},5&google_gid=CAESEEDS0ZcgJhxKCCM897RXq8k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
253108
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:48 GMT
ao
capi.connatix.com/tr/ Frame 8D8A 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=112385
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Apr 2021 19:34:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
g
capi.connatix.com/rtb/ Frame 8D8A 		232 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=112385
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0772fc050ede9a8a99f1c3c166e1f7d73e335dec65aab626c2e96c06053b08cd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Apr 2021 19:34:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
ps
capi.connatix.com/tr/ Frame 8D8A 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=112385
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Apr 2021 19:34:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
08181a33-0316-4022-bb34-2a06280da4c9.jpg
img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/08181a33-0316-4022-bb34-2a06280da4c9.jpg?crop=580:398,smart&width=580&height=398&format=jpeg&quality=60&fit=crop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3c1255609c06c5fb1636d8281c021de42e8660a5e1470fc487680d78acf3b73

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:17 GMT
age
58136
etag
"+GNw3UW7onFhb3sdg9x6nuLzFDqPSx6cvfsgZarK0MQ"
access-control-max-age
86400
fastly-io-info
ifsz=236678 idim=1200x647 ifmt=jpeg ofsz=48650 odim=580x398 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
48650
ad
ssp.lkqd.net/ Frame 8D8A 		168 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=580&height=326&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=null&ip=83.97.23.12&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=7c7763a11617910456898
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.ibtimes.com
date
Thu, 08 Apr 2021 19:34:21 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8D8A 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117138
x-xss-protection
0
expires
Thu, 08 Apr 2021 19:34:19 GMT
0408.bin
vid.connatix.com/00000000-0000-0000-0000-000000000002/ Frame 8D8A 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/00000000-0000-0000-0000-000000000002/0408.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e79258719b86bf13fc33ff7b08a940a278034a9c67cc7f2cceff517728836cca

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:17 GMT
content-encoding
gzip
last-modified
Tue, 03 Mar 2020 09:18:27 GMT
age
70456
etag
"0eb40eb091ab4593085c3fd3a94a7970"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1302
08181a33-0316-4022-bb34-2a06280da4c9.jpg
img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/08181a33-0316-4022-bb34-2a06280da4c9.jpg?crop=580:326,smart&width=580&height=326&format=jpeg&quality=60&fit=crop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
696866c30b777b15f77f82e6fbb21c7cf17fd9c147c5ad882434ee7ced7dc80c

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:18 GMT
age
58136
etag
"IFmPDsOwhWAvQLXPnEMpwsvUb2QV6SZkilrwbPwR6Z4"
access-control-max-age
86400
fastly-io-info
ifsz=236678 idim=1200x647 ifmt=jpeg ofsz=39945 odim=580x326 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
39945
14bf3d91-8b15-41cc-b946-6963a76a79c1.jpg
img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/14bf3d91-8b15-41cc-b946-6963a76a79c1.jpg?crop=580:326,smart&width=580&height=326&format=jpeg&quality=60&fit=crop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5edebe7fe34786494bceeb61373d10c7062aa925f4dafee67a2cc3dfc8fbfa8a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:18 GMT
age
58136
etag
"bcvNEcfU/ztsdMiNpNFMj2M/YPGebFevQAlBXk9mQjg"
access-control-max-age
86400
fastly-io-info
ifsz=106826 idim=1024x682 ifmt=jpeg ofsz=31897 odim=580x326 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
31897
2750e7fd-c4ae-4b9f-89f4-ea4f9b843afb.jpg
img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/2750e7fd-c4ae-4b9f-89f4-ea4f9b843afb.jpg?crop=580:326,smart&width=580&height=326&format=jpeg&quality=60&fit=crop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bfc27b52bc9dd857e506403614fdf39468d09eefebc7bd09df7395017590661c

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:18 GMT
age
58136
etag
"G1Ng2z+XyGMy3N73iseg1JVOT5oHSKv/+wGHrStfGvs"
access-control-max-age
86400
fastly-io-info
ifsz=26846 idim=1024x681 ifmt=jpeg ofsz=10844 odim=580x326 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
10844
b071f704-ca91-420a-8951-d4c9c09db0c9.jpg
img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/b071f704-ca91-420a-8951-d4c9c09db0c9.jpg?crop=580:326,smart&width=580&height=326&format=jpeg&quality=60&fit=crop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7152556f6e2f75d84c2ed3cd7a0cbff0d9a9bcb7b3dd7b99d2b4d97b4571e4ed

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:18 GMT
age
58136
etag
"hGN2GtVqTrIlHt3EgJUC4qqPxaxgPnCydlSyT7yLztk"
access-control-max-age
86400
fastly-io-info
ifsz=54031 idim=1024x664 ifmt=jpeg ofsz=16878 odim=580x326 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
16878
c72896c7-4103-4e64-ba6b-f66caac39dc4.jpg
img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/dac1bb9b-6089-44e8-af28-ecbe13fbb532/c72896c7-4103-4e64-ba6b-f66caac39dc4.jpg?crop=580:326,smart&width=580&height=326&format=jpeg&quality=60&fit=crop
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7229807aa5c1ebea34a0a7f188106ea1c4092977bbc1249d023bc17af5d86f1d

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:18 GMT
age
58136
etag
"QbR4Q+/tjke42H/jbSthmZbP131jT8bNsf3pXcgAmhA"
access-control-max-age
86400
fastly-io-info
ifsz=115958 idim=1024x682 ifmt=jpeg ofsz=30350 odim=580x326 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
30350
settings
syndication.twitter.com/ Frame 3AEA 		183 B
239 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=985313fadf3cdc083cf2a59cff6479286998f17a
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html?origin=https%3A%2F%2Fwww.ibtimes.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
121
date
Thu, 08 Apr 2021 19:34:17 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 19:34:17 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
62057e35c4eb037f5f9654f955400259
strict-transport-security
max-age=631138519
content-length
152
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1617910457434&ns_c=UTF-8&cv=3.5&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1617910457434&ns_c=UTF-8&cv=3.5&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=http...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1617910457434&ns_c=UTF-8&cv=3.5&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&c9=&cs_ak_ss=1
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:20 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1617910457434&ns_c=UTF-8&cv=3.5&c8=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&c7=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:18 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame 2E0F 		1 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-31689716-1&cid=1631863792.1617910455&jid=808330277&gjid=154241557&_gid=843579511.1617910455&_u=aEBAAEAAAAAAAC~&z=2079143045
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 08 Apr 2021 19:34:17 GMT
content-type
text/plain
access-control-allow-origin
https://frontend.1worldonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2E0F 		252 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d36f71a98a5d73163c3aa0294b646abe665218ab260c1cf38d764907b5576c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2E0F 		492 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2f9850085a3507e901365d8b841808d71cf4c31d1a8df9ea332ddec2971be72

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2E0F 		460 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92ad5b045b4bf2f1a4235164a9ad2a3ba3a360ea6eeed76a717143333acea0b9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2E0F 		518 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03a24c1310b8410132d9ae5050ec0382090ee6897a7502b176b511073f826926

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ Frame 2E0F 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700&amp;subset=cyrillic
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://frontend.1worldonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:37 GMT
server
sffe
age
63075
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16256
x-xss-protection
0
expires
Fri, 08 Apr 2022 02:03:02 GMT
truncated
/ Frame 2E0F 		241 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f4399b4bcb57c4a56592d088bdf643dd39de6110c484510cf136fa691a6fcf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2E0F 		497 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcf99dd22e9e501cb0cbf359b98c05554c98c69b76b50f3a279c92137f9087d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2E0F 		375 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e4e6d7711f0bda0c536407684f91e403f7f4df81daa9576ab010fc82ee5a0bb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2E0F 		340 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50bdaa8b5540c2c86d0f9c281d25ab06d9bc47b277eabfc9a7c7ac88958cac58

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
poll_icond9b8fe67-566e-4fb1-9c1b-631edc470b9d-0-900x300
d2fw4nb4g546bx.cloudfront.net/ Frame 2E0F 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2fw4nb4g546bx.cloudfront.net/poll_icond9b8fe67-566e-4fb1-9c1b-631edc470b9d-0-900x300
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/smart3-b9c58ac9.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.190.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53fd89fea0ae7c1ed2d979d0a2a01f047dd8cd100054d8ab40a903971a5da273

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 14:03:18 GMT
Via
1.1 fac12edd3ea2d7d16f6e74eebe042dcc.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 08 Apr 2021 13:50:10 GMT
Server
AmazonS3
Age
19862
ETag
"099007c5491eeb7e2313a82036459969"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
public,max-age=172800
X-Amz-Cf-Pop
HAM50-C2
Accept-Ranges
bytes
Content-Length
71467
X-Amz-Cf-Id
xLVgWlbYqsUfLnaJWk8YmvBk-IuzFGldqrG3GdP4288VpqJ290qKJw==
score
app.1worldonline.com//account/ Frame 2E0F 		147 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.1worldonline.com//account/score
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/widget-smart.min-95bff20c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.172.53 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5d76bfd9f85e3234a9b76dd49cd69b6027195ce88730edabe677a5f65d0855e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:33 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://frontend.1worldonline.com
Access-Control-Expose-Headers
Content-Disposition, Cache-Control
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
location
app.1worldonline.com/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401/ Frame 2E0F 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.1worldonline.com/widget/8ad38099-acf3-4953-9aa9-dd5c847fe401/location?location=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&deviceType=desktop
Requested by
Host: frontend.1worldonline.com
URL: https://frontend.1worldonline.com/widget/js/static/widget-smart.min-95bff20c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.172.53 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:33 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://frontend.1worldonline.com
Access-Control-Expose-Headers
Content-Disposition, Cache-Control
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
partner_logod2865420-db84-4769-b24a-d8cd9d159ebc-0
d2fw4nb4g546bx.cloudfront.net/ Frame 2E0F 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2fw4nb4g546bx.cloudfront.net/partner_logod2865420-db84-4769-b24a-d8cd9d159ebc-0
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.190.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18957da19be7c8e169e12ecdc59cb682438d17ae338ffa77effdcd550fbb3303

Request headers

Referer
https://frontend.1worldonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 01:08:07 GMT
Via
1.1 ffa7b1f7305a9eb50b3ebbb59c46c01e.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Mon, 11 Nov 2019 17:02:45 GMT
Server
AmazonS3
Age
105776
ETag
"33a82aa538cef392057465de9fbb9018"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public,max-age=172800
X-Amz-Cf-Pop
HAM50-C2
Accept-Ranges
bytes
Content-Length
1490
X-Amz-Cf-Id
CjYsZ0bbJlCKgzf2YeiA2_Hef-4DC9F09bWRFu7KtJF39xzxmEcGrg==
sd
eu-u.openx.net/w/1.0/ Frame 394A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6007606f-5abb-4a00-a7ea-2ca956e52448
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=6007606f-5abb-4a00-a7ea-2ca956e52448
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=6007606f-5abb-4a00-a7ea-2ca956e52448
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=6007606f-5abb-4a00-a7ea-2ca956e52448
date
Thu, 08 Apr 2021 19:34:20 GMT
via
1.1 google
server
OXGW/16.205.50
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
us-u.openx.net/w/1.0/ Frame 394A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=KYhUNSrZADIyiFdlJo5PMXzdV2syjVtmfYxFqMoY
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=1&val=KYhUNSrZADIyiFdlJo5PMXzdV2syjVtmfYxFqMoY
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=1&val=KYhUNSrZADIyiFdlJo5PMXzdV2syjVtmfYxFqMoY
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=1&val=KYhUNSrZADIyiFdlJo5PMXzdV2syjVtmfYxFqMoY
date
Thu, 08 Apr 2021 19:34:18 GMT
via
1.1 google
server
OXGW/16.205.50
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
eu-u.openx.net/w/1.0/ Frame 394A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1168018526156980233
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1168018526156980233
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1168018526156980233
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 394A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=bc506170-f2f6-7740-d38a-b656825e789c&gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 394A 		170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTAzZmIyYmEtM2I4MS0yOWU0LWM2NmEtZWNlZjQ4YmNiNmZj
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 394A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENnLyEYdvW4gZ8LMDKOKyAs&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENnLyEYdvW4gZ8LMDKOKyAs&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENnLyEYdvW4gZ8LMDKOKyAs&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENnLyEYdvW4gZ8LMDKOKyAs&google_cver=1
date
Thu, 08 Apr 2021 19:34:18 GMT
via
1.1 google
server
OXGW/16.205.50
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
a
aux.fqtag.com/aux/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/a
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Apr 2021 19:34:18 GMT
via
1.1 google
alt-svc
clear
usync.js
eus.rubiconproject.com/ Frame EF15 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c92b73f46d6bf6c01fc66fcc132568f355aee54542e3c19ac5ca48272955ac9a

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19983
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9419
Expires
Fri, 09 Apr 2021 01:07:21 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 2A90
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad4a6a667ac761bfc9a5bdaa0aca9d9a62efde0606637583944ca38645f9d6ce

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YG9au.Vuy19ZAvS6VNF1lwAA; CMPS=3246
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|230|241|13|57|156|221
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1785
Expires
Thu, 08 Apr 2021 19:34:20 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:20 GMT
Connection
keep-alive
Set-Cookie
CMID=YG9au.Vuy19ZAvS6VNF1lwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Apr 2022 19:34:20 GMT CMPS=3246;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 07 Jul 2021 19:34:20 GMT CMPRO=1176;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 07 Jul 2021 19:34:20 GMT CMRUM3=2d606f5abc05a0&27606f5abc0b40&0d606f5abc05a0&39606f5abc05a0&e6606f5abc27600&9c606f5abc05a00&f1606f5abc05a0&dd606f5abc27600;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Apr 2022 19:34:20 GMT CMST=YG9avGBvWrwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Apr 2021 19:34:20 GMT

Redirect headers

Server
Apache
Content-Length
338
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Thu, 08 Apr 2021 19:34:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YG9au.Vuy19ZAvS6VNF1lwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Apr 2022 19:34:19 GMT CMPS=3246;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 07 Jul 2021 19:34:19 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 342A 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=65254455&p=158003&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b550953dfd1973c89197f133aedcbbcb93e45dc0f336bb064076aecf60c996e8

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:19 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
bounce
ib.adnxs.com/ Frame C969
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:20 GMT
X-Proxy-Origin
83.97.23.12; 83.97.23.12; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.204:80
AN-X-Request-Uuid
9d9e4cc6-c762-4e2d-a188-deeb15d278e1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:19 GMT
X-Proxy-Origin
83.97.23.12; 83.97.23.12; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.91:80
AN-X-Request-Uuid
d75dccad-db9e-465f-95f0-9f050517112e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
300x600_Crypto3_CYSEC.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/ Frame DB9E 		427 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ba37ed5fbff004aecba880184b518da8c5c95374130b15257115f74cead9acf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 08 Apr 2021 06:24:18 GMT
expires
Fri, 08 Apr 2022 06:24:18 GMT
last-modified
Thu, 08 Apr 2021 05:52:24 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
66627
age
47403
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame D481 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf9l-slpvYIvqOuWuzAa7i4qAAa_Yg_Vhm82R4cANhd2jp9kCEAEguoj7JWCV-vCBjAegAercgNECyAEJqQIVFBAt-qapPuACAKgDAcgDCKoEkQNP0NzRZUc9sw8XA9s5i8F8JxuiVmPCQFRtR3TctdOQQWYcHsVFQjJ4hC1QDGwTB1P3q91dR9kLr1bSnbD-EfoK6xA2V5Eu8ZyzV0XNZTw69Hh66cNTCLumgjnwE8JZGHQW92EvrImBtsNkRU9VJKNP77dNokrODZ37PLr_GbAchsu-NJySi2MtRGUjHiGQkJU2w-irRZSSFpqFFaCNhV7OrcvYN9zdzDJCozWHXaxCyzrsOezp31nUIi3Czr-t_ASfgT4hbXGPozyECb4W_b9mQ7f2APU5XSKvW_z9TeZFcvGQ8Xne7vC12p0xZorkqtqpUlTioBi9lifFHNCalBgX13mFO67pxs2uahPRQArRKDDV-4jR_UZzUOrIP0yV0pgqfpJTkBg1bTN31SXOl7ktjtt12O1oWhG17MNvFCEQVbOS6h9UhP8M5lv-ekTtgCYAxZVg3u_PnjCcfiSnC5ZHgHyEIjyypzKw_fyv8gRI3bdWXlvCQJ4J3G4H7xQr3hjhauVBwgCR56B_pjSL7PajNcAE2I3EnrQD4AQBkgUECAQYAZIFBAgFGASgBi6AB_6i_64BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPnrBtIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tMzU1NTUzMTEwNDcyODc4M4AKA8gLAdgTDbIXGgoYCAASFHB1Yi02MDQyMzczOTUxMjM3NTAy&sigh=XbIfLvK_MsY&template_id=419&tpd=AGWhJmvpGDF62JnABn_gqUd9npZGBaZkHin6nKb75i8lygovrg
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame D481 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
17914786394753848863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Apr 2021 19:34:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame D481 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Apr 2021 19:32:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D481 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Thu, 08 Apr 2021 19:34:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame D481 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Apr 2021 19:33:50 GMT
l
www.google.com/ads/measurement/ Frame D481 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTdvA1kis_OXyn2YfYPlS_N2vWM-K5Fzl5r22uDqNLYFCfUg1FQa70a0Xo5YvJPkn0T4yZq
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 63D8 		102 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1699160349f58f6de31833ab95b03ce6f1f5f9330ae1a869f913c9a62655db01
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/13064758606153383936/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 08 Apr 2021 17:04:55 GMT
expires
Fri, 08 Apr 2022 17:04:55 GMT
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
22822
age
8966
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 3C53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTjYeslpvYI3qOuWuzAa7i4qAAf6C7cFhpvThgbsNgue0tfkBEAEguoj7JWCV-vCBjAegAbmK34sCyAEJqQI2ZcC-A_azPuACAKgDAcgDAqoElwNP0NNf92Z0nDTddmuXTV5cmNrA6UgAewesKMfYOifJM-fccC0Sz-9ki4_hsfb6EP5eRIweXP_7J4qctt8tPVCNtZIx8ORvJR3qWQ0KM9NJ1WD5JfQXoHJEb5JNGo_aUQEiLD93oUdvTPAO4JAo8FLlo-m4j10I6Dzy2H_SJg6-66R4q7pCa3y6ZTf5fNqZsPNY7BplSWKvHu_ou-yK7VhbuUmrgFaOLMSjNeh0wAGAy2TmSaswmoom71VM4aHsRkStQQ2acPxBG4xIUM394qfhmfb9cNdA8WeisMsYLDC6Q7N8px2Jk1pNrKA4ekv4SKt5pgwixYhsmSJJQ9L2vXGt-clvBTqVN8S9UZdFovtWXk-9kZw9rsKtCDCWh4_2YFWqC2vgaxispes5d_gdA24v1vuah1UOhQORgkihnYBZU1Zp_zsOhQIsv4Rc5pwXh-1p-bHq6msNnidcP88GPbwe1ufKzp2yd7OdFjWH-1rNdp7n651jo4D3fhGS6CFDWb-0qbMZB1rzXEivsQxMqv-3_jY5t_d7rcAE6cT176MD4AQBkgUECAQYAZIFBAgFGASgBl2AB6_1oPQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEL3ECdIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tMzU1NTUzMTEwNDcyODc4M4AKA8gLAdgTDbIXGgoYCAASFHB1Yi02MDQyMzczOTUxMjM3NTAy&sigh=FCySG6hXXlM&tpd=AGWhJmtML3vcBJxS6WMtSbRv-Sw-ouIBClfFQPWA3_87ZTflyw
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame ED0C 		143 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlTFBy18_gq4MKRiIG8d6oE3O6PDGYkSqImoppFZfbTv0h8n6EcKRPG7UMCt0w
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 08 Apr 2021 18:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3175
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 3C53 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Apr 2021 19:32:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C53 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Thu, 08 Apr 2021 19:34:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 3C53 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Apr 2021 19:33:50 GMT
st
capi.connatix.com/tr/ Frame 8D8A 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=112385
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Apr 2021 19:34:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
inside.js
s.yimg.com/rq/iv/ Frame 69DB 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/rq/iv/inside.js
Requested by
Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/imp/yf7IpAhJvMLarWrd8FKFGjzCAR2SD69Hf39rj7fu_FeqGOSD8YQSKzAVGoUWqWMx7QPUTE_NXYZcYXvGrV6znUY_N1g8migrdR0egtmKYvcNCXHazwaRMyNNiDJCa3YWXM3-IGW7ZzUKV2xVQaCCUg9-yo_7qIJxFpro4g3U7ThK6VGC_XsMTScM4f06rZog8Wdds0PtT7usg5YagaqfOIg43inysMWZi7ABbgL-BFNF-T6vzGSrReh2YUm64TyWYqezKl5ZEB4cxmRLt1sBOvZInwFt-Bcva80YUniLwRZrscTeW1ANkon66G7Usaqxi2bZnYDpSB3WMGxl8mtaSsS5FovnzRrin5lrp3IHwnggec_7bW9grtbyDnSv9SQjWcK_rsGMZ1ef36YuZUuRABT6F6vL9sMd7JeYANyDQWPLXEswKzM0tFmDvVVb2jwbQbkCgfvfyXNCLRBf3xkr20Mr2L5m2DObo-3DG1Nio_Hj6pjQvJpBH-vjCQl_AeUAWX7Q5NAcCD89OHVTBuevcaioCBbw4lU_ymPd1DPJ6-1iI59GkZiGRrPyc9zQ09yeynIpNbxY5QOyXPMfpQ44Ei67ZOzd95iYFThv1cIJ8qOvscX8Ys2zyGsZ6tQvmsCktq9enPmoABcxFt3t1BCeF3u5ChULIVem24ez7JzCx3thBEnAEIkhz4bhgS8rqWaYuZWLXoKMoMV1lj5fhuJD8wj6L9Hf8W61xvl7lzQRUMXwNGFN6EhFMAF7mdoUnQ_lorwi5dWSVl3rfeW12_GPNYKGeoqPYou6ERKzKYVGscKLkmDiTEW9pWYmps5V43k-L4GuPhsRLrTp6AVP-cG_gkLE4sWFwC_DDm6j6s2fLwNaCm4Hq4T0e_L3NeIEa3kEo8ue0mqQFesiT_e5Q43DLo_dJY9cR2NoAA8u3-516evRgZ7WBJkcLdW4VHneJBwRC7R60hIglfCwSZ_QlAjUXYp5ACT3mCrW3Mc9uDIKsJTIv8ctVY3Y2Wza9t06_r8G3xkwgb3B4uxQO1Wxlvmh51ottWTQjBN2WfGyo7ryDxpJTTlnCCXXHWcq730nBk5WCBY-v--hEiiczugkOW3dw913U_vCRBg70U5VxNT1FLW3c68J5-Xw5H7sYwKLFfo7tW3p8E5-4l6FM1phFeFZQb-Ixa85_StXru4d_ST2BtXPk8GNnhxBit6Wwf8OYakYnB9M29_lQLWOVI6kLSmoKgI9Ulapc9WWDLqH5JN9KJmfipNMrYpS1SWVioY3uZ_z5bIzqI1IY4Spm-zhhihJsRg1ck7QNVrJ-V9vHTIbkr4AZfAFYB3iRBkWMdyZXxAzHNlIdAaiJNCuekfNWiQqZlaGM3Fq7tcw_fr5SDLOW0c6fd3rUpf6hIKIr4nKpGHsXpr6M9tqMP5ETUEoQDgjfd01bh9F0nmt-lStjUHxgTiSGcewb9d29izRruEfE9EOu1iTdTb7MPn1OuxinzMt666LTLYuK9hDITenYxBgbf0/wp/0.078414/pclick/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1ODAwMyZzaXRlSWQ9NTc2Mzg2JmFkSWQ9MjExNzk2MyZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjMwMjYmY3JlYXRpdmVJZD0wJnVjcmlkPTI5OTYxODg1NDk3MTk1MTEwNDYmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9N0FBRjk2NkMtMTZGRi00RTY3LUI5NjAtMjk2NDM2QTUzOEEzJnBhc3NiYWNrPTA=_url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
1fa16c1f74876eaeaf66d6f29d57c641c619fcf69ac55187039f4f82ff9a701f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 08 Apr 2021 18:11:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4970
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
14524
x-amz-id-2
C+XCBUKzk5vH1SUyw56RTkBsz66bvmZgpUgWP0ovtPxiuDCWryroufo5Gt0+b4eP+fwtnxk6xxs=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Mar 2021 20:30:45 GMT
server
ATS
etag
"88b82e15c9ac0270fa9e031df01dd8dc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
2GD7TVV4EHZYHYGD
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
8a4a7112-2015-481f-aacf-d3191295187a.jpeg
s.yimg.com/ch/ Frame 69DB 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/8a4a7112-2015-481f-aacf-d3191295187a.jpeg
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
0636b6a6221b92068103af929e10c7c14f1111e6df80da380a44c770d70dd4f9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 07 Apr 2021 12:11:58 GMT
x-content-type-options
nosniff
age
112943
x-amz-server-side-encryption
AES256
vary
Origin
content-length
58665
x-amz-id-2
RLTEcNlUNMTX0jMtw9JPJ7HbM+QizmKdebvxScy3aM41ZrgQtLdHOGgq6H83wVhosTRNE96Nfz8=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Apr 2021 10:47:37 GMT
server
ATS
etag
"15f70f09ec54b020f4dc3482c5122c30"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
7ADCARNDJAQD8ADP
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/jpeg
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 69DB 		565 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 25 Mar 2021 18:20:56 GMT
x-content-type-options
nosniff
age
1214005
x-amz-server-side-encryption
AES256
vary
Origin
content-length
565
x-amz-id-2
lXUvlixDZGZWjqdeS0azKYPH9SrDP/6u5ej1Bp168I9whmyE8pEjE8NHS2EeQPXTow0hq/uFALY=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
BE0PR5J1R3ERFCQE
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
d
aux.fqtag.com/aux/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/d
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Apr 2021 19:34:20 GMT
via
1.1 google
alt-svc
clear
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 9BAC
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1139417081313456709
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1139417081313456709
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=65254455&p=158003&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=A578B290-E397-4B7A-A692-26E716316FCF; chkChromeAb67Sec=1; DPSync3=1619049600%3A201_227_226_221; SyncRTB3=1618704000%3A63%7C1619136000%3A35%7C1619049600%3A21_7_3_220_13_54_161_56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 08 Apr 2021 19:34:21 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-1139417081313456709; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 08-May-2021 19:34:21 GMT; path=/ PugT=1617910461; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 08-May-2021 19:34:21 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 07-Jul-2021 19:34:21 GMT; path=/
X-lat
lhrpug009:0:457
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1139417081313456709
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 5B2B 		43 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=65254455&p=158003&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 08 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
815
x-powered-by
ASP.NET
date
Thu, 08 Apr 2021 19:34:21 GMT
content-length
43
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 342A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pXiykOOXS3qmkibnFjFvzw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=74137
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 09 Apr 2021 16:10:07 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 342A 		95 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=A578B290-E397-4B7A-A692-26E716316FCF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
63cdeebfb9214e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0954938bd500004e0e37370000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 342A
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A578B290-E397-4B7A-A692-26E716316FCF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A578B290-E397-4B7A-A692-26E716316FCF&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A578B290-E397-4B7A-A692-26E716316FCF&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:19 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:19 GMT
frontend-id
4
location
/pubmatic/1/info2?sType=sync&sExtCookieId=A578B290-E397-4B7A-A692-26E716316FCF&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 342A
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A578B290-E397-4B7A-A692-26E716316FCF&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A578B290-E397-4B7A-A692-26E716316FCF&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A578B290-E397-4B7A-A692-26E716316FCF&addseg=19,36,42
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A578B290-E397-4B7A-A692-26E716316FCF&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:30 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 08 Apr 2021 19:34:22 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A578B290-E397-4B7A-A692-26E716316FCF&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 342A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTU3OEIyOTAtRTM5Ny00QjdBLUE2OTItMjZFNzE2MzE2RkNG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:21 GMT
X-lat
lhrpug010:0:404
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 342A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHzcfavWgpd2jU4Yq404vRE&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHzcfavWgpd2jU4Yq404vRE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:21 GMT
X-lat
lhrpug013:0:392
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHzcfavWgpd2jU4Yq404vRE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 342A 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:21 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 07 Apr 2021 19:34:21 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 342A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=60d209a1-e76d-4c74-afe5-5db8ca5c26bf
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=60d209a1-e76d-4c74-afe5-5db8ca5c26bf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:23 GMT
X-lat
amspug006:0:376
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=60d209a1-e76d-4c74-afe5-5db8ca5c26bf
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 342A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1168018526156980233
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1168018526156980233
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:22 GMT
X-lat
amspug014:0:359
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1168018526156980233
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 342A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6007606f-5abb-4a00-a7ea-2ca956e52448&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6007606f-5abb-4a00-a7ea-2ca956e52448&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:22 GMT
X-lat
amspug004:0:473
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 08 Apr 2021 19:35:26 GMT
Server
MT3 3660 495c301 master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6007606f-5abb-4a00-a7ea-2ca956e52448&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 08 Apr 2021 19:35:25 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 342A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1540220548708041551&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1540220548708041551&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:31 GMT
X-lat
lhrpug007:0:537
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:30 GMT
X-Proxy-Origin
83.97.23.12; 83.97.23.12; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.30:80
AN-X-Request-Uuid
6a4d6129-e281-4b29-8c75-72373b75479b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1540220548708041551&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 342A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=5v3IVc8URkhgtTlRYetleVNhFww&user_group=1&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=af45407f-5674-46c5-bfa8-e01a2a458114&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=af45407f-5674-46c5-bfa8-e01a2a458114&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:26 GMT
X-lat
amspug012:0:420
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=af45407f-5674-46c5-bfa8-e01a2a458114&gdpr=0&gdpr_consent=&gdpr_pd=
date
Thu, 08 Apr 2021 19:34:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
sync.bfmio.com/ Frame 5344
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=60d209a1-e76d-4c74-afe5-5db8ca5c26bf
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=60d209a1-e76d-4c74-afe5-5db8ca5c26bf
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=9950dc87-e457-40ab-84d2-0662b604390c&gdpr=0&gc=&gce=1&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.136.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 08 Apr 2021 19:34:23 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=60d209a1-e76d-4c74-afe5-5db8ca5c26bf
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
generic
match.adsrvr.org/track/cmf/ Frame ECEB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame ECEB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOy_MwYVV-dBw14WXitrpqQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOy_MwYVV-dBw14WXitrpqQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOy_MwYVV-dBw14WXitrpqQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ECEB
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/sync/google/demand?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA3NDQ1MTg1NzYyNzE5ODI4OTk%3D
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA3NDQ1MTg1NzYyNzE5ODI4OTk%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA3NDQ1MTg1NzYyNzE5ODI4OTk%3D
date
Thu, 08 Apr 2021 19:34:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame ECEB 		42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=11277686311142193948&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:21 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: FA119C3403E04A43962C32C8DCF4BF8A Ref B: FRAEDGE1206 Ref C: 2021-04-08T19:34:21Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame ECEB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11277686311142193948?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-ButZPFtE2oSdrgzU_cw3yQxv2nKV9Vi2cVDgxJid6Q--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ButZPFtE2oSdrgzU_cw3yQxv2nKV9Vi2cVDgxJid6Q--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 08 Apr 2021 19:34:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ButZPFtE2oSdrgzU_cw3yQxv2nKV9Vi2cVDgxJid6Q--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame ECEB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1540220548708041551&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=1540220548708041551&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:22 GMT
X-Proxy-Origin
83.97.23.12; 83.97.23.12; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.109:80
AN-X-Request-Uuid
552ea687-682d-4903-9359-ef7439165ffb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=1540220548708041551&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame ECEB
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11277686311142193948
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11277686311142193948&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11277686311142193948&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:26 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11277686311142193948&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame ECEB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame ECEB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=11277686311142193948
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame ECEB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=11277686311142193948
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bridge3.450.0_en.html
imasdk.googleapis.com/js/core/ Frame 19AF 		574 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.450.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191926
date
Thu, 08 Apr 2021 02:43:30 GMT
expires
Fri, 08 Apr 2022 02:43:30 GMT
last-modified
Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
60651
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 8D8A 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Thu, 08 Apr 2021 19:34:22 GMT
v2zte7IEychYgLKmT2XDBbN0jZRZ2WQdZQh4T9qVzp2a3WQUWuCoh9OkeXGIoB794SfJ446OtGohZhS3ML3YmKfUoO1qYgwzC4VNOm_kMt24ymgc
stalesummer.com/ 		216 B
613 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stalesummer.com/v2zte7IEychYgLKmT2XDBbN0jZRZ2WQdZQh4T9qVzp2a3WQUWuCoh9OkeXGIoB794SfJ446OtGohZhS3ML3YmKfUoO1qYgwzC4VNOm_kMt24ymgc
Requested by
Host: stalesummer.com
URL: https://stalesummer.com/v2jwa09-ea5JgtGMI8UDv_W4HlKfJLPJbfeNXviAWNmyjExu0se_D1bU_Pr8x9zyUiVxfGFG-_0hNq8v4c7qG8GBjE4T6vWc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.48.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5c4466ff84b1a553fb5be459ec0fbcd52bbec6c50c844a7be44883a4df849281
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Thu, 08 Apr 2021 19:34:22 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ibtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
327907e0
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Thu, 08 Apr 2021 19:34:21 GMT
async_usersync
ib.adnxs.com/ Frame C969 		0
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:30 GMT
X-Proxy-Origin
83.97.23.12; 83.97.23.12; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.41:80
AN-X-Request-Uuid
e388db06-3fd3-4fc1-8515-411103f95939
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 18:45:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2959
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Thu, 08 Apr 2021 19:45:03 GMT
khaos.jpg
token.rubiconproject.com/ Frame EF15 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
abt
capi.connatix.com/tr/ Frame 8D8A 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=112385
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Apr 2021 19:34:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
integrator.js
adservice.google.com/adsid/ Frame 8D8A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 19:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
p
aux.fqtag.com/aux/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/p
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Apr 2021 19:34:23 GMT
via
1.1 google
alt-svc
clear
SPug
simage4.pubmatic.com/AdServer/ Frame 342A 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158003&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 08 Apr 2021 19:34:30 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
r.js
q.adrta.com/s/pbm/ Frame 69DB 		117 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/s/pbm/r.js?v=21.20&rcb=476286&cb=592022649_1617910447_157297
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/s/pbm/aa.js?cb=592022649_1617910447_157297
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.97.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-97-1.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
0cf1ba474abafe613d662160cb1ec98121c92a4269a0513750f3c5348ed4b596

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Apr 2021 19:34:24 GMT
server
nginx/1.18.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
117
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame D952 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=A578B290-E397-4B7A-A692-26E716316FCF; chkChromeAb67Sec=1; DPSync3=1619049600%3A201_227_226_221; SyncRTB3=1618704000%3A63%7C1619136000%3A35%7C1619049600%3A21_7_3_220_13_54_161_56; KRTBCOOKIE_336=5844-1139417081313456709; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEHzcfavWgpd2jU4Yq404vRE&KRTB&22987-CAESEHzcfavWgpd2jU4Yq404vRE&KRTB&23025-CAESEHzcfavWgpd2jU4Yq404vRE; KRTBCOOKIE_27=16735-uid:6007606f-5abb-4a00-a7ea-2ca956e52448&KRTB&16736-uid:6007606f-5abb-4a00-a7ea-2ca956e52448&KRTB&23019-uid:6007606f-5abb-4a00-a7ea-2ca956e52448&KRTB&23114-uid:6007606f-5abb-4a00-a7ea-2ca956e52448; KRTBCOOKIE_391=22924-1168018526156980233&KRTB&23263-1168018526156980233; KRTBCOOKIE_377=6810-60d209a1-e76d-4c74-afe5-5db8ca5c26bf&KRTB&22918-60d209a1-e76d-4c74-afe5-5db8ca5c26bf&KRTB&23031-60d209a1-e76d-4c74-afe5-5db8ca5c26bf; PugT=1617910463
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=155183
Expires
Sat, 10 Apr 2021 14:40:53 GMT
Date
Thu, 08 Apr 2021 19:34:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 53EE 		0
124 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=158003&siteId=576386&adId=2117963&adType=10&adServerId=243&kefact=0.100000&kaxefact=0.100000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1617910447&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.078414&dcId=3&tldId=0&passback=0&svr=BID22482U&adsver=_2560778847&adsabzcid=0&ekefact=r1pvYD36AgAknlOsAUXKrAeDYKU1nMXuNoQ_yW6e_HQpiVUk&ekaxefact=r1pvYEf6AgCJh0-YFChz07X-_eUQC92PIfjGroUCbA7SGHew&ekpbmtpfact=r1pvYFD6AgB_Y8HaoTphnQDEhW5zcjylx4T4giXoMGqmDrwx&enpp=r1pvYFj6AgAE4tK5pFtNG8emgYC9NVqF_NhUm2PELzz4v17J&pfi=1&dc=AMS&pubBuyId=30384&tpb=1&crID=3285378&lpu=hoeren-heute.de&ucrid=2996188549719511046&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH101788000&wDspId=452&wbId=9&wrId=2876981&wAdvID=1157489&wDspCampId=1447400&isRTB=1&rtbId=5E6B3E47-AC67-4B75-8CF4-02A8382C4324&imprId=7AAF966C-16FF-4E67-B960-296436A538A3&oid=7AAF966C-16FF-4E67-B960-296436A538A3&cntryId=58&pageURL=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&sec=1&pAuSt=3
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
aktrack.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=A578B290-E397-4B7A-A692-26E716316FCF; chkChromeAb67Sec=1; DPSync3=1619049600%3A201_227_226_221; SyncRTB3=1618704000%3A63%7C1619136000%3A35%7C1619049600%3A21_7_3_220_13_54_161_56; KRTBCOOKIE_336=5844-1139417081313456709; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEHzcfavWgpd2jU4Yq404vRE&KRTB&22987-CAESEHzcfavWgpd2jU4Yq404vRE&KRTB&23025-CAESEHzcfavWgpd2jU4Yq404vRE; KRTBCOOKIE_27=16735-uid:6007606f-5abb-4a00-a7ea-2ca956e52448&KRTB&16736-uid:6007606f-5abb-4a00-a7ea-2ca956e52448&KRTB&23019-uid:6007606f-5abb-4a00-a7ea-2ca956e52448&KRTB&23114-uid:6007606f-5abb-4a00-a7ea-2ca956e52448; KRTBCOOKIE_391=22924-1168018526156980233&KRTB&23263-1168018526156980233; KRTBCOOKIE_377=6810-60d209a1-e76d-4c74-afe5-5db8ca5c26bf&KRTB&22918-60d209a1-e76d-4c74-afe5-5db8ca5c26bf&KRTB&23031-60d209a1-e76d-4c74-afe5-5db8ca5c26bf; PugT=1617910463
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

Content-Type
text/html
Content-Length
0
Date
Thu, 08 Apr 2021 19:34:27 GMT
Connection
keep-alive
truncated
/ Frame 69DB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
556980730b8cd33624472d18d121a92d1ee67a90298a8af55676a9862ecc9563

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements1165.js
cdn.doubleverify.com/ Frame BB9D 		476 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1165.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7e739cb08237c433c5fc87622578034ce4d4b9233f7cef03d0c9183d3295e9ca

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 12:00:54 GMT
Server
Microsoft-IIS/10.0
ETag
"01ff4555c25d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946083600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87677
ad
ssp.lkqd.net/ Frame 8D8A 		168 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=580&height=326&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=null&ip=83.97.23.12&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=966e9f991617910464418
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.ibtimes.com
date
Thu, 08 Apr 2021 19:34:24 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 69DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRkGt-SwgIaVPwt7Oa-JKgr9U28nYL2wvcIh4gU5wrG7reK9X3EJBeXxDnKSIrDl6XT94u_3QH8JVtj6C4cjsMlzao973hyvYV_zEPbMqjVdBPxJzln9qZXgwlLtzKbEBnTNbWvsr_Bg8w0wVuyqmVTJDOYS0_1ysLrjgUpc2phes7GLj7vFo17B_U6Xj9D4V11GStATl02VeUbZZmbTzg_Klh5bly4W39WUuN-U0b9wPU6qc8Q_EIb5m1z_WdJR1pW0wicjFNkNnLIBj-RnWQjrR57C9w4wNJ8hz-9tYPrBt3V67x976Lgg&sai=AMfl-YREp9peyx6e8z5R7R1-4wWRQpxxlK_TzhJz13kTRVxx_5xp9RZd0tAbF0coDc1TVpiiVjDkOX60ZDBKVFxxK6FyxRCBeAPEFklKc-8j19UcrMdCTaro5f0mLYncFNc&sig=Cg0ArKJSzIX5mIAetZ8uEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 19:34:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 08 Apr 2021 19:34:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 89BB 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
627
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 08 Apr 2021 20:23:57 GMT
usync.js
eus.rubiconproject.com/ Frame A163 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c92b73f46d6bf6c01fc66fcc132568f355aee54542e3c19ac5ca48272955ac9a

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19977
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9419
Expires
Fri, 09 Apr 2021 01:07:21 GMT
crum
dsum-sec.casalemedia.com/ Frame 2A90
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YG9au.Vuy19ZAvS6VNF1lwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI1i5obsoZt2_6h94dH04Es&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI1i5obsoZt2_6h94dH04Es&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Apr 2021 19:34:28 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEI1i5obsoZt2_6h94dH04Es&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 2A90 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YG9au.Vuy19ZAvS6VNF1lwAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 2A90
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YG9au-Vuy19ZAvS6VNF1lwAABJgAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEK0V9Z7QTahx1DsL76s1T4I&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEK0V9Z7QTahx1DsL76s1T4I&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 08 Apr 2021 19:34:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEK0V9Z7QTahx1DsL76s1T4I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 2A90
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YG9au-Vuy19ZAvS6VNF1lwAABJgAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YG9au-Vuy19ZAvS6VNF1lwAABJgAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YG9au-Vuy19ZAvS6VNF1lwAABJgAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:27 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:26 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YG9au-Vuy19ZAvS6VNF1lwAABJgAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2A90
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0616220400b311cb2ade5111&expiration=[EXPIRATION]&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0616220400b311cb2ade5111&expiration=[EXPIRATION]&gdpr=1&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0616220400b311cb2ade5111&expiration=[EXPIRATION]&gdpr=1&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Apr 2021 19:34:28 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0616220400b311cb2ade5111&expiration=[EXPIRATION]&gdpr=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
327
Expires
Thu, 08 Apr 2021 19:34:28 GMT
cm
p.rfihub.com/ Frame 2A90 		0
0
cookiesync
bttrack.com/pixel/ Frame 2A90 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Thu, 08 Apr 2021 19:33:49 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
tpid=YG9au.Vuy19ZAvS6VNF1lwAA%261176
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 2A90
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YG9au.Vuy19ZAvS6VNF1lwAA%261176
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YG9au.Vuy19ZAvS6VNF1lwAA%261176
49 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YG9au.Vuy19ZAvS6VNF1lwAA%261176
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:25 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.50
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:24 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YG9au.Vuy19ZAvS6VNF1lwAA%261176
cache-control
no-cache
x-server
10.45.1.161
content-length
0
expires
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2A90 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YG9au.Vuy19ZAvS6VNF1lwAA%261176
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ibtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:32 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2375
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 08 Apr 2021 20:14:07 GMT
pixel.js
cdn.fqtag.com/1.27.339-ccfb11a/ Frame 69DB 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by
Host: fqtag.com
URL: https://fqtag.com/tag/implement-r.js?rt=display&fmt=banner&org=8adasewre3atrefrejuj&fq=1&sl=1&p=web_4784975722&a=2593673425&cmp=5158660976&rd=https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&c1=N&c2=21842032368&c3=138285577872&c4=f_Y&c5=article&c6=right2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 18:43:19 GMT
age
3065
x-guploader-uploadid
ABg5-Uy-2R0ywbelfKG9mKPeg1xHqavt41rZHWPl5_uuaY8NAhUvg2YBFFyJMbG07M5q6xqztyIT_rUr39AibF_ctQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89647
last-modified
Wed, 27 Jan 2021 19:48:44 GMT
server
UploadServer
etag
"e0eff30579598f76147c9ea12f490d21"
x-goog-hash
crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
content-language
en
x-goog-generation
1611776924905378
x-goog-expiration
Sun, 11 Nov 2294 19:48:44 GMT
cache-control
public, max-age=3600
x-goog-stored-content-length
89647
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 08 Apr 2021 19:43:19 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DB9E 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 12:33:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 09 Apr 2021 12:33:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DB9E 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 18:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2387
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 09 Apr 2021 18:54:37 GMT
createjs-2015.11.26.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/libs/ Frame DB9E 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/libs/createjs-2015.11.26.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
47406
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49532
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 05:52:24 GMT
server
sffe
date
Thu, 08 Apr 2021 06:24:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 06:24:18 GMT
css
fonts.googleapis.com/ Frame 63D8 		2 KB
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 17:37:27 GMT
server
ESF
date
Thu, 08 Apr 2021 19:34:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Apr 2021 19:34:24 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 63D8 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 01:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 09 Apr 2021 01:08:59 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 63D8 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 18:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2387
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 09 Apr 2021 18:54:37 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-5652780-46&cid=1779260300.1617910451&jid=1595909207&gjid=39927482&_gid=1827362538.1617910462&_u=aChAgEAjAAAAAE~&z=1743853172
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 08 Apr 2021 19:34:24 GMT
content-type
text/plain
access-control-allow-origin
https://www.ibtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=730939292&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&ul=en-us&de=UTF-8&dt=Who%20Is%20Dr.%20Rochelle%20Walensky%3F%20Meet%20Biden%E2%80%99s%20CDC%20Director%20Pick&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgEAj~&jid=1595909207&gjid=39927482&cid=1779260300.1617910451&tid=UA-5652780-46&_gid=1827362538.1617910462&gtm=2wg3v05F22G6&cd1=Dawn%20Geske&cd2=national&cd3=IBTimes&cd4=us&cd5=en&cd6=article&cd7=3096369&cd8=20201207&cd9=202012&cd10=us.ibtimes%2Fnational%2Farticles&cd12=No&cd13=N&cd14=Y&cd15=Y&cd17=Coronavirus%2CUS%20News%2CHealth%2CNews&cd18=No&cd19=web&cd20=10&cd21=4&cd22=article&cd23=web&cd25=Coronavirus&cd26=Y&cd27=nonpromoted&z=532563368
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34247
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
v2dlbnLcHZEFdFubU0txFDgXygEPPq-4Zsq1TxY7ltatTFfSNRP9KunueVYyqWEgAE2EQaMGsVDoMvwC2u0zjpV2TpjO0nvuawaUhoCyGEBUtwhc
stalesummer.com/ 		3 B
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stalesummer.com/v2dlbnLcHZEFdFubU0txFDgXygEPPq-4Zsq1TxY7ltatTFfSNRP9KunueVYyqWEgAE2EQaMGsVDoMvwC2u0zjpV2TpjO0nvuawaUhoCyGEBUtwhc
Requested by
Host: stalesummer.com
URL: https://stalesummer.com/v2jwa09-ea5JgtGMI8UDv_W4HlKfJLPJbfeNXviAWNmyjExu0se_D1bU_Pr8x9zyUiVxfGFG-_0hNq8v4c7qG8GBjE4T6vWc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.48.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Thu, 08 Apr 2021 19:34:25 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ibtimes.com
access-control-allow-credentials
true
x-hostname
327907e0
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0F84 		143 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlTFBy18_gq4MKRiIG8d6oE3O6PDGYkSqImoppFZfbTv0h8n6EcKRPG7UMCt0w
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 08 Apr 2021 19:23:25 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
660
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D481 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9389118c677297980c556c8a85056a08ad36e182f2d7943d248fb4dbab8e2f7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3C53 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4691af8448e9bbd6a07be5112e2a56e6d850c312946b9fd8194495c71688b16b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.com/ads/ 		42 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-5652780-46&cid=1779260300.1617910451&jid=1595909207&_u=aChAgEAjAAAAAE~&z=1311010135
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-5652780-46&cid=1779260300.1617910451&jid=1595909207&_u=aChAgEAjAAAAAE~&z=1311010135
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdnf.js
pix.adrta.com/ Frame 69DB 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.adrta.com/cdnf.js?v=22.60
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/s/pbm/aa.js?cb=592022649_1617910447_157297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
306a6db10299c60e460a8d16b079ab2a3e6549b0be0f9f84c3cab3ae93fbc056

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
i2othqylAxLfexdKBfIHaQyn4fr.QUd1
content-encoding
gzip
last-modified
Thu, 10 Dec 2020 07:38:04 GMT
server
AmazonS3
age
88381
etag
W/"a57dd4b119b594e815ef56b84b5180f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5828aeb3ed46863908c51896fd6ce33e.cloudfront.net (CloudFront)
date
Thu, 08 Apr 2021 01:29:34 GMT
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
HJOZMAyJDSHbMPx39RBjgj88RrLXo7z1nrqEGPAlOYSJUlLXvya4LA==
visit.js
tps.doubleverify.com/ Frame BB9D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3A3E%3A%3E6D%5D4%40%3ETauH9%40%5C5C%5CC%40496%3D%3D6%5CH2%3D6%3FD%3CJ%5C%3E66E%5C3%3A56%3FD%5C454%5C5%3AC64E%40C%5CA%3A4%3C%5Cb_hebehTbu09D%3E%3ATbshehedafcTae09D6%3F4TbsAap%7DBEK%5Cg9%3DIb4gb%26%7C%7Bce%3C%3D%3F%25%3F*c%3A%3De%3A%244%7D0ytu*%3Ba%25%22h%24B_%3FI%27yf_aGr%3A4y*(B%2B%22yH!6fFcaq0%2B%5Ct%2302x%3D%3D3A%3Fvehb%27Kr%5CK~5pv%2B%22w%23%60vtA%40bfz8B*%3FG%7Be(4U2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3A3E%3A%3E6D%5D4%40%3ETar9EEADTbpTauTauHHH%5D%3A3E%3A%3E6D%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1617910465923190&jsCallback=dvCallback_1617910465923948&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1165&tgjsver=1165&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&fwc=3&fcl=199&flt=23&fec=1236&fcifrms=27&brh=2&dvp_epl=502&noc=16&ctx=19955922&cmp=DV451308&btreg=5158660976138285577872&btadsrv=5158660976138285577872&adsrv=104&unit=300x250&seltag=1&sadv=4784975722&ord=2593673425&litm=5158660976&scrt=138285577872&splc=/43459271/us.ibtimes/right2&adu=21842032368&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=135879873.54763925&dvp_tukv=114466622594.11841&dvp_uuid=11438339001.332043&dvp_tuid=109523485992&dvp_vcms=231&dvp_slmsd=1412&dvp_vcmsd=1643
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.24 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e05dbcfb46c6125599a6715bab49bdfe93a39a4676a3261c64cedd30d926d518

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:25 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
4/7/2021 7:34:26 PM
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 63D8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
253146
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame ED0C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 08 Apr 2021 19:34:26 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 08-Apr-2021 20:34:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 08 Apr 2021 19:34:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 08 Apr 2021 19:34:26 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
aux.fqtag.com/aux/ Frame 69DB 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/i
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Apr 2021 19:34:26 GMT
via
1.1 google
alt-svc
clear
truncated
/ Frame 69DB 		26 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
ee0b9c04dc
bam-cell.nr-data.net/events/1/ Frame 80DC 		24 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/ee0b9c04dc?a=363164778&v=1208.49599aa&to=NQQGNhBXV0BZVkJdDgxOJxcRQlZeF3hZUDYHAyINEFtvAQIPZVwOFTYBACRZS14YGAgUEgsVAVA%3D&rst=19424&ck=1&ref=https://ibt-mail.com/site2/ibt_us_2021/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://ibt-mail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 08 Apr 2021 19:34:26 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://ibt-mail.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-Ray
63cdeee18f75edab-CDG
Content-Length
24
cf-request-id
095493a0f40000edab21a2f000000001
khaos.jpg
token.rubiconproject.com/ Frame A163 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
activeview
pagead2.googlesyndication.com/pcs/ Frame D481 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDWua9DNc7BXY5rVxMwVfWht4oHGtJw7Fm5IqaqoxHrn5SEwly9dO_t-5C6uGxgIpNnVNFMiPiZ625G13OQH1CKESNARegyqZG3M4hJR9jkYylLflkuo5_FT4KfA&sai=AMfl-YQf1uCQq-JdgeibOyA3bNLr_WweQnMRhLNwwufn3s7KbwXKSXo8YGghPbJ2cSLIH_XmBqGjc2ksiq9M0ahEIxq2yP277VUMNf0wAf55LyE-e000jzNS9a8Rzrnzj7k&sig=Cg0ArKJSzD1aABrCRKpzEAE&cid=CAASPeRoSdNIkRYnj1y4riPKYEsO0PLGMoTPgJQfNJt4R4_8v4Jkga4MM_0rZfn1PGwW2c9oR0HG8v0UWWZM5YQ&id=osdim&mcvt=1545&p=360,1033,960,1333&mtos=1545,1545,1545,1545,1545&tos=1545,0,0,0,0&v=20210407&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=707301492&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617910452515&dlt=4486&rpt=3658&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abt
capi.connatix.com/tr/ Frame 8D8A 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=112385
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Apr 2021 19:34:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
c1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/images/ Frame DB9E 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/images/c1.jpg?1617756929006
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28e3c5ce90d833f2245c960fb702ddb9bc95c4d2c1708e5db0a4402a48282886
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
47456
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8769
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 05:52:24 GMT
server
sffe
date
Thu, 08 Apr 2021 06:23:31 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 06:23:31 GMT
d
aux.fqtag.com/aux/ Frame 69DB 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/d
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Apr 2021 19:34:27 GMT
via
1.1 google
alt-svc
clear
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0F84
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
164 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 08 Apr 2021 19:34:27 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 08-Apr-2021 20:34:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 08 Apr 2021 19:34:27 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 08 Apr 2021 19:34:27 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ziegler-teppich.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 63D8 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ziegler-teppich.jpg
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08ea8b5f827ea4d281efb2b160528f1f3c42ee6a3293effd59b371a92915acbc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
8971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37936
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 08 Apr 2021 17:04:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 17:04:56 GMT
gabbeh-teppich.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 63D8 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/gabbeh-teppich.jpg
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd7e0f21fb756e7baf6c321c6a895710711a7dca6afa20ac2c7fc1f49ba401e9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
8971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25417
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 08 Apr 2021 17:04:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 17:04:56 GMT
cta_de.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 63D8 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/cta_de.svg
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
480caf8d247b71c562b2f2e63c824fbcc81d5b07861a752c4db9ff270bb16e2e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
8971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1657
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 08 Apr 2021 17:04:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 17:04:56 GMT
keshan_teppich.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 63D8 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/keshan_teppich.png
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cd810c7b0062ca026e5f21f80ff89d6f08e1a6736c7601c34bf2b640d664e96
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
8971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46623
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 08 Apr 2021 17:04:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 17:04:56 GMT
logo-nain.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 63D8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/logo-nain.jpg
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f048e73e39dfe007152d73f23869d3645ebb5ad4083e0261a5d00b77492ce63
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
8971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5957
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 08 Apr 2021 17:04:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 17:04:56 GMT
c2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/images/ Frame DB9E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/images/c2.jpg?1617756929006
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24cbca0ed88285ae9e7f36b5d44662d4cadd4ccdcc72e89c83b5291ce2950c11
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
47424
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8487
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 05:52:24 GMT
server
sffe
date
Thu, 08 Apr 2021 06:24:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 06:24:03 GMT
truncated
/ Frame 63D8 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
logo-nain.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 63D8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/logo-nain.jpg
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f048e73e39dfe007152d73f23869d3645ebb5ad4083e0261a5d00b77492ce63
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
8971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5957
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 08 Apr 2021 17:04:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 17:04:56 GMT
keshan_teppich.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 63D8 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/keshan_teppich.png
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cd810c7b0062ca026e5f21f80ff89d6f08e1a6736c7601c34bf2b640d664e96
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
8971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46623
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 08 Apr 2021 17:04:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 17:04:56 GMT
cta_de.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 63D8 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/cta_de.svg
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
480caf8d247b71c562b2f2e63c824fbcc81d5b07861a752c4db9ff270bb16e2e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
8971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1657
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 08 Apr 2021 17:04:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 17:04:56 GMT
gabbeh-teppich.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 63D8 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/gabbeh-teppich.jpg
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd7e0f21fb756e7baf6c321c6a895710711a7dca6afa20ac2c7fc1f49ba401e9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
8971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25417
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 08 Apr 2021 17:04:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 17:04:56 GMT
ziegler-teppich.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 63D8 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ziegler-teppich.jpg
Requested by
Host: 3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
URL: https://3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08ea8b5f827ea4d281efb2b160528f1f3c42ee6a3293effd59b371a92915acbc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
8971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37936
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 08 Apr 2021 17:04:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 17:04:56 GMT
c3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/images/ Frame DB9E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/images/c3.jpg?1617756929006
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c3b6a1bb44797d2090c3cd0df14e5930f21764bec666d2b642a7ce221a08380
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
47424
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8518
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 05:52:24 GMT
server
sffe
date
Thu, 08 Apr 2021 06:24:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 06:24:03 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 19AF 		156 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F2570&description_url=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1310437028101313&cust_params=domains%3Dwww.ibtimes.com&sdkv=h.3.450.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2978421690&sdk_apis=2%2C8&sid=5D520D89-6DA3-4C56-B3FD-7EDA476BCA4F&eid=31061774%2C44729227&url=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&dt=1617910467379&cookie_enabled=1&scor=2075940234738073&ged=ve4_td21_tt2_pd21_la21000_er1785.318.1938.618_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
c5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/images/ Frame DB9E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15820888000315199420/300x600_Crypto3_CYSEC/images/c5.jpg?1617756929006
Requested by
Host: www.ibtimes.com
URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48bb8352a6dcfefa13c24ca11be58b98be7f6dd959147f65cff088117e5fe0b6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
47424
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7161
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 05:52:24 GMT
server
sffe
date
Thu, 08 Apr 2021 06:24:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 06:24:03 GMT
g
capi.connatix.com/rtb/ Frame 8D8A 		0
0
st
capi.connatix.com/tr/ Frame 8D8A 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=112385
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Apr 2021 19:34:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
bridge3.450.0_en.html
imasdk.googleapis.com/js/core/ Frame 56EA 		574 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.450.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191926
date
Thu, 08 Apr 2021 02:43:30 GMT
expires
Fri, 08 Apr 2022 02:43:30 GMT
last-modified
Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
60658
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
a
aux.fqtag.com/aux/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/a
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Apr 2021 19:34:29 GMT
via
1.1 google
alt-svc
clear
event.png
tps20248.doubleverify.com/ Frame BB9D 		67 B
442 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tps20248.doubleverify.com/event.png?impid=0f9d934e30334bb88a0e9115fb6487d9&gdpr=&gdpr_consent=&vdur=43&eoid=5&msrjs=1165&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1617910469098379
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:29 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.ibtimes.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
4/7/2021 7:34:29 PM
a
aux.fqtag.com/aux/ Frame 69DB 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/a
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Apr 2021 19:34:29 GMT
via
1.1 google
alt-svc
clear
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D58B 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
632
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 08 Apr 2021 20:23:57 GMT
integrator.js
adservice.google.com/adsid/ Frame 8D8A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 19:34:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.450.0_en.html
imasdk.googleapis.com/js/core/ Frame C62B 		574 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.450.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191926
date
Thu, 08 Apr 2021 02:43:30 GMT
expires
Fri, 08 Apr 2022 02:43:30 GMT
last-modified
Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
60659
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
aux.fqtag.com/aux/ Frame 69DB 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/p
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Apr 2021 19:34:29 GMT
via
1.1 google
alt-svc
clear
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1F36 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
632
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 08 Apr 2021 20:23:57 GMT
event.png
tps20248.doubleverify.com/ Frame BB9D 		67 B
442 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tps20248.doubleverify.com/event.png?impid=0f9d934e30334bb88a0e9115fb6487d9&gdpr=&gdpr_consent=&msrcanlm=8648&msrcannum=4&eoid=8&ismms=303&isumms=303&isvelg=1&nvr=2&isgmmims=303&isgmv4mims=303&isbxdms=3552&b0=3424&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1.0&dvp_mvpiss=0&lftb=3424&sftb=3424&msrdp=3&naral=8256&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=289&dvp_hdnAd=0&dvp_dpr=1&dvp_ltspl=22592&cbust=1617910469975329
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:29 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.ibtimes.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
4/7/2021 7:34:29 PM
integrator.js
adservice.google.com/adsid/ Frame 8D8A 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 19:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame C62B 		156 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F2570&description_url=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3230336104753425&cust_params=domains%3Dwww.ibtimes.com&sdkv=h.3.450.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3772963419&sdk_apis=2%2C8&sid=5D520D89-6DA3-4C56-B3FD-7EDA476BCA4F&eid=31061774%2C44729227&url=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&dt=1617910470258&cookie_enabled=1&scor=3387146938538709&ged=ve4_td24_tt5_pd24_la24000_er1785.318.1938.618_vi0.0.1200.1600_vp0_ts3_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.450.0_en.html
imasdk.googleapis.com/js/core/ Frame BCF8 		574 KB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.450.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191926
date
Thu, 08 Apr 2021 02:43:30 GMT
expires
Fri, 08 Apr 2022 02:43:30 GMT
last-modified
Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
60660
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
PugMaster
image6.pubmatic.com/AdServer/ Frame D952 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=51207597&p=158003&s=576386&a=0&ptask=DSP&np=0&fp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
111f3ebbf0f4aa0fb20792776c4cc49c1b3854a94c4b65f20e16e4f5757ecec0

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:29 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 334B 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
633
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 08 Apr 2021 20:23:57 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D952
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJb4jJq3uQOB9CYWEtFtlQY&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJb4jJq3uQOB9CYWEtFtlQY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:31 GMT
X-lat
lhrpug011:0:430
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJb4jJq3uQOB9CYWEtFtlQY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D952 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=51207597&p=158003&s=576386&a=0&ptask=DSP&np=0&fp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:30 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 07 Apr 2021 19:34:30 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D952
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d4108b15-3442-4854-9d59-c816acbe4330
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d4108b15-3442-4854-9d59-c816acbe4330
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:29 GMT
X-lat
amspug011:0:517
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d4108b15-3442-4854-9d59-c816acbe4330
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame B01A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3771753027293815588
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3771753027293815588
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=51207597&p=158003&s=576386&a=0&ptask=DSP&np=0&fp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=3C1212EC-302B-438D-A637-AAC164404336; chkChromeAb67Sec=1; SyncRTB3=1619049600%3A7_220_21_13_161_54_56_3%7C1619136000%3A35%7C1618704000%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 08 Apr 2021 19:34:30 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-3771753027293815588; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 08-May-2021 19:34:30 GMT; path=/ PugT=1617910470; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 08-May-2021 19:34:30 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 07-Jul-2021 19:34:30 GMT; path=/
X-lat
lhrpug008:0:436
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3771753027293815588
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame EE0D 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=51207597&p=158003&s=576386&a=0&ptask=DSP&np=0&fp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 08 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1278
x-powered-by
ASP.NET
date
Thu, 08 Apr 2021 19:34:30 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame D952
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8321978001525869727
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8321978001525869727
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:29 GMT
X-lat
amspug014:0:388
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:30 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8321978001525869727
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame D952
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ef87606f-5ac9-4700-8275-fea9832ff417&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ef87606f-5ac9-4700-8275-fea9832ff417&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:32 GMT
X-lat
amspug011:0:373
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 08 Apr 2021 19:35:40 GMT
Server
MT3 3660 495c301 master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ef87606f-5ac9-4700-8275-fea9832ff417&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 08 Apr 2021 19:35:39 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D952
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2685647720955944767&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2685647720955944767&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:31 GMT
X-lat
lhrpug005:0:481
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 19:34:30 GMT
X-Proxy-Origin
83.97.23.12; 83.97.23.12; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.55:80
AN-X-Request-Uuid
8b143154-bf49-46e8-a011-81077eeaf05d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2685647720955944767&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D952
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0MxMjEyRUMtMzAyQi00MzhELUE2MzctQUFDMTY0NDA0MzM2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:31 GMT
X-lat
lhrpug006:0:428
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D952
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=b1390159-25d3-43fb-a3b8-a7f3f93272e9&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=18ed9d2b-5f54-4606-9a6c-efd34391dba6&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=18ed9d2b-5f54-4606-9a6c-efd34391dba6&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:29 GMT
X-lat
amspug007:0:451
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=18ed9d2b-5f54-4606-9a6c-efd34391dba6&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 08 Apr 2021 19:34:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
integrator.js
adservice.google.com/adsid/ Frame 8D8A 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 19:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame BCF8 		156 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6650&description_url=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=912873796559486&cust_params=domains%3Dwww.ibtimes.com&sdkv=h.3.450.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2978421690&sdk_apis=2%2C8&sid=5D520D89-6DA3-4C56-B3FD-7EDA476BCA4F&eid=31061774%2C44729227&url=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc&dlt=1617910446377&idt=24757&dt=1617910471328&cookie_enabled=1&scor=707072999996972&ged=ve4_td25_tt6_pd25_la25000_er1785.318.1938.618_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
d
aux.fqtag.com/aux/ Frame 69DB 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aux.fqtag.com/aux/d
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:298e:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Apr 2021 19:34:31 GMT
via
1.1 google
alt-svc
clear
abt
capi.connatix.com/tr/ Frame 8D8A 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=112385
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 08 Apr 2021 19:34:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.ibtimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
SPug
simage4.pubmatic.com/AdServer/ Frame D952 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158003&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 19:34:32 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
ipv6.adrta.com/ Frame 69DB 		132 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipv6.adrta.com/?callback=_1617910473113
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:b4f:4b04:d62d:ca97:4db6:4e65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 / Express
Resource Hash
2085919a8c7735896dcac3715aa8b1847f19d8c6ea7bb7a2a3a0fbcc925293d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:34:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.10.3
x-powered-by
Express
etag
W/"84-aHVosCAMn4LbwXjvH3LyCqbq5W8"
content-type
text/javascript; charset=utf-8
i
adrta.com/ Frame 69DB 		143 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=18799218&__aasv=22.61&__aaii=48818109311557796&__aait=1617910464136&__aavz=-120&__aaib=1&__aaai=1&__aaaa=0&__aafl=1200&__aaaf=1&__aaag=6&__aaax=0&__aaay=0&__aasz=300x250&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=592022649_1617910447_157297&__aaxf=83.97.23.12%2C%2010.1.3.70&__aaci=pbm&paid=pbm&kv24=1&avid=1157489&plid=2996188549719511046&lineItemId=&caid=23026&publisherId=158003&pricePaid=0.1&kv12=2117963&siteId=576386&kv3=&kv15=58&kv11=7AAF966C-16FF-4E67-B960-296436A538A3&kv18=&kv19=&kv5=452&kv6=30384&kv13=ibtimes.com&kv8=ibtimes.com&kv2=ibtimes.com&__aapu=https%3A%2F%2Fwww.ibtimes.com%2Fwho-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369&__aapr=&__aatu=https%3A%2F%2Fwww.ibtimes.com
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.211.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
bcc43c712dca84545418cf60d41e309f91b92e33acf6401905300e44ed119201

Request headers

Referer
https://www.ibtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 19:34:33 GMT
content-encoding
gzip
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
vary
Accept-Encoding
content-type
text/javascript;charset=ISO-8859-1
cache-control
no-cache
content-length
100
expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
Domain
capi.connatix.com
URL
https://capi.connatix.com/rtb/g?v=112385

Verdicts & Comments Add Verdict or Comment

370 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated number| _sf_startpt object| dataLayer number| timerStart boolean| gdprAppliesGlobally function| __cmp function| ibtGetCookie number| hb_debug function| nw_log object| xuaInfo function| __uspapi string| site_name string| site_id string| site_domain string| ibtmedia_device string| is_uxab string| is_video_embed string| ibp1 string| ibp2 string| is_slideshow string| s_layout string| is_slideshow_firstpage string| s_player string| enable_sponsor_logo string| sponsor_logo_slot string| is_prod number| numPr number| rf string| dfp_cat string| group_cat string| excl_label string| amzn_video_bid number| amzn_video_bid_flag string| prebid_video_bid string| prebid_cust_param string| NoPassFQ string| fbprom string| fbpromoc string| otherpromoc object| keyEx string| keyExC number| wo_on string| gdpr_video string| npa_consent string| consent_string number| is_gdpr boolean| ccpa_status object| dfpSlots boolean| fl string| fls string| w1200 string| referrer function| nwsetCookie string| pageRefresh number| fqv string| ts function| parseQueryString string| urlToParse object| utm_result string| utm_source number| nonPersonalizedAds function| getBrowser function| setDfpRefreshKV function| setDfpRefreshKey function| clearDfpRefreshKey number| win_w number| win_h string| wo_browser string| wo_pageurl string| win_size string| wo_placement string| wo_section string| wo_layout string| wo_pagetype string| fq_pagetype string| wo_devicetype string| wo_domint string| wo_adblock string| ic11_morph undefined| il_geo string| wo_geocode string| wo_ip string| pageFocus function| TrafficSource string| trsource string| dfp_adunit function| admiral object| googletag object| cmp object| ccpaConfiguration object| node function| __ccpa boolean| fqs_loaded boolean| fqsp_loaded boolean| fqs_load_timeout boolean| pbjs_loaded boolean| amznads2_loaded boolean| is_bot number| abt_rand string| abt string| purlen string| fq_ref function| extractHostname string| fq_ref_source string| doc_hostname string| fq_source string| pb_videos object| dfpEx object| fqtag object| PWT function| fq_callback object| fqs function| amznVideoAPS function| amznVideoAPS_refresh number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| pbjs function| initAdserver number| hb_timeout_var function| verification_callback object| adUnits function| prebidVideoAd_refresh object| videoAdUnit object| apstag object| fonts object| font number| pos undefined| current_time undefined| key function| cnxps function| pbjsChunk object| _pbjsGlobals function| GRAPP function| CE object| GRWF2 object| DATAFILE object| webformId_12 object| ggeac object| google_js_reporting_queue object| __twttrll object| twttr object| __twttr function| advagg_run_check function| advagg_run_check_inner function| advagg_font_add_font_classes_on_load function| advagg_font_check function| OneWorldPollerClass function| isIE object| oneWorldPoller object| _hsp boolean| apstagLOADED object| __cmpBuffer function| 4dm1r11545242527 object| wpJsonpLiverampCcpaCmp function| setImmediate function| clearImmediate object| core object| _mgIntExchangeNews object| onClickExcludes function| mgReject307820 function| mgLoadAds307820 function| MarketGidCReject307820 function| MarketGidLoadGoods307820 function| AdskeeperCReject307820 function| AdskeeperLoadGoods307820 function| LentaInformCReject307820 function| LentaInformLoadGoods307820 function| IdealMediaCReject307820 function| IdealMediaLoadGoods307820 function| mgReject317456 function| mgLoadAds317456 function| MarketGidCReject317456 function| MarketGidLoadGoods317456 function| AdskeeperCReject317456 function| AdskeeperLoadGoods317456 function| LentaInformCReject317456 function| LentaInformLoadGoods317456 function| IdealMediaCReject317456 function| IdealMediaLoadGoods317456 function| mgReject725222 function| mgLoadAds725222 function| MarketGidCReject725222 function| MarketGidLoadGoods725222 function| AdskeeperCReject725222 function| AdskeeperLoadGoods725222 function| LentaInformCReject725222 function| LentaInformLoadGoods725222 function| IdealMediaCReject725222 function| IdealMediaLoadGoods725222 function| mgReject740745 function| mgLoadAds740745 function| MarketGidCReject740745 function| MarketGidLoadGoods740745 function| AdskeeperCReject740745 function| AdskeeperLoadGoods740745 function| LentaInformCReject740745 function| LentaInformLoadGoods740745 function| IdealMediaCReject740745 function| IdealMediaLoadGoods740745 function| mgReject757863 function| mgLoadAds757863 function| MarketGidCReject757863 function| MarketGidLoadGoods757863 function| AdskeeperCReject757863 function| AdskeeperLoadGoods757863 function| LentaInformCReject757863 function| LentaInformLoadGoods757863 function| IdealMediaCReject757863 function| IdealMediaLoadGoods757863 function| mgReject863739 function| mgLoadAds863739 function| MarketGidCReject863739 function| MarketGidLoadGoods863739 function| AdskeeperCReject863739 function| AdskeeperLoadGoods863739 function| LentaInformCReject863739 function| LentaInformLoadGoods863739 function| IdealMediaCReject863739 function| IdealMediaLoadGoods863739 function| mgReject947807 function| mgLoadAds947807 function| MarketGidCReject947807 function| MarketGidLoadGoods947807 function| AdskeeperCReject947807 function| AdskeeperLoadGoods947807 function| LentaInformCReject947807 function| LentaInformLoadGoods947807 function| IdealMediaCReject947807 function| IdealMediaLoadGoods947807 function| mgReject1086935 function| mgLoadAds1086935 function| MarketGidCReject1086935 function| MarketGidLoadGoods1086935 function| AdskeeperCReject1086935 function| AdskeeperLoadGoods1086935 function| LentaInformCReject1086935 function| LentaInformLoadGoods1086935 function| IdealMediaCReject1086935 function| IdealMediaLoadGoods1086935 string| _mgCanonicalUri object| vpb boolean| _mgPageViewPixel48526 object| __uspapiBuffer function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| cnx_usr_storage boolean| _hspb_loaded object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded object| s object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal boolean| _mgPageView48526 object| _mgq function| _mgqp number| _mgqt number| _mgqi function| init_drupal_core_settings function| advagg_mod_2 function| advagg_mod_2_check undefined| $ function| jQuery object| Drupal object| jQuery17204081027483498836 function| DataLayerHelper function| ibtmediaDfp string| adblock_status function| socialnewsletterValidateEmail function| analyticsEvent function| BlockAdBlock object| blockAdBlock function| Swipe undefined| ie boolean| moved function| FontFaceObserver object| lazySizesConfig object| lazySizes object| settings string| container_class object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| cnxPlugins function| LoadCriteoAllPlaces307820 boolean| i.js.loaded boolean| i-noref.js.loaded object| _comscore object| FB object| google_tag_manager function| fqPixel boolean| gaLoaded boolean| domLoaded function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm object| google_tag_data string| GoogleAnalyticsObject function| ga object| _sf_async_config object| gascrolldepth object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule boolean| isOSXSafari undefined| safariScript undefined| o object| regeneratorRuntime boolean| _babelPolyfill function| bowser object| mailnami object| Pushnami function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval function| udm_ object| ns_p object| COMSCORE number| google_global_correlator object| gaplugins object| gaData object| closure_lm_637175 function| cnxAddEventListener

0 Cookies

64 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VVY0jz5_lRmTW96B6pN4p6pmmW8tMMP_4kl6NjN3NdJGL2-Hw7V1-WJV7CgYMSVtBlVv3TdRvkW1Z818z83j21vVzjJ_h8MhBlPMYpLR0w9xnXW5RG3ZB3K_3mkW1zjk3f7cgfG0W3wYDW051cMfBW4Zh8gL4HXd-mVGk-lV8THxqgW26CgmF2MWJKBW8n9ZnK1Nk8C6V4cHVz6sJxcdVVmpx771gFX2VhJ7Jp5z4B_KN3qSgjN5mtq7W8wdL9Z6XV0BVW4S3Chw8KBXDjW4ddq_D6p9qdmW8Jyzzy3TC7HwW2vTT4w98tn5gW58h8Cs5N9QWXW8n-SbX4BkpgyW2P7gt799KfMxW5GyxzZ1yBrvp3mnt1(Line 13)
Message:
toS
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc(Line 103)
Message:
ts: nonpromoted
console-api warning URL: https://s1.ibtimes.com/sites/all/modules/modules-custom/fusion/fusion_ads/js/prebid.js?v=4.25(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc(Line 300)
Message:
prebid_ads_pb_video_slots Y 2861
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc(Line 175)
Message:
prebid_ads prebid.js loaded 3103
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc(Line 175)
Message:
prebid_ads gpt.js loaded 3621
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc(Line 211)
Message:
excl_label2:
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc(Line 212)
Message:
prebid_ads_fq_callback 500 4016
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc(Line 213)
Message:
prebid_ads_NoPassFQ Y 4017
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterInitHooks hook SubnetsBlock start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterInitHooks hook SmartDoubleClickBlock start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterInitHooks hook initAntiFraud start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterInitHooks hook pageViewPixel start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Servicer promise start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Header bidding promise start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Timeout promise start
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc(Line 282)
Message:
prebid_ads_amznads2_setDisplayBids: true 6349
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Timeout promise resolve
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterPreRenderNewsHooks hook calcPreRenderingBlock start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Header bidding promise resolve
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Timing: 1477ms
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Servicer promise start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterInjectScriptHooks hook MgqBlock start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterInjectScriptHooks hook SspDoubleClickBlock start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Header bidding promise start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Timeout promise start
console-api log URL: https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__ovEBOfTvFzex75xXUyTbh-LqlqqowtmULfPthTrQnAI__MRT_a3fddNLgFfSPnYc1w6uAfQf08xoYyotvIy14uMc__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js(Line 1331)
Message:
Font2 is available
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Header bidding promise resolve
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Timing: 338ms
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Timeout promise resolve
console-api log URL: https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__ovEBOfTvFzex75xXUyTbh-LqlqqowtmULfPthTrQnAI__MRT_a3fddNLgFfSPnYc1w6uAfQf08xoYyotvIy14uMc__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js(Line 1331)
Message:
Font1 is available
console-api log URL: https://s1.ibtimes.com/sites/www.ibtimes.com/files/advagg_js/js__ovEBOfTvFzex75xXUyTbh-LqlqqowtmULfPthTrQnAI__MRT_a3fddNLgFfSPnYc1w6uAfQf08xoYyotvIy14uMc__JZAvoq7D0YgRzVBBCfofmlye8bv-UEhB2RhalTA4a90.js(Line 1331)
Message:
Font3 is available
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Servicer promise resolve
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Header bidding. Promise.all resolve
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c [object Object],[object Object]
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c HeaderBiddingDebug. Time: 338. DBTimeout: 300. RealTimeout: 360. SSP: 2323 SspBid: -1. Status: lose. Data: {"width":300,"height":250,"adId":"63553417922.90","ad":"","code":"mgBanner_307820_1_2","bid":0.65,"requestSizes":[300,250],"run":0}.
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c beforeLoadNewsHooks hook AdvertLinkBlock start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c beforeLoadNewsHooks hook initRejectStyles start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook AdvertLinkBlock start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook smallBlur start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook ActivateDelayBlock start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook MonitorBlock start
console-api debug URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 943)
Message:
[object HTMLImageElement]
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook fixWrongExternalImages start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook initIntExchangeLabels start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook addRejectButtons start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook initCriteoHandlers start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook iExchangeLoggerInit start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook initWidgetObserver start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook handleAdtelligentPostWin start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook hangAFListener start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook initAntifraudStatistics start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook cmPixelLoad start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook handleExternalCountersListener start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook addPreviewEvent start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook countersLoad start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook compositeComscoreCountersLoad start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook gradientRendering start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook responsiveInit start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c afterLoadNewsHooks hook parseImpTracker start
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c Observer. Widget hidden. Ratio: 0
console-api log URL: https://jsc.mgid.com/i/b/ibtimes.com.307820.js?t=1213819(Line 747)
Message:
WIDGET_307820_0641c observerWidgetHooks hook setWidgetRealShowTime start
console-api error URL: https://frontend.1worldonline.com/poller-constructor.js?ncu=%%CLICK_URL_ESC%%(Line 1)
Message:
URIError: URI malformed
console-api log URL: https://www.ibtimes.com/who-dr-rochelle-walensky-meet-bidens-cdc-director-pick-3096369?_hsmi=96965274&_hsenc=p2ANqtz-8hlx3c83UML46klnTnY4il6iScN_JEFYj2TQ9Sq0nxVJ702vCicJYWqZQJwPe7u42B_Z-ER_aIllbpnG693VzC-zOdAGZQHR1GEpo37KgqYnvL6Wc(Line 499)
Message:
::DFP:: /43459271/us.ibtimes/right1 dfp-ad-right1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3afbe02e01b9ca1054cde560291e3528.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
adrta.com
ads.adaptv.advertising.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
aktrack.pubmatic.com
ap.lijit.com
api.pushnami.com
api.rlcdn.com
app.1worldonline.com
aud.pubmatic.com
aux.fqtag.com
b1sync.zemanta.com
bam-cell.nr-data.net
bcp.crwdcntrl.net
biddr.brealtime.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.mgid.com
c1.adform.net
capi.connatix.com
ccpa-wrapper.privacymanager.io
ccpa.privacymanager.io
cd.connatix.com
cdn.doubleverify.com
cdn.feeds.ibt.com
cdn.fqtag.com
cdn.jsdelivr.net
cdn.mgid.com
cds.connatix.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
connect.facebook.net
creativecdn.com
d1.spcdn.ibt.com
d2fw4nb4g546bx.cloudfront.net
d5p.de17a.com
dau-prod.launch.liveramp.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
feeds.ibt.com
fonts.googleapis.com
fonts.gstatic.com
fqtag.com
frontend.1worldonline.com
geo.privacymanager.io
ghb.adtcontent.com
ghb.adtelligent.com
googleads.g.doubleclick.net
green.erne.co
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ibt-mail.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
info.silobreaker.com
ipv6.adrta.com
js-agent.newrelic.com
js-sec.indexww.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
jsc.mgid.com
match.adsrvr.org
match.sharethrough.com
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
pix.adrta.com
pixel.advertising.com
pixel.quantserve.com
platform.twitter.com
pr-bh.ybp.yahoo.com
pr.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
pubads.g.doubleclick.net
q.adrta.com
query.fqtag.com
r.scoota.co
reachms.bfmio.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.amazon-adsystem.com
s.yimg.com
s0.2mdn.net
s1.ibtimes.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
ssp.lkqd.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
stalesummer.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
sync.bfmio.com
sync.mathtag.com
sync.srv.stackadapt.com
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20248.doubleverify.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vid.connatix.com
visitor.fiftyt.com
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.ibtimes.com
x.bidswitch.net
capi.connatix.com
p.rfihub.com
104.111.230.142
104.111.238.139
104.16.199.73
104.160.77.202
104.17.119.107
104.19.132.78
104.19.216.61
104.244.42.72
13.225.74.124
13.226.159.101
13.226.159.90
136.144.59.88
142.250.185.66
142.250.186.102
146.20.128.52
151.101.114.137
151.101.14.110
151.101.14.137
151.101.14.49
151.139.128.11
162.247.243.146
169.50.137.190
172.217.16.130
178.250.2.151
18.185.199.226
18.194.69.169
18.194.69.213
18.202.255.125
184.30.212.16
184.31.84.150
185.183.112.148
185.184.8.30
185.29.135.226
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
192.132.33.46
199.60.103.254
2.18.232.130
2.18.233.180
2.18.234.21
213.155.156.166
213.19.162.31
213.254.244.11
213.254.244.24
216.52.2.30
216.58.212.162
2600:1901:0:298e::
2600:1f14:b4f:4b04:d62d:ca97:4db6:4e65
2600:9000:206f:b800:3:f9b0:4040:93a1
2600:9000:2070:6a00:9:dc53:cc00:93a1
2600:9000:20eb:ba00:17:1429:b980:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1857
2606:4700::6811:44b0
2606:4700::6811:d3cc
2606:4700::6812:14bf
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2006
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c0b::9d
2a02:26f0:6c00:2b2::4469
2a02:fa8:8806:16::1460
2a03:2880:f03f:1c:face:b00c:0:3
2a04:4e42:3::621
2a0c:5c81:5142::2
3.122.43.163
3.122.92.81
3.123.45.128
3.126.56.137
3.141.58.182
3.214.46.53
3.222.211.147
3.225.136.82
3.64.73.215
34.120.133.55
34.231.187.146
35.186.195.222
35.190.36.172
35.190.48.184
35.190.72.161
35.201.96.126
35.212.212.222
35.244.159.8
37.157.2.235
37.252.172.38
37.252.173.27
52.0.219.4
52.1.97.1
52.215.39.23
52.222.179.120
52.222.190.171
52.30.140.199
52.59.102.119
52.85.32.122
52.9.172.53
54.230.183.98
54.236.227.174
54.239.17.112
69.173.144.139
70.42.32.127
77.243.60.138
94.23.171.206
020e42187c4def3b2ae3fff87d07a1cc423189c2ef39424a5584f7ac21e73e00
03a24c1310b8410132d9ae5050ec0382090ee6897a7502b176b511073f826926
03d283f2f17be4c04ea761850cc390566dd28088987cfde0a82d227208027962
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0636b6a6221b92068103af929e10c7c14f1111e6df80da380a44c770d70dd4f9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0772fc050ede9a8a99f1c3c166e1f7d73e335dec65aab626c2e96c06053b08cd
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080
08ea8b5f827ea4d281efb2b160528f1f3c42ee6a3293effd59b371a92915acbc
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0b5735b14f45d2be0b5aa6c83855e88d323751ee3855d87aea82c81c501c0731
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf095b71113f5dce2d2fc47d5d8ae5ead9299bfd4ef43245fcd07b5de85a2a9
0c9ac233a87095c82fb409d77e1e8214461f3cffad4ddf119072b3f37caff6b1
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ccb3ef69052cc24ba622cbd07050ee6ed12ec3f18db8da76f254d8496609e93
0cd810c7b0062ca026e5f21f80ff89d6f08e1a6736c7601c34bf2b640d664e96
0cf1ba474abafe613d662160cb1ec98121c92a4269a0513750f3c5348ed4b596
0d36f71a98a5d73163c3aa0294b646abe665218ab260c1cf38d764907b5576c1
0e4e6d7711f0bda0c536407684f91e403f7f4df81daa9576ab010fc82ee5a0bb
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f96fb93bc2b3fa5fdc93e7e3818e9dcb44cf94838f2ad250d02baf4b857b24a
10236c9dc90b3bef0ded671457b4ce84702787b7a179d1f94d89d0a243a442f8
111f3ebbf0f4aa0fb20792776c4cc49c1b3854a94c4b65f20e16e4f5757ecec0
132285bd44c67b9f4057c575771278f5acff6f44b504d8527084d75d7ac6d36a
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
162009a148bbeaa25ffc3f87a1cb338deb9e9382e4133d0830be57a6afd6ebd1
1699160349f58f6de31833ab95b03ce6f1f5f9330ae1a869f913c9a62655db01
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18957da19be7c8e169e12ecdc59cb682438d17ae338ffa77effdcd550fbb3303
18c83a8262d369cf9fbbb50c4dfb646bda041a21519adc1f378d9048d83283bb
1b237a1ba04d5b9afafc7279af80aaa6856454f0cc5aebafc41e15e9235d9f5d
1fa16c1f74876eaeaf66d6f29d57c641c619fcf69ac55187039f4f82ff9a701f
2085919a8c7735896dcac3715aa8b1847f19d8c6ea7bb7a2a3a0fbcc925293d3
21ee5f6ac93e81bc1475113846a49fe87e86a2b1c9c6ccae82e675e4a278b3e0
240981ff82edee24ab6fec83feeff0b7eed77153d92802cb6cd63cc2cd812ab8
24cbca0ed88285ae9e7f36b5d44662d4cadd4ccdcc72e89c83b5291ce2950c11
264802e7eced559d7164c6488bec1ffe244a86b1142f5604ea38125edb8c3218
28e3c5ce90d833f2245c960fb702ddb9bc95c4d2c1708e5db0a4402a48282886
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
306a6db10299c60e460a8d16b079ab2a3e6549b0be0f9f84c3cab3ae93fbc056
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31d461edc2d67ca0cc50368c30ca486e59c21081935d28bd770ed665d096719f
34efcf210ef96afa362edb59c6409366a1b191f2c8884153355f8b6195f16a10
39428176597747b6e30c4f9e649d468c5e64c1bbcbed422fc9e78055066ee032
3ae3d3eb1219288546fde8f0528e0301e9638dd52049d4d99c5a2a439d2e2211
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c582c13afb2e573b58d9802cc8c8099a42502675d9302824f3da4540a266096
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f048e73e39dfe007152d73f23869d3645ebb5ad4083e0261a5d00b77492ce63
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
43908b5888a6e00ec02b5fc6dfcec351dbbe67b5740c67a399f1e7bdc561f69b
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4691af8448e9bbd6a07be5112e2a56e6d850c312946b9fd8194495c71688b16b
47f1eb008ae9ca3984834143fa71106a1c727579fe8feeb6de781bc73bd2393c
4804eeb4c4abffc4e7e36b96935ccb9e3ea97651dfbf522589e5c85be933f4e8
48051e4b1aa3d6ed46f83b00f861735ae4b367785242a14882c420143401288e
480caf8d247b71c562b2f2e63c824fbcc81d5b07861a752c4db9ff270bb16e2e
48bb8352a6dcfefa13c24ca11be58b98be7f6dd959147f65cff088117e5fe0b6
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a1550ff58a5feee216a1ecdd4600d93f10d3341fd159785f6749cba7401f84f
4a39e183ed871099822b33216254b5b1670f455f6e09baefab41656c65a42636
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e17ba7f7adef76f755128e7a9fa4d16b2eeade4408de77e87d31456d38aa515
50bdaa8b5540c2c86d0f9c281d25ab06d9bc47b277eabfc9a7c7ac88958cac58
521650f230fb40fdbfa06b56e8c084f9347fbf2a2e9fccd8216080f56cfb638b
53fd89fea0ae7c1ed2d979d0a2a01f047dd8cd100054d8ab40a903971a5da273
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0
554bc1440e7f58e518aae4facf8b6d5f34af6695c3a8d03c12003d1eb973989b
556980730b8cd33624472d18d121a92d1ee67a90298a8af55676a9862ecc9563
5728076234018dbf1689084e616e63f2e3c6d21734d132ef66018dc08583d52c
57af3dea3ba0fd1dc43dcb995eb3f260eeb518966d9591a47c524a43bbdad824
5c3b6a1bb44797d2090c3cd0df14e5930f21764bec666d2b642a7ce221a08380
5c4466ff84b1a553fb5be459ec0fbcd52bbec6c50c844a7be44883a4df849281
5c4ec4036fad42dce40b7218251fa00105aa29be0cf09e95bc7567094b939793
5d76bfd9f85e3234a9b76dd49cd69b6027195ce88730edabe677a5f65d0855e6
5e15e3a9dee94ae088448020979399786f324b6febda84f8cad07c5693d748d2
5e9c84aff9f01fd1d628eee363f2faab955890bca47a44194e4375d969577a9b
5edebe7fe34786494bceeb61373d10c7062aa925f4dafee67a2cc3dfc8fbfa8a
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60a5612e5f4c653140ff1e06163f7da51624734fca884c42faa1bb14fc87e6bc
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
617ed1372202ef2e46b7eace062da683f3d0799c80903e48d178963aeccff097
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
62f4399b4bcb57c4a56592d088bdf643dd39de6110c484510cf136fa691a6fcf
6560e5eef09f08ab7f5a4ce72c6c807dada80df97db47cbef951d886635fdd4c
66fac9123cbd9a55edc7720629d1442277db52c4a3e3d2f42854905e52022c8c
6741c1af7a6d2b28fabcb8af36b65da11f1ab49021cb619a13700e2e9685996a
675c6f677b3cb70247991150c36e460ccbaf94546161828f759d11a0709c2d2a
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
696866c30b777b15f77f82e6fbb21c7cf17fd9c147c5ad882434ee7ced7dc80c
697d1279d73b958fd39429e9d0cbc92b511747ed4cd5cd83927f7934d4dc713b
69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa
69b3919da02793bf06b57f9b353748842b2401fb189f16cc839931e965ad3787
6aae7f67b0a890728d141dd89c222472429682a0f2fc6273eb92dfc2f58126d6
6ad72c113d75bbfaae90516977a77e8d1c9b098b9d6d3e0a253d17e62ee267b1
6b29abc8436956e066a873ce5c1b926fdcad37a4d0e1ba5fddb6d015d7b4cb42
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c42e28bdb2ece0c67ac6b77ae7dfd6217849851b9e6abf298d51347377636e6
6d3b19b5e8f21c96321e4fb9f6eae461d1a37a7e0ff32246456c9e9ad7100e3a
6f2babf2cc23ba3832aa3c62c2d5f37e5ad0442c67d70405833112839dbb981a
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696
705e550f64fba3e0bcbb75e01203a90f7c6e66db64971a5bad3649bcf757194e
7152556f6e2f75d84c2ed3cd7a0cbff0d9a9bcb7b3dd7b99d2b4d97b4571e4ed
7229807aa5c1ebea34a0a7f188106ea1c4092977bbc1249d023bc17af5d86f1d
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73248d8a0e6784a368c58169f9e9357a2ea27eff985598f0725f66fed67b59f8
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
779d95f5d44d04cf408cb5e8186b65fc910b5a01f1aecef0c04cd768303caae5
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a8ebc460823b2461b87289b3d3b0684ceda3894de7a8ffbab739d5ab29dab15
7aa454a248dd562f15cc9ef4ca5ead5f1243ab499856d5eff79c94e425c5c4e4
7b2f04c2b0aa806909c251172702b0a37aa8aab7cc979689e7789728f7140a69
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
7e739cb08237c433c5fc87622578034ce4d4b9233f7cef03d0c9183d3295e9ca
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f8371369e8fbab5652ab552b187f965eb7744034f6c580ff25be13fc31c5cf7
7fbe4d47cb7ba8ac6cbb1cd9ddbe68067cf9cbdf6903c7c302bb97ae3b203d18
81cc892c98b058d2a8c27948d5c22dd99be35db12cf7a973fdc9dc3708841da0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c559f1b98e4a42455af1f164441d2f8a775415212cdd301522fc267e218b6c
840562b26a634bce064f4daf252502998ccee199d44a4063d85ec1153871eaa5
8416b9409cc7055c3a2b410f6146d639f8f1db413e42ff2acbfeebdccaf9a5ba
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8808a5931f001093bc198f46814e282d41e0f953862b6933d3bca1da71ac1223
88e0a9d03ac992968111ff4af7d871469f27bdef0c6104a7eefa65a7a7b8100f
8c134dc0955f76192a32b93340dab9ddbcfe8ffc94082761075e8c352dcc391c
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d389befa875a881d33ed655e148856e40715ccaa3ad553f39568d406d71139e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc65cb8e6058c454287b57dae5a51978cdc67cabb8ba4c20f7048e0804b7314
8e3ebba45a261dc12e0748ecd46ae53aa361689056a79843615eaf3ffb52805f
8ebf887aa4642f5a7fbe1fda709819c682a97ee4c21efd54f5774aa35b025cd1
92ad5b045b4bf2f1a4235164a9ad2a3ba3a360ea6eeed76a717143333acea0b9
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
997c342b018b8575186fe24717a87cb9501ded95bbaab0756ea0b2a4ac316018
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a6a2855f33b803d6785165a5a70a17fb3d2b8a9a5c0b0403c87b438182f2182
9ba37ed5fbff004aecba880184b518da8c5c95374130b15257115f74cead9acf
9d65740c48ffdc75622a8d1b17001d58a32a1bd8b57fddcd8291eae4311b6eaf
9efa9dc62458c1ed04de966934e85eb096326a077f83c49bdd5fe1f3c4d0a1e2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a35512fef250ca64bd15dbd398e9d01a0ea87def3309ba14a6be92855aa6d992
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a65bdfa116f70a3576acdaf80dcce90304fc3e75112cea5cc6aef678eac9bdbd
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abe500530f7952787f7e1e3fc7483621a4c2371a0770db64264c646c61986343
ad4a6a667ac761bfc9a5bdaa0aca9d9a62efde0606637583944ca38645f9d6ce
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d
b2f9850085a3507e901365d8b841808d71cf4c31d1a8df9ea332ddec2971be72
b3d3a574ab858e578952465bff7f171e304726111d1cbfe9e156d27eb909088e
b550953dfd1973c89197f133aedcbbcb93e45dc0f336bb064076aecf60c996e8
b701f14950999a42992e32f256113ac73b095db72b4ee6fb2bc407073796b6f6
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbd2365de2684fc2967c705828ca85616f1b72abb874c2081dd4e1f65a1f0859
bcc43c712dca84545418cf60d41e309f91b92e33acf6401905300e44ed119201
bd3acd4266fa174e614bf689b6a75d459d14ef572a8e997f76feae53ebf2bad3
bf8c52fac4387f2c2892a116d6cd08de6c64061e88200df7ca256b1918db8a23
bfc27b52bc9dd857e506403614fdf39468d09eefebc7bd09df7395017590661c
c01de32b7b329b84aa4110b78e0137970e26f417544278f61a8c8c89e7b0f032
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c472f60143a65c1db28b06f8eb8f7938cbd01d52eedb846d3dc237a751a8f4d4
c73ef449cb85f7a0898f6447443b8caa54652092c26a8b188094537f6cf91180
c788ca9a9149f080ff1d3024e98ef4c0d633acfda810b4d2108539a8d7e44c2d
c92b73f46d6bf6c01fc66fcc132568f355aee54542e3c19ac5ca48272955ac9a
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd047496f3b2feef020541fe6d3b33b7459cb4953fe716942ea621feddbc2d88
cd6761f8a2462086539971205c01c3c7a8b8344eee474e1b3e4c3b22f19e8e66
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf3192fb2333a369d054f9f888f83d5efff40a9e231ebc143e892f38cc4380f3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d297ed5bc864561563c23526a7e616c5aa859c02eb00845dfae4439f83f09354
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7a70eb588ac7af234071187f8adc8c33b28e71a97fe218e8fb21325382b1642
d9389118c677297980c556c8a85056a08ad36e182f2d7943d248fb4dbab8e2f7
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
daafa49c00ad71ec3477d7da2e14be1b14807f8d3178349239219e612e9dcecf
dcf99dd22e9e501cb0cbf359b98c05554c98c69b76b50f3a279c92137f9087d2
dd7e0f21fb756e7baf6c321c6a895710711a7dca6afa20ac2c7fc1f49ba401e9
de9c497969d31eee2b8be2e28ceadf5e64248f95c5e4589eda73b2c1e12718bc
dec2f86d6ed9e889ab14d840467bd1c2fff91102aacaf06afccc5d25a40ae001
e05dbcfb46c6125599a6715bab49bdfe93a39a4676a3261c64cedd30d926d518
e249a830e366c8b896fbce760368a50c1e753c09c854fc14d6392556cf563e25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c1255609c06c5fb1636d8281c021de42e8660a5e1470fc487680d78acf3b73
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
e79258719b86bf13fc33ff7b08a940a278034a9c67cc7f2cceff517728836cca
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed0c17e3e2146ed5c42a42556b1cbb2a6af3142c5edd1e22a0045aaa95388960
ed1c997e212608ad0a668eda94470026de40b565c9d80bab4b5213aff02eade0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa977023c6486f558af30e428480972817e39f602b5ac0307f1e64f5fad5e91
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a
f1ae709d1eab82473090c2ef2fbb1e5b60aaeb0cf42727da89a5789fa2af3166
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f837e34ead3df38437a99751739937715d9e7af680fd3c15f348227649bedb61
f9716b127a75c050c3255fa967732faf807d14bcbb1d2d15c1fa0ac97feb8107
fa9d0382df6ffc1160364daa89169e6635cb1198d0ea46c5edbc483dba4f3024
faa9176f1e72f821d634cdba3537db7b771f7f2613a836532a437c7d967378ae
fb690ddebf5603a3b25ccf9aefd346be7b4781470181ec746e5ef78369581eb3
fcb513442959d2489dd56def61370955551741b9c6b2f0ff87207183798a6922