urlscan.io logo urlscan.io
SecurityTrails logo

www.newsweek.com Open in urlscan Pro
99.83.219.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.silobreaker.com/e2t/tc/VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-HwrV1-WJV7CgQ-QW6lmhpm1SRL1GW3BbJWz8yT_pdW...
Effective URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsen...
Submission: On May 10 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 82 IPs in 12 countries across 79 domains to perform 217 HTTP transactions. The main IP is 99.83.219.100, located in United States and belongs to AMAZON-02, US. The main domain is www.newsweek.com.
TLS certificate: Issued by Amazon on July 19th 2020. Valid for: a year.
This is the only time www.newsweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.2 209242 (CLOUDFLAR...)
1 99.83.219.100 16509 (AMAZON-02)
39 151.139.128.11 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 13.224.95.71 16509 (AMAZON-02)
3 172.217.23.98 15169 (GOOGLE)
3 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 99.84.153.196 16509 (AMAZON-02)
1 35.186.195.222 15169 (GOOGLE)
2 2600:9000:219... 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
2 35.190.72.161 15169 (GOOGLE)
2 4 13.224.95.18 16509 (AMAZON-02)
2 2600:1901:0:7... 15169 (GOOGLE)
2 34.95.69.49 15169 (GOOGLE)
3 13.224.95.75 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3.222.213.29 14618 (AMAZON-AES)
2 35.190.36.172 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.225.74.104 16509 (AMAZON-02)
1 54.162.255.214 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 15 52.95.124.165 16509 (AMAZON-02)
4 151.101.112.176 54113 (FASTLY)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 13.224.95.123 16509 (AMAZON-02)
2 18.195.155.181 16509 (AMAZON-02)
19 54.77.47.243 16509 (AMAZON-02)
2 7 2.18.234.21 16625 (AKAMAI-AS)
1 1 88.214.206.142 46636 (NATCOWEB)
3 7 35.244.159.8 15169 (GOOGLE)
6 6 37.252.173.62 29990 (ASN-APPNEX)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 2.18.233.180 16625 (AKAMAI-AS)
2 23.79.143.124 16625 (AKAMAI-AS)
4 4 3.126.56.137 16509 (AMAZON-02)
3 4 216.52.2.48 29791 (VOXEL-DOT...)
2 2 18.184.39.197 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2620:116:800d... 16509 (AMAZON-02)
5 5 37.157.4.25 198622 (ADFORM)
5 8 34.252.153.38 16509 (AMAZON-02)
9 14 142.250.185.226 15169 (GOOGLE)
8 8 35.158.9.168 16509 (AMAZON-02)
4 4 3.127.92.82 16509 (AMAZON-02)
1 1 64.74.236.159 22075 (AS-OUTBRAIN)
1 1 34.204.22.100 14618 (AMAZON-AES)
2 3 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 3.222.149.159 14618 (AMAZON-AES)
1 193.122.174.27 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
1 1 50.31.142.95 23352 (SERVERCEN...)
2 2 52.28.167.150 16509 (AMAZON-02)
6 6 213.19.147.44 3356 (LEVEL3)
1 1 198.148.27.139 19189 (PULSEPOINT)
3 3 185.29.135.233 30419 (MEDIAMATH...)
4 4 151.101.114.49 54113 (FASTLY)
1 67.202.110.23 32748 (STEADFAST)
1 1 124.146.215.43 2514 (INFOSPHER...)
1 1 193.0.160.129 54312 (ROCKETFUEL)
4 4 185.184.8.30 204995 (RTB-HOUSE...)
1 52.46.130.13 16509 (AMAZON-02)
1 52.45.11.130 14618 (AMAZON-AES)
1 2 52.214.120.236 16509 (AMAZON-02)
3 72.251.249.14 29791 (VOXEL-DOT...)
1 1 52.6.250.79 14618 (AMAZON-AES)
2 2 18.159.17.140 16509 (AMAZON-02)
1 185.64.190.78 62713 (AS-PUBMATIC)
3 4 69.173.144.165 26667 (RUBICONPR...)
1 178.250.2.151 44788 (ASN-CRITE...)
2 2 213.155.156.167 1299 (TELIANET ...)
5 185.64.190.80 62713 (AS-PUBMATIC)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
8 185.64.189.110 62713 (AS-PUBMATIC)
1 52.19.106.86 16509 (AMAZON-02)
1 173.231.181.122 29791 (VOXEL-DOT...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 1 146.0.227.110 20773 (GODADDY)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 159.253.128.183 36351 (SOFTLAYER)
1 5 69.173.144.138 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.208.121.230 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 99.84.156.117 16509 (AMAZON-02)
1 2 185.94.180.126 35220 (SPOTX-AMS)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 52.7.13.99 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
217 82
2    199.60.103.2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com
1    99.83.219.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4fb2973ac9c49f88.awsglobalaccelerator.com
www.newsweek.com
39    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
g.newsweek.com
d.newsweek.com
gc.newsweek.com
video.newsweek.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2600:9000:20eb:c600:8:bd4:5580:21 (United States)

ASN16509 (AMAZON-02, US)
d275im4r3zngba.cloudfront.net
1    13.224.95.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-71.zrh50.r.cloudfront.net
ats.rlcdn.com
3    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2600:9000:20e8:9800:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-wrapper.privacymanager.io
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    99.84.153.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-153-196.txl52.r.cloudfront.net
c.amazon-adsystem.com
1    35.186.195.222 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 222.195.186.35.bc.googleusercontent.com
query.fqtag.com
2    2600:9000:2190:5e00:c:b42a:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.pelcro.com
1    2600:9000:2190:7a00:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr.privacymanager.io
4    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:20e8:ae00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    35.190.72.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
fqtag.com
4    13.224.95.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-18.zrh50.r.cloudfront.net
sb.scorecardresearch.com
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
3    13.224.95.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-75.zrh50.r.cloudfront.net
geo.privacymanager.io
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2606:4700:10::6816:958 (United States)

ASN13335 (CLOUDFLARENET, US)
www.pelcro.com
2    3.222.213.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-213-29.compute-1.amazonaws.com
ping.chartbeat.net
2    35.190.36.172 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 172.36.190.35.bc.googleusercontent.com
cdn.fqtag.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    13.225.74.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-104.fra2.r.cloudfront.net
api-location-prd.pelcro.com
1    54.162.255.214 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-255-214.compute-1.amazonaws.com
stats.newsweek.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
recommendationengine.googleapis.com
15    52.95.124.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
1    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
uploads.pelcro.com
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.224.95.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-123.zrh50.r.cloudfront.net
s.ad.smaato.net
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
19    54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
7    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
eu-u.openx.net
6    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    18.184.39.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
5    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
8    34.252.153.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-153-38.eu-west-1.compute.amazonaws.com
match.adsrvr.org
14    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
8    35.158.9.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
4    3.127.92.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
1    64.74.236.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
sync.outbrain.com
1    34.204.22.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-22-100.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    3.222.149.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-149-159.compute-1.amazonaws.com
sync.ipredictive.com
1    193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    50.31.142.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    52.28.167.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
6    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    67.202.110.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-110.static.steadfastdns.net
ssc-cms.33across.com
1    124.146.215.43 (Yokohama, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
creativecdn.com
1    52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    52.45.11.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
2    52.214.120.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-120-236.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    52.6.250.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
aorta.clickagy.com
2    18.159.17.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
a.sportradarserving.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.167 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    52.19.106.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Hjørring, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
44821c6a272228950bbd123dc78bfab4.safeframe.googlesyndication.com
3    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    34.208.121.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
m.stripe.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    99.84.156.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-117.txl52.r.cloudfront.net
api.pushnami.com
2    185.94.180.126 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    52.7.13.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
trc.pushnami.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
41 newsweek.com
www.newsweek.com
g.newsweek.com
d.newsweek.com
gc.newsweek.com
video.newsweek.com
stats.newsweek.com
568 KB
21 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
58 KB
19 gumgum.com
rtb.gumgum.com
6 KB
19 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
44 KB
19 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
129 KB
11 rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
16 KB
8 bidswitch.net
x.bidswitch.net
3 KB
8 adsrvr.org
match.adsrvr.org
3 KB
8 googlesyndication.com
pagead2.googlesyndication.com
44821c6a272228950bbd123dc78bfab4.safeframe.googlesyndication.com
tpc.googlesyndication.com
37 KB
7 lijit.com
ap.lijit.com
ce.lijit.com
5 KB
7 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
7 openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
2 KB
7 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8 KB
7 privacymanager.io
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
67 KB
6 adnxs.com
ib.adnxs.com
secure.adnxs.com
6 KB
6 pelcro.com
js.pelcro.com
www.pelcro.com
api-location-prd.pelcro.com
uploads.pelcro.com
189 KB
5 adform.net
c1.adform.net
2 KB
5 fqtag.com
query.fqtag.com
fqtag.com
cdn.fqtag.com
180 KB
4 creativecdn.com
creativecdn.com
1 KB
4 everesttech.net
sync-tm.everesttech.net
909 B
4 1rx.io
sync.1rx.io
2 KB
4 w55c.net
pm.w55c.net
3 KB
4 stripe.com
js.stripe.com
m.stripe.com
57 KB
4 scorecardresearch.com
sb.scorecardresearch.com
2 KB
4 google-analytics.com
www.google-analytics.com
20 KB
3 pushnami.com
api.pushnami.com
trc.pushnami.com
89 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 google.com
www.google.com
adservice.google.com
335 B
3 googleapis.com
imasdk.googleapis.com
recommendationengine.googleapis.com
302 KB
2 facebook.com
www.facebook.com
280 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 facebook.net
connect.facebook.net
96 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 fiftyt.com
visitor.fiftyt.com
992 B
2 semasio.net
uipglob.semasio.net
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
938 B
2 360yield.com
ad.360yield.com
618 B
2 quantserve.com
pixel.quantserve.com
1 KB
2 3lift.com
eb2.3lift.com
743 B
2 dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
103 B
2 emxdgt.com
cs.emxdgt.com
59 B
2 google.de
www.google.de
170 B
2 chartbeat.net
ping.chartbeat.net
337 B
2 clean.gg
i.clean.gg
104 B
2 bugsnag.com
sessions.bugsnag.com
140 B
2 rlcdn.com
ats.rlcdn.com
id.rlcdn.com
60 KB
2 silobreaker.com
info.silobreaker.com
3 KB
1 stripe.network
m.stripe.network
12 KB
1 google.ch
adservice.google.ch
799 B
1 simpli.fi
um.simpli.fi
609 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 admixer.net
inv-nets.admixer.net
559 B
1 zeotap.com
mwzeom.zeotap.com
281 B
1 adgrx.com
cm.adgrx.com
408 B
1 bidr.io
match.prod.bidr.io
75 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
326 B
1 clickagy.com
aorta.clickagy.com
665 B
1 adentifi.com
rtb.adentifi.com
88 B
1 rfihub.com
p.rfihub.com
746 B
1 socdm.com
tg.socdm.com
826 B
1 33across.com
ssc-cms.33across.com
1 contextweb.com
bh.contextweb.com
659 B
1 zemanta.com
b1sync.zemanta.com
281 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
616 B
1 outbrain.com
sync.outbrain.com
625 B
1 admanmedia.com
cs.admanmedia.com
409 B
1 smaato.net
s.ad.smaato.net
561 B
1 2mdn.net
s0.2mdn.net
16 KB
1 chartbeat.com
static.chartbeat.com
14 KB
1 googletagmanager.com
www.googletagmanager.com
58 KB
1 cloudfront.net
d275im4r3zngba.cloudfront.net
40 KB
217 79
Domain Requested by
20 g.newsweek.com www.newsweek.com
19 rtb.gumgum.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
ap.lijit.com
16 d.newsweek.com www.newsweek.com
g.newsweek.com
15 aax-eu.amazon-adsystem.com 1 redirects d275im4r3zngba.cloudfront.net
aax-eu.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
ssum-sec.casalemedia.com
ap.lijit.com
ads.pubmatic.com
14 cm.g.doubleclick.net 9 redirects u.openx.net
rtb.gumgum.com
ap.lijit.com
aax-eu.amazon-adsystem.com
8 simage2.pubmatic.com ads.pubmatic.com
8 x.bidswitch.net 8 redirects
8 match.adsrvr.org 5 redirects u.openx.net
ssum-sec.casalemedia.com
aax-eu.amazon-adsystem.com
5 image2.pubmatic.com ads.pubmatic.com
5 c1.adform.net 5 redirects
5 ads.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
rtb.gumgum.com
5 ib.adnxs.com 5 redirects
4 pixel.rubiconproject.com aax-eu.amazon-adsystem.com
4 token.rubiconproject.com 3 redirects aax-eu.amazon-adsystem.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 creativecdn.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 sync.1rx.io 4 redirects
4 pm.w55c.net 4 redirects
4 ap.lijit.com 3 redirects aax-eu.amazon-adsystem.com
4 ups.analytics.yahoo.com 4 redirects
4 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 sb.scorecardresearch.com 2 redirects www.newsweek.com
4 www.google-analytics.com www.googletagmanager.com
www.newsweek.com
d275im4r3zngba.cloudfront.net
www.google-analytics.com
3 tpc.googlesyndication.com d275im4r3zngba.cloudfront.net
3 ce.lijit.com ap.lijit.com
3 sync.mathtag.com 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 us-u.openx.net 1 redirects u.openx.net
3 ssum-sec.casalemedia.com 1 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
3 js.stripe.com d275im4r3zngba.cloudfront.net
js.stripe.com
3 geo.privacymanager.io js.pelcro.com
3 c.amazon-adsystem.com www.newsweek.com
c.amazon-adsystem.com
3 gdpr-wrapper.privacymanager.io www.newsweek.com
js.pelcro.com
3 securepubads.g.doubleclick.net www.newsweek.com
d275im4r3zngba.cloudfront.net
securepubads.g.doubleclick.net
2 trc.pushnami.com js.pelcro.com
2 www.facebook.com connect.facebook.net
2 sync.search.spotxchange.com 1 redirects
2 connect.facebook.net d275im4r3zngba.cloudfront.net
2 pixel-sync.sitescout.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.360yield.com 2 redirects
2 eu-u.openx.net 1 redirects u.openx.net
2 pixel.quantserve.com 2 redirects
2 eb2.3lift.com 2 redirects
2 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
2 u.openx.net 1 redirects aax-eu.amazon-adsystem.com
2 cs.emxdgt.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
2 www.google.de www.newsweek.com
2 www.google.com www.newsweek.com
2 api-location-prd.pelcro.com js.pelcro.com
2 stats.g.doubleclick.net www.google-analytics.com
2 cdn.fqtag.com d275im4r3zngba.cloudfront.net
2 ping.chartbeat.net www.newsweek.com
2 video.newsweek.com www.newsweek.com
g.newsweek.com
2 i.clean.gg d275im4r3zngba.cloudfront.net
2 sessions.bugsnag.com js.pelcro.com
2 fqtag.com www.newsweek.com
d275im4r3zngba.cloudfront.net
2 js.pelcro.com www.newsweek.com
d275im4r3zngba.cloudfront.net
2 imasdk.googleapis.com www.newsweek.com
d275im4r3zngba.cloudfront.net
2 info.silobreaker.com 1 redirects
1 api.pushnami.com d275im4r3zngba.cloudfront.net
1 m.stripe.com m.stripe.network
1 m.stripe.network js.stripe.com
1 44821c6a272228950bbd123dc78bfab4.safeframe.googlesyndication.com d275im4r3zngba.cloudfront.net
1 adservice.google.com d275im4r3zngba.cloudfront.net
1 adservice.google.ch d275im4r3zngba.cloudfront.net
1 id.rlcdn.com aax-eu.amazon-adsystem.com
1 pixel-eu.rubiconproject.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 match.prod.bidr.io ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 aorta.clickagy.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 s.amazon-adsystem.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 tg.socdm.com 1 redirects
1 ssc-cms.33across.com rtb.gumgum.com
1 bh.contextweb.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.outbrain.com 1 redirects
1 secure.adnxs.com 1 redirects
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 cs.admanmedia.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 uploads.pelcro.com www.newsweek.com
1 recommendationengine.googleapis.com www.newsweek.com
1 stats.newsweek.com d275im4r3zngba.cloudfront.net
1 www.pelcro.com js.pelcro.com
1 s0.2mdn.net d275im4r3zngba.cloudfront.net
1 gc.newsweek.com d275im4r3zngba.cloudfront.net
1 static.chartbeat.com info.silobreaker.com
1 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
1 query.fqtag.com www.newsweek.com
1 www.googletagmanager.com www.newsweek.com
1 ats.rlcdn.com www.newsweek.com
1 d275im4r3zngba.cloudfront.net www.newsweek.com
1 www.newsweek.com info.silobreaker.com
217 117
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
*.newsweek.com
Amazon		 2020-07-19 -
2021-08-19		 a year crt.sh
g.newsweek.com
R3		 2021-03-18 -
2021-06-16		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.privacymanager.io
Amazon		 2020-10-24 -
2021-11-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.fqtag.com
R3		 2021-04-02 -
2021-07-01		 3 months crt.sh
*.pelcro.com
Amazon		 2021-01-13 -
2022-02-10		 a year crt.sh
d.newsweek.com
R3		 2021-03-14 -
2021-06-12		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-05 -
2022-05-05		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2021-05-01 -
2021-07-30		 3 months crt.sh
gc.newsweek.com
R3		 2021-03-17 -
2021-06-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
pelcro.com
Sectigo RSA Extended Validation Secure Server CA		 2020-02-25 -
2022-02-18		 2 years crt.sh
video.newsweek.com
R3		 2021-03-11 -
2021-06-09		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
newsweek.com
Amazon		 2020-12-29 -
2022-01-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-04-14 -
2021-08-04		 4 months crt.sh
uploads.pelcro.com
R3		 2021-04-01 -
2021-06-30		 3 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.google.ch
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-16 -
2021-08-04		 4 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.pushnami.com
Amazon		 2021-04-18 -
2022-05-17		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh

This page contains 38 frames:

Primary Page: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Frame ID: AB54192E8DE8B3ACFC41ACE26566AD11
Requests: 104 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.455.0_en.html
Frame ID: A4C956D0001410A9905BE1F551EB32C2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D9BC112F5D971CFEBDF421423B55B9C8
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Frame ID: E5E44A8E5A283B7E470E55EFA2595CEF
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 1298D0440D4759126DBE18005484EC64
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 54852FAC7575EB69C268A880380EE64B
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 95D4385C43926FDFAE7B24D146BDE254
Requests: 10 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Frame ID: 1B7BC88D8F9F7E02CE5B82B29F41797D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 5058E235E2985D8205C1853B8A00F344
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=2471799407862687914&ex=districtm
Frame ID: 2BBADB118F51A833CB9826BBD333EFF0
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 1BB8C3C6DC0E626CC6BD16DC5DCBAE6A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 323227C523A2A65CC3C4737EBC7A06E4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: A5350BBFDAA08EB6445489B39F5610CB
Requests: 12 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-KjGNRfl1l2O8W8jKYr7ggnk597AsRM0-&
Frame ID: 5B5F186EC0FA46996799DD6842058F0B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=1519667192218967455&ex=appnexus.com
Frame ID: 3C5E57890FCAC6F888DE9EAB02841061
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 120D0D2DF80764C6B5F33D968CA43755
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2471077167044150507
Frame ID: 84C08C668782616B5161ED1768796164
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 393070FB7A4A898454CC46EB8BF919A8
Requests: 21 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=38186099-19be-4300-bc09-b9aefc0feb57&gdpr=&gdpr_consent=
Frame ID: C5654DDB40034BA08DF1EE55A6E344E4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YJkZvgAA3yndnQA4&gdpr=&gdpr_consent=&_test=YJkZvgAA3yndnQA4
Frame ID: A7D6F5DED81E41BAD8563ECA34C22E15
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNTA4ZWMzNy00NzIxLTQzOWYtOTc2OS00M2UwZTQ0MmFjNjQ=&gdpr=&gdpr_consent=
Frame ID: A47D7B5AB2556E1170C9DE47D8C6E34C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 594FACE6D1DFC64A109FC41218070472
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: CDB8AC9A775E0D2447D1CC9140740D10
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=48843a77-64ce-4c8c-88df-053978dbfac3&t=1623238334
Frame ID: 5BDC4D4A77CD64F4B0DD3D2EB77AB8D5
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: C0324B5E917F8317E97C237A18D16AE2
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YJkZvsCo8YkAAP-qF5IAAAAA
Frame ID: 9957E53848764BE3DE78F8CA13892CC7
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=875739026647455931
Frame ID: 5BC88B2C42F4AFE2E53E1A535DF8241C
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=x0YSYGqygZE4TIrXRGr4&pi=gumgum&tc=1
Frame ID: 02E8BF8AE0B3A8E129FEF61ECC0326DF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8318866C298ED781576206C2DA9A6A8F
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 4B1BA2432A09B39648D71FFB85289517
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6946788571671261824
Frame ID: BFF0FAECEC2F5692E18BFD1AC07557E5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6960623011511203984
Frame ID: 95D00708B3BE398F3756E967D94F50C1
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: 8AE991C97A155A55A152723326645EFA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 9F1C5AA16EBA1E49FA87C46DA8F20D37
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=1B91F2EC-E450-44F5-8BD6-92E13AF25208&ex=pubmatic.com
Frame ID: FF9C4E432F09B6DE9139389FCE195256
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
Frame ID: A5D6B4927F78F733C49AE19637921A7A
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 62F65476D8A2BA97DE40B41AA68F8658
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7D41F04B22C30C8377215EF02ED308A1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-HwrV1-WJV7CgQ-QW6lmhpm... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-Hwr... HTTP 307
    https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /js\.stripe\.com/i
Overall confidence: 100%
Detected patterns
  • script /chartbeat\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

217
Requests

99 %
HTTPS

30 %
IPv6

79
Domains

117
Subdomains

82
IPs

12
Countries

2083 kB
Transfer

6380 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-HwrV1-WJV7CgQ-QW6lmhpm1SRL1GW3BbJWz8yT_pdW7Dppsw8cy9sxVhN8yT4CVHTRW6DbJr75WXMJWW97Zy9z8gmBRYW1MF2cR3rNbJdW8VZdr73vNY08W4wdjdx3T7ZFCW8Bml9R2YgjFyN2dlcvbWk9vqW6jjzvd7SXCtPW161TYj5PHszvW9bG0241bGS4lW8Bbh0d4ZV1BWW3Z0QV188j9nDW5SVJdl66-9D2W1H2KDZ493GZLW66jjyl6ZCC01VdCtkN3b_Lb6VcJz-p8tjH80W408LDp3LCf5CW8gdtLT7W7xZPW2w7pXW2nVp3lW5jrBcm8FPvrJW8pcGLf7vbSbH3mtG1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-HwrV1-WJV7CgQ-QW6lmhpm1SRL1GW3BbJWz8yT_pdW7Dppsw8cy9sxVhN8yT4CVHTRW6DbJr75WXMJWW97Zy9z8gmBRYW1MF2cR3rNbJdW8VZdr73vNY08W4wdjdx3T7ZFCW8Bml9R2YgjFyN2dlcvbWk9vqW6jjzvd7SXCtPW161TYj5PHszvW9bG0241bGS4lW8Bbh0d4ZV1BWW3Z0QV188j9nDW5SVJdl66-9D2W1H2KDZ493GZLW66jjyl6ZCC01VdCtkN3b_Lb6VcJz-p8tjH80W408LDp3LCf5CW8gdtLT7W7xZPW2w7pXW2nVp3lW5jrBcm8FPvrJW8pcGLf7vbSbH3mtG1?_ud=29c44069-0d0b-4fa6-bc1d-dce252833698&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1620646330869&ns_c=UTF-8&c8=Top%20GOP%20Regulator%20Falsely%20Claims%20Vaccine%20Turns%20People%20Into%20%27Potted%20Plants%27&c7=https%3A%2F%2Fwww.newsweek.com%2Ftop-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1620646330869&ns_c=UTF-8&c8=Top%20GOP%20Regulator%20Falsely%20Claims%20Vaccine%20Turns%20People%20Into%20%27Potted%20Plants%27&c7=https%3A%2F%2Fwww.newsweek.com%2Ftop-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E&c9=
Request Chain 83
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Request Chain 91
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=19c24e991cc05a82e55b
Request Chain 94
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 95
  • https://cs.admanmedia.com/sync/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dacuity.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Request Chain 96
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 97
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=2471799407862687914&ex=districtm
Request Chain 101
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-KjGNRfl1l2O8W8jKYr7ggnk597AsRM0-&
Request Chain 102
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=1519667192218967455&ex=appnexus.com
Request Chain 103
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 104
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2471077167044150507
Request Chain 108
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=6zElIuw4fn_wYy8qvDAxI-8xJC3wMC94vzX8bXm3
Request Chain 109
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6193763558648326398 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6193763558648326398
Request Chain 111
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWQwMjZlOTQtZTA5ZC02OGY0LTY0YmMtMmE3MWNkZmZkMjM4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWQwMjZlOTQtZTA5ZC02OGY0LTY0YmMtMmE3MWNkZmZkMjM4&google_tc=
Request Chain 112
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFpj35g3pkKJuSjm0WmOOvs&google_cver=1
Request Chain 115
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=1519667192218967455
Request Chain 116
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3508ec37-4721-439f-9769-43e0e442ac64&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3508ec37-4721-439f-9769-43e0e442ac64&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3Df233d128-f76b-49ac-8fa2-a0ab7fb868f8 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3Df233d128-f76b-49ac-8fa2-a0ab7fb868f8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=ywdXMJ8Q1LG4905&expires=30&ssp=gumgum2&bsw_param=f233d128-f76b-49ac-8fa2-a0ab7fb868f8 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=f233d128-f76b-49ac-8fa2-a0ab7fb868f8
Request Chain 117
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28cCY-DOuJjUHrnbMcrXI8NiLrk65-GP6B_CUofLHJy90ko-f-UVU68J2KQYbnCTQO%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28cCY-DOuJjUHrnbMcrXI8NiLrk65-GP6B_CUofLHJy90ko-f-UVU68J2KQYbnCTQO%29
Request Chain 118
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=7650192e-01ff-0e06-1627-6025cf4d1d1e
Request Chain 119
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-f1736216-1a19-45e8-6d5c-6b4f9ae13a22$ip$185.156.175.107
Request Chain 120
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-jdIvJQ1E2pfJ95sgaJvj0YeGDm.BPvejURIu~A
Request Chain 121
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=5e11d168-b183-11eb-9749-09462eaa0c2c
Request Chain 124
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3508ec37-4721-439f-9769-43e0e442ac64&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 125
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=3f967788-8c89-4874-8493-af97661bc595
Request Chain 126
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2105431389 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/48843a77-64ce-4c8c-88df-053978dbfac3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-022d5c59-0a50-4681-aebd-66144f076ad4-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-022d5c59-0a50-4681-aebd-66144f076ad4-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-022d5c59-0a50-4681-aebd-66144f076ad4-003
Request Chain 127
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=03f0Ul1h7mWH&ev=1&pid=558355
Request Chain 129
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=38186099-19be-4300-bc09-b9aefc0feb57&gdpr=&gdpr_consent=
Request Chain 130
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YJkZvgAA3yndnQA4 HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YJkZvgAA3yndnQA4&gdpr=&gdpr_consent=&_test=YJkZvgAA3yndnQA4
Request Chain 134
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=48843a77-64ce-4c8c-88df-053978dbfac3&t=1623238334
Request Chain 136
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YJkZvsCo8YkAAP-qF5IAAAAA
Request Chain 137
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=875739026647455931
Request Chain 138
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=x0YSYGqygZE4TIrXRGr4&pi=gumgum&tc=1
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJkZvbGOoxKa1tT416I5LgAABGoAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEPvu2Q18zGLL4EjpbZq8vVg&google_cver=1
Request Chain 142
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJkZvbGOoxKa1tT416I5LgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YJkZvbGOoxKa1tT416I5LgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ-twSVZB9sn-8M2Bajz294&google_cver=1
Request Chain 144
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJkZvbGOoxKa1tT416I5LgAA%261130 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YJkZvbGOoxKa1tT416I5LgAA%261130
Request Chain 145
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=j5Iywy801LG4905
Request Chain 146
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6193763558648326398&expiration=1621855934
Request Chain 149
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=&sovrn_retry=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=N2ZjZDk2YzlmZTZlMDE0NTY2ZGMzYjUz
Request Chain 150
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3016394407 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/48843a77-64ce-4c8c-88df-053978dbfac3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-022d5c59-0a50-4681-aebd-66144f076ad4-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-022d5c59-0a50-4681-aebd-66144f076ad4-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-022d5c59-0a50-4681-aebd-66144f076ad4-003
Request Chain 151
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=x0YSYGqygZE4TIrXRGr4&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Request Chain 152
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=289dd4938e5c47b495a076bb&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:d5ac9bc0c9bcc03f34ac847e4ba7f3ed
Request Chain 153
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=48076f36-01e6-463d-8bb2-28bc0d57ce84&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=f233d128-f76b-49ac-8fa2-a0ab7fb868f8
Request Chain 158
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6946788571671261824
Request Chain 159
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6960623011511203984
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G5Hy7ORQRPWL1pLhOvJSCA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 165
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1B91F2EC-E450-44F5-8BD6-92E13AF25208&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1B91F2EC-E450-44F5-8BD6-92E13AF25208&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 166
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&addseg=31
Request Chain 167
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=48843a77-64ce-4c8c-88df-053978dbfac3
Request Chain 168
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6193763558648326398
Request Chain 169
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:38186099-19be-4300-bc09-b9aefc0feb57&gdpr=0&gdpr_consent=
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECoF_HaG1nA5LGOeAaAbv4g&google_cver=1
Request Chain 171
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1519667192218967455&gdpr=0&gdpr_consent=
Request Chain 173
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Nk8WwPJE2uWZFJLots0fZfnTjbozQtc-~A&gdpr=0&gdpr_consent=
Request Chain 174
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B8sQcgDCSy0czkx7CcgEeAjNSHscyBEpCcM8nT4b
Request Chain 175
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param%3Df233d128-f76b-49ac-8fa2-a0ab7fb868f8%26gdpr%3D0%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=ea8cfa99ebd042b1acffe923f468d21a&ssp=pubmatic&bsw_param=f233d128-f76b-49ac-8fa2-a0ab7fb868f8&gdpr=0&consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f233d128-f76b-49ac-8fa2-a0ab7fb868f8&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 176
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8867843199139047020&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 177
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJkZvgAA3yndnQA4&gdpr=0&gdpr_consent=
Request Chain 178
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0e8193fb-0c62-45d1-a9b3-58a969fbf95f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 180
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=8ce3b763-8276-4979-9a4e-3ca688d16dd9-609919c0-4348&gdpr=0&gdpr_consent=
Request Chain 182
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KOIIZFJE-P-2KJP&ex=d-rubiconproject.com&status=ok
Request Chain 183
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=38186099-19be-4300-bc09-b9aefc0feb57
Request Chain 184
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09JSVpGSkUtUC0yS0pQ
Request Chain 185
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGY2YjFiZThiMzdhNGYwMDlhY2YxMzM0ZmVlNWVkMDI2MGZhZDhjMw
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOuVvlM200FSdIyt59_bpxg&google_cver=1
Request Chain 188
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YJkZvgAA3yndnQA4
Request Chain 189
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jJp9l8aPc-7RxdmlSQ-Ssw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5402486439610652863
Request Chain 202
  • https://sb.scorecardresearch.com/c2/7922264/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 206
  • https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=62cd201a-b183-11eb-afe8-10d4c6b20106

217 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-HwrV1-WJV7CgQ-QW6lmhpm1SRL1GW3BbJWz8yT_pdW7Dppsw8cy9sxVhN8yT4CVHTRW6DbJr75WXMJWW97Zy9z8gmBRYW1MF2cR3rNbJdW8VZdr73vNY08W4wdjdx3T7ZFCW8Bml9R2YgjFyN2dlcv...
info.silobreaker.com/e2t/tc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.silobreaker.com/e2t/tc/VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-HwrV1-WJV7CgQ-QW6lmhpm1SRL1GW3BbJWz8yT_pdW7Dppsw8cy9sxVhN8yT4CVHTRW6DbJr75WXMJWW97Zy9z8gmBRYW1MF2cR3rNbJdW8VZdr73vNY08W4wdjdx3T7ZFCW8Bml9R2YgjFyN2dlcvbWk9vqW6jjzvd7SXCtPW161TYj5PHszvW9bG0241bGS4lW8Bbh0d4ZV1BWW3Z0QV188j9nDW5SVJdl66-9D2W1H2KDZ493GZLW66jjyl6ZCC01VdCtkN3b_Lb6VcJz-p8tjH80W408LDp3LCf5CW8gdtLT7W7xZPW2w7pXW2nVp3lW5jrBcm8FPvrJW8pcGLf7vbSbH3mtG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-HwrV1-WJV7CgQ-QW6lmhpm1SRL1GW3BbJWz8yT_pdW7Dppsw8cy9sxVhN8yT4CVHTRW6DbJr75WXMJWW97Zy9z8gmBRYW1MF2cR3rNbJdW8VZdr73vNY08W4wdjdx3T7ZFCW8Bml9R2YgjFyN2dlcvbWk9vqW6jjzvd7SXCtPW161TYj5PHszvW9bG0241bGS4lW8Bbh0d4ZV1BWW3Z0QV188j9nDW5SVJdl66-9D2W1H2KDZ493GZLW66jjyl6ZCC01VdCtkN3b_Lb6VcJz-p8tjH80W408LDp3LCf5CW8gdtLT7W7xZPW2w7pXW2nVp3lW5jrBcm8FPvrJW8pcGLf7vbSbH3mtG1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d3d0901eb197ba1ad8bd3ee94433d6cbe1620646329; expires=Wed, 09-Jun-21 11:32:09 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=c5bbc21890f3800a378a2ec95b96c6c962e1b39f-1620646329; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray
64d2d8645a4b020d-ZRH
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
09f7a592b30000020dc5087000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
a8c691fb-65da-4588-bd47-34f5a16d28c3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QK1HKXuU1yoyfugpX2yVPb5o7EG3FAqx31G%2FYjwPp9lFZWpG7%2BWrhyT66abLE8QJOXYML23Ywye4omUnofJz1Zsj8NawibYdWn1aTIWbQs6UjCNLhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
Primary Request top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912
www.newsweek.com/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-HwrV1-WJV7CgQ-QW6lmhpm1SRL1GW3BbJWz8yT_pdW7Dppsw8cy9sxVhN8yT4CVHTRW6DbJr75WXMJWW97Zy9z8gmBRYW1M...
  • https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlO...
215 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-HwrV1-WJV7CgQ-QW6lmhpm1SRL1GW3BbJWz8yT_pdW7Dppsw8cy9sxVhN8yT4CVHTRW6DbJr75WXMJWW97Zy9z8gmBRYW1MF2cR3rNbJdW8VZdr73vNY08W4wdjdx3T7ZFCW8Bml9R2YgjFyN2dlcvbWk9vqW6jjzvd7SXCtPW161TYj5PHszvW9bG0241bGS4lW8Bbh0d4ZV1BWW3Z0QV188j9nDW5SVJdl66-9D2W1H2KDZ493GZLW66jjyl6ZCC01VdCtkN3b_Lb6VcJz-p8tjH80W408LDp3LCf5CW8gdtLT7W7xZPW2w7pXW2nVp3lW5jrBcm8FPvrJW8pcGLf7vbSbH3mtG1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.219.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4fb2973ac9c49f88.awsglobalaccelerator.com
Software
/
Resource Hash
efe483404e7a6c8802ee6d1e5e0a116f6cdab91c26c8cc4356dc0f7c5ce44c0d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.newsweek.com
:scheme
https
:path
/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-HwrV1-WJV7CgQ-QW6lmhpm1SRL1GW3BbJWz8yT_pdW7Dppsw8cy9sxVhN8yT4CVHTRW6DbJr75WXMJWW97Zy9z8gmBRYW1MF2cR3rNbJdW8VZdr73vNY08W4wdjdx3T7ZFCW8Bml9R2YgjFyN2dlcvbWk9vqW6jjzvd7SXCtPW161TYj5PHszvW9bG0241bGS4lW8Bbh0d4ZV1BWW3Z0QV188j9nDW5SVJdl66-9D2W1H2KDZ493GZLW66jjyl6ZCC01VdCtkN3b_Lb6VcJz-p8tjH80W408LDp3LCf5CW8gdtLT7W7xZPW2w7pXW2nVp3lW5jrBcm8FPvrJW8pcGLf7vbSbH3mtG1

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-type
text/html; charset=UTF-8
content-length
49443
cache-control
public, max-age=3600
vary
Accept-Encoding
content-encoding
gzip
x-b
V6.3-1 web1
age
485
x-cache
hit cached
x-cache-hits
33
x-forwarded-for
185.156.175.107
x-ua-device
desktop
set-cookie
X-UA-Info=country|CH|state|ZH|city|Zurich|latitude|47.394000|longitude|8.445000|isp|M247 Ltd|ip|185.156.175.107|device|desktop|time|1620646330; path=/;
x-debug
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=86400; includeSubDomains
accept-ranges
bytes

Redirect headers

date
Mon, 10 May 2021 11:32:09 GMT
location
https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
cf-ray
64d2d8650b07020d-ZRH
link
<https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
09f7a593230000020d02bf6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
ab771927-91ec-406c-9623-577f98255bdc
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d8CpqUlmdpa6a%2B0M4Q5rrT9ESadxIDaej2kkoz%2BcHrq3ZOJdP%2BtDHfN28j9qIDuL3kyTnbWYsKTTCPk6Xp3plO5DTd0yngEIGZP0G1uT6NsX0DYS1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
robotocondensed-bold-webfont.woff2
g.newsweek.com/www/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/fonts/robotocondensed-bold-webfont.woff2
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Origin
https://www.newsweek.com
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 09:49:34 GMT
server
Apache
etag
"1613382574"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds135.fr8.hn,1620646329.cds126.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
20051
robotocondensed-regular-webfont.woff2
g.newsweek.com/www/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/fonts/robotocondensed-regular-webfont.woff2
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Origin
https://www.newsweek.com
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Wed, 23 Dec 2020 07:21:09 GMT
server
Apache
etag
"1608708069"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds135.fr8.hn,1620646329.cds252.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
20051
Genericons.woff2
g.newsweek.com/www/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/fonts/Genericons.woff2
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
ceea53e44ec565f4238f76684d3c16fe2c0806d7d0208678105d6f64320b8e56
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Origin
https://www.newsweek.com
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Sat, 20 Feb 2021 06:57:34 GMT
server
Apache
etag
"1613804254"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds135.fr8.hn,1620646329.cds254.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
10711
btf.css
g.newsweek.com/sys/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/css/btf.css?v=1620386476
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
5b191c0b8cd4fe9d3fa6a2c5fda524c9cb392f0ab959e924d7d9786b04953503
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 11:21:20 GMT
server
Apache
etag
"1620386480"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds134.fr8.hn,1620646329.cds220.fr8.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
1244
btf_article.css
g.newsweek.com/sys/css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/css/btf_article.css?v=1620386476
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
841084b6978cf839a179bc09779f635ee006a5ca93004a9e5c20811810b6c67e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 11:21:20 GMT
server
Apache
etag
"1620386480"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds134.fr8.hn,1620646329.cds225.fr8.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
7631
editor.css
g.newsweek.com/sys/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/css/editor.css?v=1620386476
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
8a8fc2a99422a24d4309b9dc2c57d7a72ef6585d756c5a53d6edee01ad7d2b76
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:10 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 11:21:20 GMT
server
Apache
etag
"1620386480"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds134.fr8.hn,1620646330.cds275.fr8.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
5051
more_slideshows_inline.css
g.newsweek.com/sys/css/ 		788 B
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/css/more_slideshows_inline.css?v=1620386476
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
fc6686761d3664feb55c6717335a43fcc4f9546505e3c1fd2d5c8bdb807b3b24
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 11:21:20 GMT
server
Apache
etag
"1620386480"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds134.fr8.hn,1620646329.cds017.fr8.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
412
in_text_slideshows_inline.css
g.newsweek.com/sys/css/ 		1 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/css/in_text_slideshows_inline.css?v=1620386476
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
c829f9d67ab7851c5ce62820191525d4581aa26bc0a18f6cba0b5af2c7912dd6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 11:21:21 GMT
server
Apache
etag
"1620386481"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds134.fr8.hn,1620646329.cds245.fr8.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
431
f975cb2dee59c2867351daea194bffe3.css
g.newsweek.com/sys/css/ 		61 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/css/f975cb2dee59c2867351daea194bffe3.css?v=1620386476
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
3dfa26bf50a49ee6d7782ae0ab785a040bcf61f3136160ec1e82ecb9035a3d87
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 11:21:47 GMT
server
Apache
etag
"1620386507"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds134.fr8.hn,1620646329.cds229.fr8.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
14516
07bba1a9c30c8f01d28d980808d6b064.js
g.newsweek.com/sys/js/ 		552 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/js/07bba1a9c30c8f01d28d980808d6b064.js?v=1620386476
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
cf9e7ae315363540a8d53177e34c0161dcaaa7f782640f1a363834b0c57810b8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 11:21:47 GMT
server
Apache
etag
"1620386507"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds134.fr8.hn,1620646329.cds263.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
157094
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bab600bceb53dcb103ced28d5a5818d609fc8218a546985855952a7fe113f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117198
x-xss-protection
0
expires
Mon, 10 May 2021 11:32:09 GMT
518ec47cf8245d54b92ff59a32c5dd83.js
g.newsweek.com/sys/js/ 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/js/518ec47cf8245d54b92ff59a32c5dd83.js?v=1620386476
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
875d966af6ebee8cdb648cec821ad6dd05718734025f5c093109990d3e8bee3f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 11:21:20 GMT
server
Apache
etag
"1620386480"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds134.fr8.hn,1620646329.cds004.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
44016
script.js
d275im4r3zngba.cloudfront.net/ 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d275im4r3zngba.cloudfront.net/script.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:c600:8:bd4:5580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34ece1baba2708b6381b24324cd8818761d2f5f69569911322da90bead86638a

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:24:00 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 14:42:21 GMT
server
AmazonS3
age
496
etag
W/"79dc69326d3f339836ca53d2a8996a1b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
tU4ODm6-7zMLj-j-7Vb7jEDlLywf5fEhgbijgWaoJt43Gj6eBe23Vg==
ats.js
ats.rlcdn.com/ 		184 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-71.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PU5uQG8k6fF7c8ExjUxBI8zMqnTbvUtK
content-encoding
gzip
etag
W/"535a44cb49d4769cf9ec82fbcba860c8"
last-modified
Fri, 09 Apr 2021 08:07:05 GMT
server
AmazonS3
age
39748
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
date
Mon, 10 May 2021 00:29:43 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
nPct98VjKCOQddumMPNXZuP3lm0aZiUNTfgcOerRfpXJtbacqPeZ5Q==
prebid.js
g.newsweek.com/www/js/ 		448 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/js/prebid.js?v=4.36.0
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
f89876f58219dcc1beebdd496798494462bc583f2f54bac08c93c6fc2a630659
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 04:20:51 GMT
server
Apache
etag
"1619151651"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds134.fr8.hn,1620646329.cds126.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
143742
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
c3d98955505568ff589dee622ca30c1940f0a1484625cde7a51b4455963a1e96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"867 / 987 of 1000 / last-modified: 1620645034"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21236
x-xss-protection
0
expires
Mon, 10 May 2021 11:32:10 GMT
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/gdpr-liveramp.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:9800:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad25197f295b6522df9c772ab9b55503fda89ebef72696cb958452f3879b91b7

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 09 May 2021 17:11:46 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 15:36:02 GMT
server
AmazonS3
age
66025
etag
W/"16d97a1c503d9a11bdeb9c6ca6b37ed2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
4._CA4XrmTL9XtDkK5D21daTk2uav9DL
via
1.1 81db6db0bc548ca5046f3395364a3667.cloudfront.net (CloudFront)
content-disposition
attachment; filename="gdpr-liveramp.js"
x-amz-cf-pop
TXL52-C1
content-type
text/javascript
x-amz-cf-id
ofqHFGS1sNkqhBJQ9lv6r5oCh3o_NlT0Fmi1V73W7ib2CbPLMYPSxA==
prebid.js
g.newsweek.com/www/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/js/prebid.js?v=4.36.0
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 04:20:51 GMT
server
Apache
etag
"1619151651"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds135.fr8.hn,1620646329.cds126.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
143742
gtm.js
www.googletagmanager.com/ 		189 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVS8NW5
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e40e44825fb6505b782bcf515d50633fbfeb5f8a17856808f76945571fbb72d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59473
x-xss-protection
0
last-modified
Mon, 10 May 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 May 2021 11:32:09 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.153.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-153-196.txl52.r.cloudfront.net
Software
Server /
Resource Hash
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 05:09:09 GMT
content-encoding
gzip
server
Server
age
22980
etag
8975e8311e479cf7d71d71133ee2dff8
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id
iygQhLjlz1sETT7z6rkaquqEln8eNBFH_2A4YUFeDKT7nAbOPJkGeA==
b
query.fqtag.com/ 		82 B
163 B 		Script
General
Check archive.org
Download Go to
Full URL
https://query.fqtag.com/b?org=YQwTNw4Muk9XFo4QH9JJ&sk=Wxsob0fAt4ZFyMO18SqG&callback=fq_callback&p=www.newsweek.com_article&a=article&cmp=none&cb=1620646329707&url=none&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.195.222 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
222.195.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:10 GMT
via
1.1 google
alt-svc
clear
content-length
82
83694e4b1e95c0ef591612ee7fe04d07.js
g.newsweek.com/sys/js/ 		68 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/js/83694e4b1e95c0ef591612ee7fe04d07.js?v=1620386476
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
f711a885cf31afed69664befc5b5d3911ef41ac1d5e62e938f2061eb8748a416
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 11:21:20 GMT
server
Apache
etag
"1620386480"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds134.fr8.hn,1620646329.cds005.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
18604
main.min.js
js.pelcro.com/sdk/ 		255 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.pelcro.com/sdk/main.min.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5e00:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff6d9e3175cc545423afe87dd0dc42c8d1e3c4681a5a71e115481bf3324dd9b7

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 11:48:25 GMT
content-encoding
br
last-modified
Wed, 07 Apr 2021 04:41:23 GMT
server
AmazonS3
age
85426
etag
"365338b94fff3c990577ee01843c5b8b"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
66845
x-amz-cf-id
t4DhJcIcLiguc_n87JtO3MPdOtuRvQJ7sZupSIvdz_5fTpBGEtVLJA==
icon-search-glass.svg
g.newsweek.com/www/images/ 		485 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/www/images/icon-search-glass.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
62650fd33dce4209d2585176f5f4fcee4fb5abdeba5f3140bec1dd5f9abe043a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 09:49:41 GMT
server
Apache
etag
"1613382581"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds134.fr8.hn,1620646329.cds145.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
293
flipboard_srrw.png
g.newsweek.com/img/home/ 		877 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/img/home/flipboard_srrw.png
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
e4cf1c133b96419d7116640c9850740280ad5aed7e54b9749f7bb3211d6be4f7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:09 GMT
content-encoding
gzip
last-modified
Wed, 25 Nov 2020 22:44:35 GMT
server
Apache
etag
"1606344275"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646329.cds134.fr8.hn,1620646329.cds266.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
900
moderna-covid-vaccine.webp
d.newsweek.com/en/full/1791767/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1791767/moderna-covid-vaccine.webp?w=790&f=3a8108cc5a7ba1fba9761a217b14989d
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
5a9a338a72639fee3250bbb8f257669cf84cd8bf3193578d74a26f7af208e4ac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:10 GMT
last-modified
Sun, 09 May 2021 21:50:59 GMT
server
Apache
x-cacheable
YES
etag
"1620597059"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646330.cds008.fr8.hn,1620646330.cds215.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
15666
play-list
d.newsweek.com/widget/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.newsweek.com/widget/play-list?nid=519150&items=4&v=11620386476
Requested by
Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/518ec47cf8245d54b92ff59a32c5dd83.js?v=1620386476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
b68087dec4bb4fb1c3b99f398a7435e5bb4c752ccc351afc60df7a8068c6c174
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:10 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 11:39:36 GMT
server
Apache
x-cacheable
YES
etag
"1620387576"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646330.cds139.fr8.hn,1620646330.cds226.fr8.c
content-type
application/json
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
1786
opinion-headshot-bg.png
g.newsweek.com/www/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/www/images/opinion-headshot-bg.png
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
d73c80c747e2ebaa8fce065cb77d293449cc8ca02591327c5a95d924c1948364
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:10 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 09:49:41 GMT
server
Apache
etag
"1613382581"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646330.cds134.fr8.hn,1620646330.cds097.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
4876
max-eden.webp
d.newsweek.com/en/full/1602301/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1602301/max-eden.webp?w=63&h=63&f=b4f604381ce7e97fbfbb55adc59558c9
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
1a9a29be2c0728cfaaade2a97d6c18f9f393d93f0d330ffe2f2655b23a12cb8d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:10 GMT
last-modified
Sun, 18 Apr 2021 21:23:10 GMT
server
Apache
x-cacheable
YES
etag
"1618780990"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646330.cds008.fr8.hn,1620646330.cds016.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
2148
marcu-johnson.webp
d.newsweek.com/en/full/1773995/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1773995/marcu-johnson.webp?w=63&h=63&f=bb97f1f29688b648543aff9f7d593260
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
e1d222c05451e66d24bcae72a24c0f39b453b6d7a9e2f1883dcd5c799cc53488
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:10 GMT
last-modified
Wed, 05 May 2021 15:21:03 GMT
server
Apache
x-cacheable
YES
etag
"1620228063"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646330.cds008.fr8.hn,1620646330.cds202.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
1942
home-opinion
d.newsweek.com/json/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.newsweek.com/json/home-opinion?time=1620644805&te=1620386476
Requested by
Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/518ec47cf8245d54b92ff59a32c5dd83.js?v=1620386476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
3644618ec7012ca1879d2068d71c6caa2d247f624515610f51a1d2748b63c64f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:10 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 11:07:00 GMT
server
Apache
x-cacheable
YES
etag
"1620644820"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646330.cds139.fr8.hn,1620646330.cds277.fr8.c
content-type
application/json
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, public, max-age=29030400, public
accept-ranges
bytes
content-length
2279
5223a1ce-3491-41b6-8910-5e9a5dbf2bd2
https://www.newsweek.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsweek.com/5223a1ce-3491-41b6-8910-5e9a5dbf2bd2
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
logo-n1.svg
g.newsweek.com/www/images/ 		409 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/www/images/logo-n1.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:10 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 09:49:29 GMT
server
Apache
etag
"1613382569"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646330.cds134.fr8.hn,1620646330.cds154.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
294
free-sign-up.svg
g.newsweek.com/www/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/www/images/free-sign-up.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:10 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 03:56:01 GMT
server
Apache
etag
"1614743761"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646330.cds134.fr8.hn,1620646330.cds135.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
1332
gdpr.bundle.js
gdpr.privacymanager.io/1/ 		175 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr.privacymanager.io/1/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:7a00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85368b94aad0e77f6076f6a9cf9fef9cc0d9a8baa6109b07dbc12c7ad153d1b5

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
lqAPaSOyme2YnDSSo2.EtgPaD9ISLn7k
content-encoding
gzip
etag
W/"7b034b05705b3042c4f97b63518891a3"
last-modified
Thu, 15 Apr 2021 14:21:36 GMT
server
AmazonS3
age
547
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 01ec1718bcc130455b377ec6b38ad50d.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Mon, 10 May 2021 11:23:05 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
rt_slsbyW5Y3LFBCwOKW4b5oiqmpQSIro5PO19A8X30e-K4vcN1H6A==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVS8NW5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3918
date
Mon, 10 May 2021 10:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Mon, 10 May 2021 12:26:52 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-HwrV1-WJV7CgQ-QW6lmhpm1SRL1GW3BbJWz8yT_pdW7Dppsw8cy9sxVhN8yT4CVHTRW6DbJr75WXMJWW97Zy9z8gmBRYW1MF2cR3rNbJdW8VZdr73vNY08W4wdjdx3T7ZFCW8Bml9R2YgjFyN2dlcvbWk9vqW6jjzvd7SXCtPW161TYj5PHszvW9bG0241bGS4lW8Bbh0d4ZV1BWW3Z0QV188j9nDW5SVJdl66-9D2W1H2KDZ493GZLW66jjyl6ZCC01VdCtkN3b_Lb6VcJz-p8tjH80W408LDp3LCf5CW8gdtLT7W7xZPW2w7pXW2nVp3lW5jrBcm8FPvrJW8pcGLf7vbSbH3mtG1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ae00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:19:44 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:04:46 GMT
server
nginx
age
747
etag
W/"60665f9e-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 d91c21a06968968452d701ff77f35a70.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
fgG1qEDs3tR6hr9cvWi5qThhJv2K-6sxITqMLfDHdC5GK6OexO8oNQ==
expires
Mon, 10 May 2021 13:19:44 GMT
implement-r.js
fqtag.com/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fqtag.com/tag/implement-r.js?org=YQwTNw4Muk9XFo4QH9JJ&p=www.newsweek.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
66788007326bb28be3e5d92262e40947d0cb5ec4f10023644f761ad36d31d5c6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:11 GMT
via
1.1 google
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2062
x-xss-protection
0
expires
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1620646330869&ns_c=UTF-8&c8=Top%20GOP%20Regulator%20Falsely%20Claims%20Vaccine%20Turns%20People%20Into%20%27Potted%20Plants%27&c7=https%3A%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1620646330869&ns_c=UTF-8&c8=Top%20GOP%20Regulator%20Falsely%20Claims%20Vaccine%20Turns%20People%20Into%20%27Potted%20Plants%27&c7=https%3A%...
64 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1620646330869&ns_c=UTF-8&c8=Top%20GOP%20Regulator%20Falsely%20Claims%20Vaccine%20Turns%20People%20Into%20%27Potted%20Plants%27&c7=https%3A%2F%2Fwww.newsweek.com%2Ftop-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E&c9=
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-18.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
via
1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
yLPPdWNMZvFy5oUI7kpHqosH_tFvIZBqQu3TsxkKoYEoh2pgV7VWNA==

Redirect headers

date
Mon, 10 May 2021 11:32:10 GMT
via
1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1620646330869&ns_c=UTF-8&c8=Top%20GOP%20Regulator%20Falsely%20Claims%20Vaccine%20Turns%20People%20Into%20'Potted%20Plants'&c7=https%3A%2F%2Fwww.newsweek.com%2Ftop-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E&c9=
content-length
470
x-amz-cf-id
Z7xztH9wpRQD05zTfhJqtlfjwnvh2pUN9CqC0NgI4VuCKvP84y4kdw==
check.svg
g.newsweek.com/www/images/ 		171 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/www/images/check.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
aa12b6968b55d509378d47dc26722bd22f3b62a5d85d11685817da0275601693
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:10 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 13:32:34 GMT
server
Apache
etag
"1620480754"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646330.cds134.fr8.hn,1620646330.cds233.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
158
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.153.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-153-196.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
74405
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Sun, 09 May 2021 14:52:07 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 9d11c99c18949c4780bf1400ceca8369.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
i9u_ExVNvraS-GbJ7rGlpbOV7ev669BRbzIgavv4IeaeoSzrzB6PTA==
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 10 May 2021 11:32:11 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://www.newsweek.com/
Bugsnag-Sent-At
2021-05-10T11:32:11.123Z
Bugsnag-Api-Key
6a718baeb7a9a3b44b6047423cea023a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 10 May 2021 11:32:11 GMT
via
1.1 google
bugsnag-session-uuid
a8d29f9f-547a-4fef-935f-11f7e3ec2a86
alt-svc
clear
content-length
21
content-type
application/json
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Mon, 10 May 2021 11:32:11 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
counter.js
gc.newsweek.com/front/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gc.newsweek.com/front/js/counter.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
fd90c74a256c879ce6d6774b6f837c13a0fc31a122dcc3352ab63f76191cbc11
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
content-encoding
gzip
last-modified
Sat, 10 Oct 2020 16:30:42 GMT
server
Apache
etag
"1602347442"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646331.cds013.fr8.hn,1620646331.cds145.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
873
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-75.zrh50.r.cloudfront.net
Software
/
Resource Hash
e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 04:31:29 GMT
via
1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront), 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
age
25242
x-amzn-requestid
c726a39b-9a8e-422f-9ef0-2fbc5aae818b
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6098b721-083ca9452ff8c82426a71c1b;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
HAM50-C3, ZRH50-C1
x-amz-apigw-id
fGGNREYDjoEF3BA=
content-length
30
x-amz-cf-id
ndiM5oquriHNLWM8oxMEfHczFBZcmsas5ZcckuFMV3Wsy8yN_RHP1A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
pubads_impl_2021042801.js
securepubads.g.doubleclick.net/gpt/ 		300 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 08:37:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108145
x-xss-protection
0
expires
Mon, 10 May 2021 11:32:11 GMT
bridge3.455.0_en.html
imasdk.googleapis.com/js/core/ Frame A4C9 		571 KB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.455.0_en.html
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aebbc3c2257a75d60685bb213d048a00c5dd444f44c63e9920ac2f43dec55983
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.455.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newsweek.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newsweek.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191255
date
Thu, 06 May 2021 14:48:18 GMT
expires
Fri, 06 May 2022 14:48:18 GMT
last-modified
Thu, 06 May 2021 14:40:48 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
333833
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Mon, 10 May 2021 11:32:11 GMT
president-joe-biden.webp
d.newsweek.com/en/full/1787650/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1787650/president-joe-biden.webp?w=790&h=444&q=75&f=64d131a0ae53ba2dc765c0385bc66cda
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
2d2b28073cceec1084619ee22cb15e64a19fb40ebabfb7c933cfd8b183940f3a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Tue, 04 May 2021 20:49:05 GMT
server
Apache
x-cacheable
YES
etag
"1620161345"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646331.cds008.fr8.hn,1620646331.cds008.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
27266
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://www.newsweek.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
site
www.pelcro.com/api/v1/sdk/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.pelcro.com/api/v1/sdk/site?site_id=1028&language=en
Requested by
Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5f6997ef2320ba8cebae37a138db2e682ab12129135574d705011c97e03dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1649
content-type
application/json
content-length
2391
cf-request-id
09f7a59d9b0000975ad22bc000000001
x-ua-compatible
IE=edge
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PATCH,PUT,DELETE,OPTIONS
content-language
en
access-control-allow-origin
*
cache-control
no-cache, private, max-age=0
accept-ranges
bytes
cf-ray
64d2d875cf7d975a-FRA
access-control-allow-headers
Authorization, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, X-PINGOTHER, Access-Control-Request-Method, Access-Control-Request-Headers, Cache-Control, X-Pelcro-Sdk-Version
robert-goldberg.webp
d.newsweek.com/en/full/1790515/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1790515/robert-goldberg.webp?w=63&h=63&f=744156d34c9e0b3779c13610431a4e3a
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
2180294a615b6326e3de1cd5728663a9e9c7fb9ff21d9e10d3c2b1c5df75925f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Mon, 10 May 2021 11:08:30 GMT
server
Apache
x-cacheable
YES
etag
"1620644910"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646331.cds008.fr8.hn,1620646331.cds163.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
2044
gordon-chang.webp
d.newsweek.com/en/full/1595774/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1595774/gordon-chang.webp?w=63&h=63&f=e6ac7c2e3f20ff658db6088a2c2ebef7
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
71a36ce53c8c7b6ab4b8b86e9fd7d0874245fc7f0884b7efa5041ec7a9324a7a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Tue, 22 Dec 2020 14:32:45 GMT
server
Apache
x-cacheable
YES
etag
"1608647565"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646331.cds008.fr8.hn,1620646331.cds160.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
2172
craig-parshall.webp
d.newsweek.com/en/full/1791509/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1791509/craig-parshall.webp?w=63&h=63&f=b1f329a79d9029156deeae8b586e3bf3
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
7ffd8332e8533d8878e569ed460c4ea8e24becb06da4fef3dfe77fffc2ffddb4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Mon, 10 May 2021 11:08:30 GMT
server
Apache
x-cacheable
YES
etag
"1620644910"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646331.cds008.fr8.hn,1620646331.cds012.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
2122
william-lambers.webp
d.newsweek.com/en/full/1779219/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1779219/william-lambers.webp?w=63&h=63&f=2db9e62651eccc1a07e2328a5bd23d61
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
98ada2f20ace30c628f3e5c2aeae635372ad2687dc9824a7c81b04a3375e1c22
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Sun, 09 May 2021 12:25:07 GMT
server
Apache
x-cacheable
YES
etag
"1620563107"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646331.cds008.fr8.hn,1620646331.cds229.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
2054
zaid-jilani.webp
d.newsweek.com/en/full/1726991/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1726991/zaid-jilani.webp?w=63&h=63&f=fd61fcf61a94f9c8cff8ad54a37bba06
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
f23c0cf83f19b4b302b90418d5d71045c1edc3ed7f9b2953f9f832eed366cbdb
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Sat, 01 May 2021 09:54:18 GMT
server
Apache
x-cacheable
YES
etag
"1619862858"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646331.cds008.fr8.hn,1620646331.cds015.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
2062
jonathan-frank.webp
d.newsweek.com/en/full/1791514/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1791514/jonathan-frank.webp?w=63&h=63&f=584475b738d0c3be30b923596f58dbb3
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
cac6fa173b5c98b7e7d35719f80633d2d39e17303247ad360bb9f9b62e6dd283
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Sun, 09 May 2021 12:25:07 GMT
server
Apache
x-cacheable
YES
etag
"1620563107"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646331.cds008.fr8.hn,1620646331.cds011.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
2090
lois-mccloskey-ann-celi-chloe-bird.webp
d.newsweek.com/en/full/1788003/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1788003/lois-mccloskey-ann-celi-chloe-bird.webp?w=63&h=63&f=d91c612fc2ac13d32bd4ec155e10f1c3
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
6a534e6cdeecbc6edeb5eeaab7772b29d205bc4220c5c6fe8f605fe81b77c0c9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Sun, 09 May 2021 10:42:55 GMT
server
Apache
x-cacheable
YES
etag
"1620556975"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646331.cds008.fr8.hn,1620646331.cds259.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
2304
newt-gingrich.webp
d.newsweek.com/en/full/83499/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/83499/newt-gingrich.webp?w=63&h=63&l=48&t=55&f=d8b4f8dfaad8a5f0f71bffcc6c0d6a77
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
134e2c21e9ce1ae2d2aac71755df2b753a6c912e20b7fe734c216f4bb026d618
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Wed, 28 Apr 2021 21:19:12 GMT
server
Apache
x-cacheable
YES
etag
"1619644752"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646331.cds008.fr8.hn,1620646331.cds239.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
2180
depetris-new.webp
d.newsweek.com/en/full/1671583/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1671583/depetris-new.webp?w=63&h=63&f=6f134a6e9d2cd376c8ae9fd558a630d6
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
4d2e28ae6a54f406031e363b154ea0fcb41e5e19f53137d142d4c0461a976115
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Wed, 18 Nov 2020 04:20:57 GMT
server
Apache
x-cacheable
YES
etag
"1605673257"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646331.cds008.fr8.hn,1620646331.cds004.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
2052
paul-bambrick-stephen-chiger.webp
d.newsweek.com/en/full/1790329/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1790329/paul-bambrick-stephen-chiger.webp?w=63&h=63&f=546f098ee1e1238901080ac521c5d4df
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
fcd036ae5e6f1ee13790e41fcd22034f99f8bacfbdb95516bbfe7d9f3c31907b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Fri, 07 May 2021 13:31:25 GMT
server
Apache
x-cacheable
YES
etag
"1620394285"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1620646331.cds008.fr8.hn,1620646331.cds166.fr8.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
2280
biden-vaccine-may-4-cms-2-1620159817.m3u8
video.newsweek.com/transcoder/480hls/2595/ 		492 B
802 B 		Media
General
Check archive.org
Download Go to
Full URL
https://video.newsweek.com/transcoder/480hls/2595/biden-vaccine-may-4-cms-2-1620159817.m3u8
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4acc30393eaf1d64e84457ea82dda8b9e557fc13026d39349b367867e21877f

Request headers

Referer
https://www.newsweek.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Tue, 04 May 2021 20:23:54 GMT
server
AmazonS3
x-amz-request-id
4GRKNRK0BSH6KWSZ
etag
"23cd481bb8e01910e8195fd2048b266f"
x-hw
1620646331.cds140.fr8.hn,1620646331.cds204.fr8.c
content-type
application/x-mpegURL
Content-Range
bytes 0-491/492
cache-control
max-age=2141879
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
492
x-amz-id-2
45cvrpMbQmYVURC4p59AwDpXNsNXz67/TfJJmL7JtkUFSuz3cEIPU8m59SUICeIg29hVIMw+oz0=
bid
c.amazon-adsystem.com/e/dtb/ 		189 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2Ftop-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E&pid=ldXEGeHF0VOXa&cb=0&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right1%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22id%22%3A%22Newsweek_VideoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%2C%22cmpTimeout%22%3A500%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.153.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-153-196.txl52.r.cloudfront.net
Software
Server /
Resource Hash
374f5d96c910e2e5ae3abcd81bf2cbe1c4a7eb2ec5779a4e42cc5672ee95b289

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:12 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
TXL52-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
171
via
1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
x-amz-cf-id
UJ6TGyERic1SMAyBCEdqNAf7Si7j0t-MRcZStJt3aHr1kxnuqEOlDQ==
biden-vaccine-may-4-cms-2-1620159817.m3u8
video.newsweek.com/transcoder/480hls/2595/ 		492 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.newsweek.com/transcoder/480hls/2595/biden-vaccine-may-4-cms-2-1620159817.m3u8
Requested by
Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/07bba1a9c30c8f01d28d980808d6b064.js?v=1620386476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4acc30393eaf1d64e84457ea82dda8b9e557fc13026d39349b367867e21877f

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:11 GMT
last-modified
Tue, 04 May 2021 20:23:54 GMT
server
AmazonS3
x-amz-request-id
4GRKNRK0BSH6KWSZ
etag
"23cd481bb8e01910e8195fd2048b266f"
x-hw
1620646331.cds140.fr8.hn,1620646331.cds204.fr8.c
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
max-age=2141879
accept-ranges
bytes
content-length
492
x-amz-id-2
45cvrpMbQmYVURC4p59AwDpXNsNXz67/TfJJmL7JtkUFSuz3cEIPU8m59SUICeIg29hVIMw+oz0=
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=newsweek.com&p=%2Ftop-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912&u=Cbhg4_CerGkLHwSAG&d=newsweek.com&g=65968&g0=Politics&g1=Christina%20Zhao&n=1&f=00001&c=0&x=0&m=0&y=7249&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2883&t=ov8TsC0IDO8BZgjljDgvHIco18Ul&V=126&i=Top%20GOP%20Regulator%20Falsely%20Claims%20Vaccine%20Turns%20People%20Into%20%27Potted%20Plants%27&tz=-120&_acct=anon&sn=1&sv=CUJOChBSrRlFBD5QZQDd22hFDNzcLp&sd=1&im=067b0ef0&_
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.213.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-213-29.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
pixel.js
cdn.fqtag.com/1.27.339-ccfb11a/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.36.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:23:16 GMT
age
536
x-guploader-uploadid
ABg5-UxyT01NK-dWCeTM_EknFw_ADCUX7OgzgqeobGzUY02KM6LTkthoBSniwNqDDfsdZ6nBI58PJ5eZ7Z3tHz7JVnFh0YKdag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89647
last-modified
Wed, 27 Jan 2021 19:48:44 GMT
server
UploadServer
etag
"e0eff30579598f76147c9ea12f490d21"
x-goog-hash
crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
content-language
en
x-goog-generation
1611776924905378
x-goog-expiration
Sun, 11 Nov 2294 19:48:44 GMT
cache-control
public, max-age=3600
x-goog-stored-content-length
89647
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 10 May 2021 12:23:16 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-44450862-1&cid=1498701933.1620646332&jid=2108312749&gjid=1845923166&_gid=424034975.1620646332&_u=YGBAgUABAAAAAE~&z=2014597591
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 10 May 2021 11:32:12 GMT
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1020735993&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsweek.com%2Ftop-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E&ul=en-us&de=UTF-8&dt=Top%20GOP%20Regulator%20Falsely%20Claims%20Vaccine%20Turns%20People%20Into%20%27Potted%20Plants%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUAB~&jid=2108312749&gjid=1845923166&cid=1498701933.1620646332&tid=UA-44450862-1&_gid=424034975.1620646332&gtm=2wg4s0TVS8NW5&cd1=Christina%20Zhao&cd2=Politics&cd3=&cd4=US&cd5=en&cd6=article&cd7=1589912&cd8=20210509&cd9=202105&cd10=newsweek.com%2Fpolitics%2Farticle&cd12=N&cd13=N&cd14=Y&cd15=Y&cd17=Law%2C%20Gov%27t%20%26%20Politics&cd18=related&cd19=web&cd20=15&cd21=7&cd22=article&cd23=web&cd24=N&cd25=Republicans%2C%20GOP%2C%20Vaccine%2C%20Coronavirus&cd26=ndef&cd27=nonpromoted&cd28=Breaking%20News%20-%20OTH%20(NZ)&cd30=Y&cd31=0&cd32=N&cd33=ndef&cd34=anon&cd35=440&cd36=Direct&cd37=4g&cd38=web&cd40=Aggregation&cd41=1&cd42=2&z=10641820
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 10:11:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4817
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
api-location-prd.pelcro.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-location-prd.pelcro.com/
Protocol
H2
Server
13.225.74.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-104.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,x-pelcro-sdk-version
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Mon, 10 May 2021 11:32:12 GMT
x-amzn-requestid
fb79ff66-2e4e-4e3e-9f3b-113f21760302
access-control-allow-origin
*
allow
GET
access-control-allow-headers
Authorization, Cache-Control, X-Pelcro-Sdk-Version
x-amz-apigw-id
fHD1dE9vIAMFdVA=
access-control-allow-methods
GET
x-cache
Miss from cloudfront
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
oM3wE7weawT3bZl9cElwlbjSlX6Ejc5hR95gGn2UmeV-vSUedHrX9g==
/
api-location-prd.pelcro.com/ 		350 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-location-prd.pelcro.com/
Requested by
Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-104.fra2.r.cloudfront.net
Software
/
Resource Hash
6d2d492670d72801262c085eab2f3d8264e662536106f67877ca485db8065df3

Request headers

Accept
application/json
Cache-Control
max-age=0
Referer
https://www.newsweek.com/
X-Pelcro-Sdk-Version
2.4.29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:12 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
86f84f3f-4682-41c5-97bb-8b55fcbcb316
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-609919bc-7634214a4117193c1470ad9c;Sampled=0
access-control-allow-credentials
true
x-amz-apigw-id
fHD1gFFeoAMFoSQ=
content-length
350
x-amz-cf-id
aFl_6KSWctj5hrcC-fRPGHHRCyEvYKbktEKpospRcrcRenxrlkniKA==
3158e17a-ec6e-43df-a043-63b2a2a04b2c
https://www.newsweek.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsweek.com/3158e17a-ec6e-43df-a043-63b2a2a04b2c
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
485d1e9597d74b48109f11c4bde59393d4a232d99a31a3c6989d5e56ff9a5fbf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5299
Content-Type
application/javascript
article
stats.newsweek.com/counter/ 		14 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.newsweek.com/counter/article?ack=sys_callback&site_id=7&c_what=article&a_id=1589912&r_id=27860&c_id=108&c_url=&referer=&device=desktop&a_editor=1&c_country=CH&xz=5&c_uque=1&c_ruque=1&c_visits=1
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.255.214 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-255-214.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:12 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=25920000
strict-transport-security
max-age=86400; includeSubDomains
content-length
34
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-44450862-1&cid=1498701933.1620646332&jid=2108312749&_u=YGBAgUABAAAAAE~&z=947229532
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-44450862-1&cid=1498701933.1620646332&jid=2108312749&_u=YGBAgUABAAAAAE~&z=947229532
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D9BC 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1066
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Mon, 10 May 2021 12:14:26 GMT
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Protocol
H2
Server
2600:9000:20e8:9800:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Sun, 09 May 2021 17:11:47 GMT
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-allow-headers
content-type
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
JMkaz772lm5NwcuglbueA3MrOAkqlWuAi8ygxBnqSgHcRBD7CADPVA==
age
66026
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Server
13.224.95.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-75.zrh50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Mon, 10 May 2021 11:32:12 GMT
x-amzn-requestid
f2c9ba0b-8d00-4b29-94b0-f90826c00f81
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
fHD1eHR8joEFvkw=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront), 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1 ZRH50-C1
x-cache
Miss from cloudfront
x-amz-cf-id
-Tf5CBqHN53S-aexXSX7YbgFLJw-Iq31DiXGUgqPR1VIYqb8spxYMg==
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ 		51 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Requested by
Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:9800:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b89c53af0daa8ade19397650fa2265056c4bc68f36f9c3cd4ea0b061a4119955

Request headers

Accept
application/json
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-amz-version-id
vuNv2N_fIQPrY_lbWE8a00FRLdn0G5Fq
content-encoding
gzip
etag
W/"ae7f7944b29d8d1bdcd4918a9caa917e"
age
1198
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sun, 09 May 2021 17:10:42 GMT
server
AmazonS3
date
Mon, 10 May 2021 11:14:28 GMT
access-control-allow-methods
GET
content-type
application/json
via
1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
H_e7VET2SKnFOySB0KZNDTSVob1D0hwqgTHqrHy0hcYXdOV9iUjCPg==
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-75.zrh50.r.cloudfront.net
Software
/
Resource Hash
e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab

Request headers

Accept
application/json
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 May 2021 04:31:29 GMT
via
1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront), 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
age
25243
x-amzn-requestid
c726a39b-9a8e-422f-9ef0-2fbc5aae818b
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6098b721-083ca9452ff8c82426a71c1b;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
HAM50-C3, ZRH50-C1
x-amz-apigw-id
fGGNREYDjoEF3BA=
content-length
30
x-amz-cf-id
vbpJJ53Dp76wKlxbJ4ngfDltf_4bflaWlFLdhoU6cgt1nD1Wkf9IXA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
userEvents:collect
recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/ 		7 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/userEvents:collect?key=AIzaSyC941bziWOAfKYUryv4ZGBrZgm3nYWfyzE&uri=https%3A%2F%2Fwww.newsweek.com%2Ftop-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E&user_event=%7B%22eventType%22%3A%22detail-page-view%22%2C%22userInfo%22%3A%7B%22visitorId%22%3A%22GA1.2.1498701933.1620646332%22%7D%2C%22productEventDetail%22%3A%7B%22productDetails%22%3A%5B%7B%22id%22%3A%221589912%22%7D%5D%7D%7D&ets=1620646332494
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:12 GMT
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
vary
Origin, X-Origin, Referer
content-length
7
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame E5E4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
311 B
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
1150566eb9fe9f889b12323429562fe74682d81ff55aa1ebad111733f3b6b4be

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newsweek.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1TBcSYevkfkgjmIFGDLILA|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newsweek.com/

Response headers

Server
Server
Date
Mon, 10 May 2021 11:32:13 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
236
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A1TBcSYevkfkgjmIFGDLILA; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 11:32:12 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 11:32:13 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Mon, 10 May 2021 11:32:12 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Set-Cookie
ad-id=A1TBcSYevkfkgjmIFGDLILA|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 11:32:12 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
main.min.js
js.pelcro.com/ui/plugin/newsweek/ 		694 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.pelcro.com/ui/plugin/newsweek/main.min.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5e00:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8304c4370f3c0694fadf3af1b943722fb21e278e8a30639d8d5a3f9ad1009d62

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 11:42:53 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 06:15:25 GMT
server
AmazonS3
age
85835
etag
"6b6eac342923d463ecdc8d25c3c7c434"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
114545
x-amz-cf-id
nfuCaH58empaqrx0uBxNr1qvGcZUDV_ulmWTNVzqJXMmxMWpXcI_zg==
/
js.stripe.com/v3/ 		231 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0fa5d7802f3c053b08ac896377916d36270c68c9ea74a9190edf9386275668d1
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:13 GMT
content-encoding
br
vary
Accept-Encoding
age
213
via
1.1 varnish
x-cache
HIT
content-length
55777
x-amz-id-2
o4t7U+5PP3MIYOj2W+31LwV/tXUSQuen+rWc8Q/YS7mH1tzJWYXLsMIFFnWciNw37A/zAmkWuL0=
x-served-by
cache-hhn4053-HHN
timing-allow-origin
*
last-modified
Fri, 07 May 2021 21:54:08 GMT
server
AmazonS3
etag
"f742f2a3188cb37134280655f9175c70"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
Y7V0TFMDYGXJ8MZH
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
309
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 10:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2403
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
expires
Mon, 10 May 2021 11:52:10 GMT
1028-1590365569.png
uploads.pelcro.com/images/site/logo/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads.pelcro.com/images/site/logo/1028-1590365569.png
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
26afa415e1221eefb1b5aeac203c50935a2fb77ad77589f509d90202cc617c6d

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:13 GMT
last-modified
Mon, 25 May 2020 00:12:51 GMT
server
keycdn-engine
x-amz-request-id
98112EB897C47437
x-edge-location
defr
etag
"4c7eb5b8728731b18c9f2043dd25b97b"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<http://pelcro-uploads.s3-website-us-east-1.amazonaws.com/images/site/logo/1028-1590365569.png>; rel="canonical"
content-length
7383
x-amz-id-2
/e3PG9RxofwvLlQoJyxZeSRTOtTkCFqe7URKVFcrhfBGkD5VLr2RdUf3CJKnlpuvnPVPA4+N2sA=
expires
Mon, 17 May 2021 11:32:13 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 1298 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f213a25b17a1082269b78663f1e041f98b88cb028c9015ec457991b0d0e63ec1

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1TBcSYevkfkgjmIFGDLILA; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Mon, 10 May 2021 11:32:13 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
798
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1020735993&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.newsweek.com%2Ftop-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E&ul=en-us&de=UTF-8&dt=Top%20GOP%20Regulator%20Falsely%20Claims%20Vaccine%20Turns%20People%20Into%20%27Potted%20Plants%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=article_meter&ea=meter_visible&el=6%20articles%20remaining&_u=aGDAAUIRAAAAAG~&jid=478388175&gjid=348455709&cid=1498701933.1620646332&tid=UA-44450862-1&_gid=424034975.1620646332&_r=1&gtm=2wg4s0TVS8NW5&cd1=Christina%20Zhao&cd2=Politics&cd3=&cd4=US&cd5=en&cd6=article&cd7=1589912&cd8=20210509&cd9=202105&cd10=newsweek.com%2Fpolitics%2Farticle&cd12=N&cd13=N&cd14=Y&cd15=Y&cd17=Law%2C%20Gov%27t%20%26%20Politics&cd18=related&cd19=web&cd20=15&cd21=7&cd22=article&cd23=web&cd24=N&cd25=Republicans%2C%20GOP%2C%20Vaccine%2C%20Coronavirus&cd26=Y&cd27=nonpromoted&cd28=Breaking%20News%20-%20OTH%20(NZ)&cd30=Y&cd31=0&cd32=N&cd33=ndef&cd34=anon&cd35=440&cd36=Direct&cd37=4g&cd38=web&cd40=Aggregation&cd41=1&cd42=2&z=1380423691
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-44450862-1&cid=1498701933.1620646332&jid=478388175&gjid=348455709&_gid=424034975.1620646332&_u=aGDAAUIRAAAAAG~&z=322361911
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 10 May 2021 11:32:13 GMT
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1298
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=19c24e991cc05a82e55b
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=19c24e991cc05a82e55b
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:13 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 10 May 2021 11:32:13 GMT
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=19c24e991cc05a82e55b
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
r7muxGOivUNMMfunltICRHDHMBSl3fW2roNxwHn9tf4roGCfl0-4Gg==
um
cs.emxdgt.com/ Frame 1298 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:13 GMT
content-length
0
content-type
text/html
amzns2s
rtb.gumgum.com/usync/ Frame 5485 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e5d34237538c418fbc6ad62cf0b1a0959bde8e7318c78adb89b0b46f045fa8c8

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:13 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_3508ec37-4721-439f-9769-43e0e442ac64; Domain=.gumgum.com; Expires=Tue, 10-May-2022 11:32:13 GMT; Path=/; Secure; SameSite=None
etag
W/"064525b0effdaf4df28eb4e855d498e6c"
timing-allow-origin
*
content-encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 95D4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ce41d21d911ed2f698b60ef3680104adde2585787e5df20f79092a39995e9ea0

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YJkZvbGOoxKa1tT416I5LgAA; CMPS=3202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|188|218|47|111
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1675
Expires
Mon, 10 May 2021 11:32:13 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 10 May 2021 11:32:13 GMT
Connection
keep-alive
Set-Cookie
CMID=YJkZvbGOoxKa1tT416I5LgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 10 May 2022 11:32:13 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 Aug 2021 11:32:13 GMT CMPRO=1130;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 Aug 2021 11:32:13 GMT CMST=YJkZvWCZGb0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 11 May 2021 11:32:13 GMT CMRUM3=6f609919bd05a0&f1609919bd05a0&e6609919bd27600&27609919bd0b40&da609919bd27600&2d609919bd05a0&bc609919bd05a00&2f609919bd05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 10 May 2022 11:32:13 GMT

Redirect headers

Server
Apache
Content-Length
333
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 10 May 2021 11:32:13 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 10 May 2021 11:32:13 GMT
Connection
keep-alive
Set-Cookie
CMID=YJkZvbGOoxKa1tT416I5LgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 10 May 2022 11:32:13 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 Aug 2021 11:32:13 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1B7B
Redirect Chain
  • https://cs.admanmedia.com/sync/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dacuity.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1TBcSYevkfkgjmIFGDLILA; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 10 May 2021 11:32:14 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx
Date
Mon, 10 May 2021 11:32:13 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
admtr=0c71ed9c9c68ee4f9bd9c101ca551552239b6451; path=/; domain=.admanmedia.com; expires=Tue, 10 May 2022 11:32:13 GMT; max-age=31536000 ;SameSite=None; Secure
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
cm
u.openx.net/w/1.0/ Frame 5058
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...
628 B
695 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
1f1e6e2c3cabebed69823fc9cf8d77bb48876706e2f91f445eaf4057c6a85b46

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=52c18207-806d-09a7-2b8a-b820633a2fa5|1620646333
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=52c18207-806d-09a7-2b8a-b820633a2fa5|1620646333; Version=1; Expires=Tue, 10-May-2022 11:32:13 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620646333|gen0vNiygu; Version=1; Expires=Tue, 25-May-2021 11:32:13 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 10 May 2021 11:32:13 GMT
content-type
text/html
content-length
393
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=52c18207-806d-09a7-2b8a-b820633a2fa5|1620646333; Version=1; Expires=Tue, 10-May-2022 11:32:13 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date
Mon, 10 May 2021 11:32:13 GMT
content-length
0
via
1.1 google
alt-svc
clear
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2BBA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=2471799407862687914&ex=districtm
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=2471799407862687914&ex=districtm
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1TBcSYevkfkgjmIFGDLILA; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 10 May 2021 11:32:13 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Mon, 10 May 2021 11:32:13 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=2471799407862687914&ex=districtm
AN-X-Request-Uuid
17504b66-c146-4f8c-b1f6-019e26991b84
Set-Cookie
uuid2=2471799407862687914; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 08-Aug-2021 11:32:13 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.51:80
current
amazon-tam-match.dotomi.com/match/bounce/ Frame 1BB8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 10 May 2021 11:32:13 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3232 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=44380
Expires
Mon, 10 May 2021 23:51:53 GMT
Date
Mon, 10 May 2021 11:32:13 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A535 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 10 May 2021 11:32:13 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5B5F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-KjGNRfl1l2O8W8jKYr7ggnk597AsRM0-&
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-KjGNRfl1l2O8W8jKYr7ggnk597AsRM0-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1TBcSYevkfkgjmIFGDLILA; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 10 May 2021 11:32:13 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Mon, 10 May 2021 11:32:13 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1y1n;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Wed, 11-May-2022 11:32:13 GMT;Secure;SameSite=None A3=d=AQABBL0ZmWACEHuUbDxUmXLJjBXS2x2FL7QFEgEBAQFrmmCiYAAAAAAA_eMAAA&S=AQAAAoNJcx-AxuaLb3RGcjg5dt0; Expires=Tue, 10 May 2022 17:32:13 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=b8bs53lg9i6dt&b=3&s=7n; Expires=Tue, 10 May 2022 17:32:13 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-KjGNRfl1l2O8W8jKYr7ggnk597AsRM0-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.128
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3C5E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=1519667192218967455&ex=appnexus.com
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=1519667192218967455&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1TBcSYevkfkgjmIFGDLILA; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 10 May 2021 11:32:13 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Mon, 10 May 2021 11:32:13 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=1519667192218967455&ex=appnexus.com
AN-X-Request-Uuid
c78ab64a-10ad-4adb-99b3-d9428631176d
Set-Cookie
uuid2=1519667192218967455; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 08-Aug-2021 11:32:13 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.233:80
Cookie set amazon
ap.lijit.com/beacon/ Frame 120D
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
24866b4c57618123a0094663d461cec423235da5f9a3681f732d79f36c7d05fd

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=289dd4938e5c47b495a076bb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 10 May 2021 11:32:13 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVrIwUbIyNDMytDA1tTQ21lGyMEPlGxmj8k3R5SF8AzMLS1Nj41oAnXUQaA%3D%3D;Path=/;Domain=.lijit.com;Expires=Tue, 10-May-2022 11:32:13 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=289dd4938e5c47b495a076bb;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap5ams1

Redirect headers

Server
nginx
Date
Mon, 10 May 2021 11:32:13 GMT
Content-Length
0
Set-Cookie
ljt_reader=289dd4938e5c47b495a076bb;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap5ams1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 84C0
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2471077167044150507
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2471077167044150507
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1TBcSYevkfkgjmIFGDLILA; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 10 May 2021 11:32:13 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Mon, 10 May 2021 11:32:13 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=2471077167044150507
set-cookie
tluid=2471077167044150507; Max-Age=7776000; Expires=Sun, 08 Aug 2021 11:32:13 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-44450862-1&cid=1498701933.1620646332&jid=478388175&_u=aGDAAUIRAAAAAG~&z=685353310
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-44450862-1&cid=1498701933.1620646332&jid=478388175&_u=aGDAAUIRAAAAAG~&z=685353310
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5058 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=d9bbc123-3540-8daa-b152-f25f6f2ed7b8
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:13 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5058
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=6zElIuw4fn_wYy8qvDAxI-8xJC3wMC94vzX8bXm3
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=6zElIuw4fn_wYy8qvDAxI-8xJC3wMC94vzX8bXm3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=6zElIuw4fn_wYy8qvDAxI-8xJC3wMC94vzX8bXm3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5058
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6193763558648326398
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6193763558648326398
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6193763558648326398
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6193763558648326398
date
Mon, 10 May 2021 11:32:14 GMT
via
1.1 google
server
OXGW/16.206.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
openx
match.adsrvr.org/track/cmf/ Frame 5058 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=816dbd5e-29ea-3650-715c-70c8071d1c58&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-153-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5058
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWQwMjZlOTQtZTA5ZC02OGY0LTY0YmMtMmE3MWNkZmZkMjM4
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWQwMjZlOTQtZTA5ZC02OGY0LTY0YmMtMmE3MWNkZmZkMjM4&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWQwMjZlOTQtZTA5ZC02OGY0LTY0YmMtMmE3MWNkZmZkMjM4&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWQwMjZlOTQtZTA5ZC02OGY0LTY0YmMtMmE3MWNkZmZkMjM4&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5058
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFpj35g3pkKJuSjm0WmOOvs&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFpj35g3pkKJuSjm0WmOOvs&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFpj35g3pkKJuSjm0WmOOvs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3930 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=97982
Expires
Tue, 11 May 2021 14:45:15 GMT
Date
Mon, 10 May 2021 11:32:13 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame A535 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35978
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9238
Expires
Mon, 10 May 2021 21:31:51 GMT
usersync
rtb.gumgum.com/ Frame 5485
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=1519667192218967455
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=1519667192218967455
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:13 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.205:80
AN-X-Request-Uuid
8669c7f5-b9a5-4683-a66f-da5f1e6c12e5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=1519667192218967455
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 5485
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3508ec37-4721-439f-9769-43e0e442ac64&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3508ec37-4721-439f-9769-43e0e442ac64&gdpr=&gdpr_consent=&us_privacy=
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3Df233d128-f76b-49ac-8fa2-a0ab7fb...
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3Df233d128-f76b-49ac-8fa2-a...
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=ywdXMJ8Q1LG4905&expires=30&ssp=gumgum2&bsw_param=f233d128-f76b-49ac-8fa2-a0ab7fb868f8
  • https://rtb.gumgum.com/usersync?b=bsw&i=f233d128-f76b-49ac-8fa2-a0ab7fb868f8
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=f233d128-f76b-49ac-8fa2-a0ab7fb868f8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=f233d128-f76b-49ac-8fa2-a0ab7fb868f8
date
Mon, 10 May 2021 11:32:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame 5485
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28cCY-DOuJjUHrnbMcrXI8NiLrk65-GP6B_CUofLHJy90ko-f-UVU68J2KQYbnCTQO%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28cCY-DOuJjUHrnbMcrXI8NiLrk65-GP6B_CUofLHJy90ko-f-UVU68J2KQYbnCTQO%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28cCY-DOuJjUHrnbMcrXI8NiLrk65-GP6B_CUofLHJy90ko-f-UVU68J2KQYbnCTQO%29
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28cCY-DOuJjUHrnbMcrXI8NiLrk65-GP6B_CUofLHJy90ko-f-UVU68J2KQYbnCTQO%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28cCY-DOuJjUHrnbMcrXI8NiLrk65-GP6B_CUofLHJy90ko-f-UVU68J2KQYbnCTQO%29
Date
Mon, 10 May 2021 11:32:14 GMT
Connection
close
X-TraceId
b71266c027ba378ef3c6284c7a1887e
Content-Length
0
usersync
rtb.gumgum.com/ Frame 5485
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=7650192e-01ff-0e06-1627-6025cf4d1d1e
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=7650192e-01ff-0e06-1627-6025cf4d1d1e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 10 May 2021 11:32:13 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=7650192e-01ff-0e06-1627-6025cf4d1d1e
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 5485
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-f1736216-1a19-45e8-6d5c-6b4f9ae13a22$ip$185.156.175.107
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-f1736216-1a19-45e8-6d5c-6b4f9ae13a22$ip$185.156.175.107
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-f1736216-1a19-45e8-6d5c-6b4f9ae13a22$ip$185.156.175.107
Date
Mon, 10 May 2021 11:32:14 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 5485
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-jdIvJQ1E2pfJ95sgaJvj0YeGDm.BPvejURIu~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-jdIvJQ1E2pfJ95sgaJvj0YeGDm.BPvejURIu~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 10 May 2021 11:32:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-jdIvJQ1E2pfJ95sgaJvj0YeGDm.BPvejURIu~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 5485
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=5e11d168-b183-11eb-9749-09462eaa0c2c
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=5e11d168-b183-11eb-9749-09462eaa0c2c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=5e11d168-b183-11eb-9749-09462eaa0c2c
Date
Mon, 10 May 2021 11:32:13 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
5e11d169-b183-11eb-9749-09462eaa0c2c
services
sync.technoratimedia.com/ Frame 5485 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:14 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
782021997
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 5485 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:13 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame 5485
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3508ec37-4721-439f-9769-43e0e442ac64&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Mon, 10 May 2021 11:32:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 5485
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=3f967788-8c89-4874-8493-af97661bc595
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=3f967788-8c89-4874-8493-af97661bc595
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=3f967788-8c89-4874-8493-af97661bc595
date
Mon, 10 May 2021 11:32:14 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 5485
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2105431389
  • https://sync.1rx.io/usersync/tradedesk/48843a77-64ce-4c8c-88df-053978dbfac3
  • https://sync.targeting.unrulymedia.com/csync/RX-022d5c59-0a50-4681-aebd-66144f076ad4-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-022d5c59-0a50-4681-aebd-66144f076ad4-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-022d5c59-0a50-4681-aebd-66144f076ad4-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-022d5c59-0a50-4681-aebd-66144f076ad4-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:16 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-022d5c59-0a50-4681-aebd-66144f076ad4-003
date
Mon, 10 May 2021 11:32:16 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX022d5c590a504681aebd66144f076ad4003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 5485
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=03f0Ul1h7mWH&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=03f0Ul1h7mWH&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:17 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=03f0Ul1h7mWH&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-bdsjx
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5485 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_3508ec37-4721-439f-9769-43e0e442ac64
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:14 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame C565
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=38186099-19be-4300-bc09-b9aefc0feb57&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=38186099-19be-4300-bc09-b9aefc0feb57&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=38186099-19be-4300-bc09-b9aefc0feb57&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 10 May 2021 11:34:02 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3709 11aaa92 master cdg-pixel-x30
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=38186099-19be-4300-bc09-b9aefc0feb57; domain=.mathtag.com; path=/; expires=Tue, 07-Jun-2022 11:32:14 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=38186099-19be-4300-bc09-b9aefc0feb57&gdpr=&gdpr_consent=
Expires
Mon, 10 May 2021 11:34:01 GMT
usersync
rtb.gumgum.com/ Frame A7D6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YJkZvgAA3yndnQA4
  • https://rtb.gumgum.com/usersync?b=atm&i=YJkZvgAA3yndnQA4&gdpr=&gdpr_consent=&_test=YJkZvgAA3yndnQA4
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YJkZvgAA3yndnQA4&gdpr=&gdpr_consent=&_test=YJkZvgAA3yndnQA4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YJkZvgAA3yndnQA4&gdpr=&gdpr_consent=&_test=YJkZvgAA3yndnQA4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YJkZvgAA3yndnQA4&gdpr=&gdpr_consent=&_test=YJkZvgAA3yndnQA4
accept-ranges
bytes
date
Mon, 10 May 2021 11:32:14 GMT
via
1.1 varnish
x-served-by
cache-hhn4067-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1620646334.121046,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame A47D 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNTA4ZWMzNy00NzIxLTQzOWYtOTc2OS00M2UwZTQ0MmFjNjQ=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNTA4ZWMzNy00NzIxLTQzOWYtOTc2OS00M2UwZTQ0MmFjNjQ=&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkGlw9Qs908vsCQnXGSROssbY-j9xeEhZcT1jIhhrJOV9V-PtS1TO2e622YBxo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Mon, 10 May 2021 11:32:13 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 594F 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=44380
Expires
Mon, 10 May 2021 23:51:53 GMT
Date
Mon, 10 May 2021 11:32:13 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame CDB8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
2020008
server
33XP004
date
Mon, 10 May 2021 11:32:13 GMT
usersync
rtb.gumgum.com/ Frame 5BDC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=48843a77-64ce-4c8c-88df-053978dbfac3&t=1623238334
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=48843a77-64ce-4c8c-88df-053978dbfac3&t=1623238334
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=48843a77-64ce-4c8c-88df-053978dbfac3&t=1623238334
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 10 May 2021 11:32:14 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=48843a77-64ce-4c8c-88df-053978dbfac3&t=1623238334
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=48843a77-64ce-4c8c-88df-053978dbfac3; domain=.adsrvr.org; expires=Tue, 10-May-2022 11:32:14 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwjq2ujTv-zJORAFOAE.; domain=.adsrvr.org; expires=Tue, 10-May-2022 11:32:14 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame C032 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Mon, 10 May 2021 11:32:13 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 9957
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YJkZvsCo8YkAAP-qF5IAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YJkZvsCo8YkAAP-qF5IAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YJkZvsCo8YkAAP-qF5IAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 10 May 2021 11:32:14 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YJkZvsCo8YkAAP-qF5IAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YJkZvsCo8YkAAP-qF5IAAAAA; path=/; expires=Wed, 10-May-23 11:32:14 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
2
X-SO-HostName
m-ad73.dc4p.scaleout.jp
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":25,"gdpr":false,"ipv4":"185.156.175.107","key":"YJkZvsCo8YkAAP-qF5IAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad73"}
X-SO-Key
YJkZvsCo8YkAAP-qF5IAAAAA
X-SO-IP
185.156.175.107
X-SO-Cluster-ID
25
X-SO-Upstream-ID
m-ad73
usersync
rtb.gumgum.com/ Frame 5BC8
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=875739026647455931
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=875739026647455931
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=875739026647455931
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 10 May 2021 11:32:14 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAFslxmtoZmRgZmJmbGxiaGAAAFGuqesQAAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 4 Jun 2022 11:32:14 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSsjA3NTe2NDAyMzMxNzE1tTQ2FOIz1DX3yk_KCzWu8HQ1rpLiNTQzMjAzMTM2NjE0MAAApWj31TMAAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 4 Jun 2022 11:32:14 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSsjA3NTe2NDAyMzMxNzE1tTQ2FOIz1DX3yk_KCzWu8HQ1rgIAc-sIKiQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=875739026647455931
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 02E8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=x0YSYGqygZE4TIrXRGr4&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=x0YSYGqygZE4TIrXRGr4&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=x0YSYGqygZE4TIrXRGr4&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 10 May 2021 11:32:14 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 10 May 2021 11:32:14 GMT Mon, 10 May 2021 11:32:14 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=x0YSYGqygZE4TIrXRGr4&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
dcm
s.amazon-adsystem.com/ Frame 95D4 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YJkZvbGOoxKa1tT416I5LgAABGoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:14 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 95D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJkZvbGOoxKa1tT416I5LgAABGoAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEPvu2Q18zGLL4EjpbZq8vVg&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEPvu2Q18zGLL4EjpbZq8vVg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 10 May 2021 11:32:14 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEPvu2Q18zGLL4EjpbZq8vVg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 95D4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YJkZvbGOoxKa1tT416I5LgAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-153-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 95D4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJkZvbGOoxKa1tT416I5LgAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YJkZvbGOoxKa1tT416I5LgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ-twSVZB9sn-8M2Bajz294&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ-twSVZB9sn-8M2Bajz294&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 May 2021 11:32:14 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ-twSVZB9sn-8M2Bajz294&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame 95D4 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.11.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
demconf.jpg
dpm.demdex.net/ Frame 95D4
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJkZvbGOoxKa1tT416I5LgAA%261130
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YJkZvbGOoxKa1tT416I5LgAA%261130
42 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YJkZvbGOoxKa1tT416I5LgAA%261130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-120-236.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-0835a9c1f.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Qty6HDYRT34=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v005-0bfa53a0d.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
k2su9SYOSiA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YJkZvbGOoxKa1tT416I5LgAA%261130
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 95D4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=j5Iywy801LG4905
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=j5Iywy801LG4905
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 May 2021 11:32:14 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:13 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=j5Iywy801LG4905
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 95D4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6193763558648326398&expiration=1621855934
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6193763558648326398&expiration=1621855934
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 May 2021 11:32:14 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6193763558648326398&expiration=1621855934
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 95D4 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YJkZvbGOoxKa1tT416I5LgAABGoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:13 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 120D 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=289dd4938e5c47b495a076bb&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:13 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 120D
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=&sovrn_retry=true
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=N2ZjZDk2YzlmZTZlMDE0NTY2ZGMzYjUz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=N2ZjZDk2YzlmZTZlMDE0NTY2ZGMzYjUz
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 10 May 2021 11:32:14 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=N2ZjZDk2YzlmZTZlMDE0NTY2ZGMzYjUz
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usersync
rtb.gumgum.com/ Frame 120D
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3016394407
  • https://sync.1rx.io/usersync/tradedesk/48843a77-64ce-4c8c-88df-053978dbfac3
  • https://sync.targeting.unrulymedia.com/csync/RX-022d5c59-0a50-4681-aebd-66144f076ad4-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-022d5c59-0a50-4681-aebd-66144f076ad4-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-022d5c59-0a50-4681-aebd-66144f076ad4-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-022d5c59-0a50-4681-aebd-66144f076ad4-003
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:16 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-022d5c59-0a50-4681-aebd-66144f076ad4-003
date
Mon, 10 May 2021 11:32:16 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX022d5c590a504681aebd66144f076ad4003
content-type
text/html
merge
ce.lijit.com/ Frame 120D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=x0YSYGqygZE4TIrXRGr4&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
43 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=x0YSYGqygZE4TIrXRGr4&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:14 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=x0YSYGqygZE4TIrXRGr4&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT, Mon, 10 May 2021 11:32:14 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 120D
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=289dd4938e5c47b495a076bb&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:d5ac9bc0c9bcc03f34ac847e4ba7f3ed
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:d5ac9bc0c9bcc03f34ac847e4ba7f3ed
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:15 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 10 May 2021 11:32:15 GMT
server
Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:d5ac9bc0c9bcc03f34ac847e4ba7f3ed
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-22-124.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
merge
ce.lijit.com/ Frame 120D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=48076f36-01e6-463d-8bb2-28bc0d57ce84&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=f233d128-f76b-49ac-8fa2-a0ab7fb868f8
43 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=f233d128-f76b-49ac-8fa2-a0ab7fb868f8
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:14 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=f233d128-f76b-49ac-8fa2-a0ab7fb868f8
date
Mon, 10 May 2021 11:32:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 3930 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=48932475&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6c6dc0d26ab498bfdf44092fa6b0fdef9a857f42f57e05894a7fba9557568780

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:14 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8318 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=97981
Expires
Tue, 11 May 2021 14:45:15 GMT
Date
Mon, 10 May 2021 11:32:14 GMT
Connection
keep-alive
Vary
Accept-Encoding
khaos.jpg
token.rubiconproject.com/ Frame A535 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
usersync.aspx
dis.criteo.com/dis/ Frame 4B1B 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 10 May 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1264
x-powered-by
ASP.NET
date
Mon, 10 May 2021 11:32:14 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame BFF0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6946788571671261824
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6946788571671261824
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=1B91F2EC-E450-44F5-8BD6-92E13AF25208; chkChromeAb67Sec=1; DPSync3=1621814400%3A201_227_226_221; SyncRTB3=1621814400%3A3_71_166_13_54_7_8_55_56_161_81_165_21_22%7C1623196800%3A203%7C1621209600%3A2_15_223%7C1621468800%3A63%7C1621900800%3A35; KRTBCOOKIE_153=1923-B8sQcgDCSy0czkx7CcgEeAjNSHscyBEpCcM8nT4b&KRTB&19420-B8sQcgDCSy0czkx7CcgEeAjNSHscyBEpCcM8nT4b&KRTB&22979-B8sQcgDCSy0czkx7CcgEeAjNSHscyBEpCcM8nT4b; PugT=1620646335; PUBMDCID=3; KRTBCOOKIE_57=22776-1519667192218967455; KRTBCOOKIE_80=16514-CAESECoF_HaG1nA5LGOeAaAbv4g&KRTB&22987-CAESECoF_HaG1nA5LGOeAaAbv4g&KRTB&23025-CAESECoF_HaG1nA5LGOeAaAbv4g
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 10 May 2021 11:32:16 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-6946788571671261824; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 11:32:16 GMT; path=/ PugT=1620646336; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 11:32:16 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 08-Aug-2021 11:32:16 GMT; path=/
X-lat
lhrpug002:0:597
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6946788571671261824
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 95D0
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6960623011511203984
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6960623011511203984
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=1B91F2EC-E450-44F5-8BD6-92E13AF25208; chkChromeAb67Sec=1; DPSync3=1621814400%3A201_227_226_221; SyncRTB3=1621814400%3A3_71_166_13_54_7_8_55_56_161_81_165_21_22%7C1623196800%3A203%7C1621209600%3A2_15_223%7C1621468800%3A63%7C1621900800%3A35; KRTBCOOKIE_153=1923-B8sQcgDCSy0czkx7CcgEeAjNSHscyBEpCcM8nT4b&KRTB&19420-B8sQcgDCSy0czkx7CcgEeAjNSHscyBEpCcM8nT4b&KRTB&22979-B8sQcgDCSy0czkx7CcgEeAjNSHscyBEpCcM8nT4b; PugT=1620646335; PUBMDCID=3; KRTBCOOKIE_57=22776-1519667192218967455; KRTBCOOKIE_80=16514-CAESECoF_HaG1nA5LGOeAaAbv4g&KRTB&22987-CAESECoF_HaG1nA5LGOeAaAbv4g&KRTB&23025-CAESECoF_HaG1nA5LGOeAaAbv4g
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 10 May 2021 11:32:18 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6960623011511203984; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 11:32:18 GMT; path=/ PugT=1620646338; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 11:32:18 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 08-Aug-2021 11:32:18 GMT; path=/
X-lat
amspug006:0:441
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 10 May 2021 11:32:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6960623011511203984; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6960623011511203984
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 8AE9 		0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Content-Length
0
Connection
keep-alive
bridge
cm.adgrx.com/ Frame 9F1C 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Mon, 10 May 2021 11:32:16 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-3
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FF9C 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=1B91F2EC-E450-44F5-8BD6-92E13AF25208&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A1TBcSYevkfkgjmIFGDLILA; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Mon, 10 May 2021 11:32:15 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3930
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=G5Hy7ORQRPWL1pLhOvJSCA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=44374
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Mon, 10 May 2021 23:51:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3930 		95 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=1B91F2EC-E450-44F5-8BD6-92E13AF25208
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64d2d88c1b104ed9-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09f7a5ab9400004ed962371000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 3930
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1B91F2EC-E450-44F5-8BD6-92E13AF25208&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1B91F2EC-E450-44F5-8BD6-92E13AF25208&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1B91F2EC-E450-44F5-8BD6-92E13AF25208&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
frontend-id
15
location
/pubmatic/1/info2?sType=sync&sExtCookieId=1B91F2EC-E450-44F5-8BD6-92E13AF25208&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:17 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Mon, 10 May 2021 11:32:16 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
simage2.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=48843a77-64ce-4c8c-88df-053978dbfac3
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=48843a77-64ce-4c8c-88df-053978dbfac3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:17 GMT
X-lat
amspug016:0:387
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=48843a77-64ce-4c8c-88df-053978dbfac3
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6193763558648326398
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6193763558648326398
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:17 GMT
X-lat
amspug014:0:297
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6193763558648326398
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:38186099-19be-4300-bc09-b9aefc0feb57&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:38186099-19be-4300-bc09-b9aefc0feb57&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:17 GMT
X-lat
amspug010:0:359
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Mon, 10 May 2021 11:34:03 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:38186099-19be-4300-bc09-b9aefc0feb57&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 May 2021 11:34:02 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECoF_HaG1nA5LGOeAaAbv4g&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECoF_HaG1nA5LGOeAaAbv4g&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:15 GMT
X-lat
lhrpug003:0:428
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECoF_HaG1nA5LGOeAaAbv4g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1519667192218967455&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1519667192218967455&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:15 GMT
X-lat
lhrpug008:0:791
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:15 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.50:80
AN-X-Request-Uuid
40b44682-753e-4ba3-a9e8-c53ccac35709
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1519667192218967455&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1B91F2EC-E450-44F5-8BD6-92E13AF25208
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3930 		43 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1B91F2EC-E450-44F5-8BD6-92E13AF25208?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Nk8WwPJE2uWZFJLots0fZfnTjbozQtc-~A&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Nk8WwPJE2uWZFJLots0fZfnTjbozQtc-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Mon, 10 May 2021 11:32:18 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Mon, 10 May 2021 11:32:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Nk8WwPJE2uWZFJLots0fZfnTjbozQtc-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B8sQcgDCSy0czkx7CcgEeAjNSHscyBEpCcM8nT4b
42 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B8sQcgDCSy0czkx7CcgEeAjNSHscyBEpCcM8nT4b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:15 GMT
X-lat
lhrpug015:0:2078
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B8sQcgDCSy0czkx7CcgEeAjNSHscyBEpCcM8nT4b
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=ea8cfa99ebd042b1acffe923f468d21a&ssp=pubmatic&bsw_param=f233d128-f76b-49ac-8fa2-a0ab7fb868f8&gdpr=0&consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f233d128-f76b-49ac-8fa2-a0ab7fb868f8&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f233d128-f76b-49ac-8fa2-a0ab7fb868f8&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:17 GMT
X-lat
amspug014:0:445
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f233d128-f76b-49ac-8fa2-a0ab7fb868f8&gdpr=0&gdpr_consent=&gdpr_pd=
date
Mon, 10 May 2021 11:32:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8867843199139047020&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8867843199139047020&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:18 GMT
X-lat
amspug013:0:380
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8867843199139047020&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 10 May 2021 11:32:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJkZvgAA3yndnQA4&gdpr=0&gdpr_consent=
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJkZvgAA3yndnQA4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:18 GMT
X-lat
amspug006:0:372
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620646336.520619,VS0,VE0
x-served-by
cache-hhn4067-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJkZvgAA3yndnQA4&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0e8193fb-0c62-45d1-a9b3-58a969fbf95f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0e8193fb-0c62-45d1-a9b3-58a969fbf95f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:18 GMT
X-lat
amspug013:0:513
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0e8193fb-0c62-45d1-a9b3-58a969fbf95f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 10 May 2021 11:32:16 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 3930 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1B91F2EC-E450-44F5-8BD6-92E13AF25208&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 3930
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=8ce3b763-8276-4979-9a4e-3ca688d16dd9-609919c0-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=8ce3b763-8276-4979-9a4e-3ca688d16dd9-609919c0-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:32:16 GMT
X-lat
lhrpug020:0:406
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=8ce3b763-8276-4979-9a4e-3ca688d16dd9-609919c0-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pubmatic
um.simpli.fi/ Frame 3930 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 09 May 2021 11:32:19 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A535
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KOIIZFJE-P-2KJP&ex=d-rubiconproject.com&status=ok
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KOIIZFJE-P-2KJP&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:32:15 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KOIIZFJE-P-2KJP&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A535
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=38186099-19be-4300-bc09-b9aefc0feb57
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=38186099-19be-4300-bc09-b9aefc0feb57
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

Date
Mon, 10 May 2021 11:34:03 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=38186099-19be-4300-bc09-b9aefc0feb57
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 May 2021 11:34:02 GMT
pixel
cm.g.doubleclick.net/ Frame A535
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09JSVpGSkUtUC0yS0pQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09JSVpGSkUtUC0yS0pQ
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09JSVpGSkUtUC0yS0pQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A535
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGY2YjFiZThiMzdhNGYwMDlhY2YxMzM0ZmVlNWVkMDI2MGZhZDhjMw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGY2YjFiZThiMzdhNGYwMDlhY2YxMzM0ZmVlNWVkMDI2MGZhZDhjMw
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGY2YjFiZThiMzdhNGYwMDlhY2YxMzM0ZmVlNWVkMDI2MGZhZDhjMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A535
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOuVvlM200FSdIyt59_bpxg&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOuVvlM200FSdIyt59_bpxg&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOuVvlM200FSdIyt59_bpxg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame A535 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-153-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame A535
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YJkZvgAA3yndnQA4
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YJkZvgAA3yndnQA4
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620646336.546742,VS0,VE0
x-served-by
cache-hhn4067-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YJkZvgAA3yndnQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame A535
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jJp9l8aPc-7RxdmlSQ-Ssw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5402486439610652863
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5402486439610652863
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

date
Mon, 10 May 2021 11:32:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5402486439610652863
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame A535 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-acuityads_ox-db5_dm_cnv_n-smaato_pm-db5_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:15 GMT
via
1.1 google
alt-svc
clear
content-length
0
implement-r.js
fqtag.com/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fqtag.com/tag/implement-r.js?org=YQwTNw4Muk9XFo4QH9JJ&p=www.newsweek.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7dfa2c5118feaa5fededbf034dfd3c05d4c0c7dcabe8c6018ffebb6a4e2f2263
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:17 GMT
via
1.1 google
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2062
x-xss-protection
0
expires
0
integrator.js
adservice.google.ch/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.newsweek.com
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newsweek.com
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=899352204674544&correlator=3225151684318540&output=ldjh&impl=fifs&eid=31060854%2C31060890&vrg=2021042801&ptt=17&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&sc=1&sfv=1-0-38&ecs=20210510&iu_parts=43459271%2Cnewsweek%2Ctop%2Cright1%2Coop1%2Coop2%2Coop3&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x250%2C300x250%2C1x1%2C1x1%2C1x1&ists=7&prev_scp=pos%3Dtop%26amznbid%3D2%26amznp%3D2%7Cpos%3Dright1%26amznbid%3D2%26amznp%3D2%7Cpos%3Doop1%7Cpos%3Doop2%7Cpos%3Doop3&eri=1&cust_params=amp%3DN%26cat%3Dnwus-politics%26sitecat%3Dnwus-politics%26fq_refresh%3Dfalse%26fq_refresh_int%3D0%26article_id%3D1589912%26topics%3DRepublicans%252CGOP%252CVaccine%252CCoronavirus%26content%3DIAB11%26video%3DY%26video_type%3Drelated%26layout%3Dweb%26paragraphs%3D15%26total_ads%3D0%26page_type%3Darticle%26adunit%3Dnewsweek.com%252Fpolitics%252Farticle%26focus%3DY%26refresh%3DN%26w1200%3DY%26referrer%3Ddirect%26ts%3Dnonpromoted%26trsource%3DDirect%26brtype%3Dweb%26abt%3D2%26NoPassFQ%3DY%26adexclusion%3Dgeneric_brand_safety%252Cnon-politics%252Cnopassfq%26excl_cat%3D%257Cnw%257C%2520generic%2520brand%2520safety%252C%257Cnw%257C%2520non-politics%252C%257Cnw%257C%2520NoPassFQ&cookie_enabled=1&bc=31&abxe=1&lmt=1620646337&dt=1620646337887&dlt=1620646329615&idt=2628&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C1060%2C800%2C800%2C800&adys=161%2C441%2C7053%2C7053%2C7053&adks=2154452299%2C77810098%2C1914041524%2C1813964283%2C85176522&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newsweek.com%2Ftop-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1180x270%7C300x270%7C1600x0%7C1600x0%7C1600x0&msz=970x20%7C300x0%7C1600x0%7C1600x0%7C1600x0&ga_vid=1498701933.1620646332&ga_sid=1620646338&ga_hid=1020735993&ga_fc=false&fws=4%2C516%2C4%2C4%2C4&ohw=1180%2C300%2C1600%2C1600%2C1600&btvi=0%7C0%7C1%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5b2c42d0fa22557f5ad50d157f90320900c73db31360f64f3e540dcf3625ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
286
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
44821c6a272228950bbd123dc78bfab4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://44821c6a272228950bbd123dc78bfab4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel.js
cdn.fqtag.com/1.27.339-ccfb11a/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.36.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:23:16 GMT
age
541
x-guploader-uploadid
ABg5-UxyT01NK-dWCeTM_EknFw_ADCUX7OgzgqeobGzUY02KM6LTkthoBSniwNqDDfsdZ6nBI58PJ5eZ7Z3tHz7JVnFh0YKdag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89647
last-modified
Wed, 27 Jan 2021 19:48:44 GMT
server
UploadServer
etag
"e0eff30579598f76147c9ea12f490d21"
x-goog-hash
crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
content-language
en
x-goog-generation
1611776924905378
x-goog-expiration
Sun, 11 Nov 2294 19:48:44 GMT
cache-control
public, max-age=3600
x-goog-stored-content-length
89647
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 10 May 2021 12:23:16 GMT
m-outer-0369f5784d64b5d8df5e262d4b12f588.html
js.stripe.com/v3/ Frame A5D6 		215 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc59d406a4a87dc2cae39fbb74414e4694b7720ee57f4d1b8710e515e65a83e7
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newsweek.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newsweek.com/

Response headers

x-amz-id-2
6LidBpDv6PU4GdYGeYGMAbBN3LqWK3pVFFZU2LJGuCOFzwmQ1qVvSerfchr+8lNMKDSYfI5pRk0=
x-amz-request-id
JCBEBDDBRSRZXKX3
last-modified
Mon, 03 May 2021 20:41:45 GMT
etag
"0369f5784d64b5d8df5e262d4b12f588"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Mon, 10 May 2021 11:32:18 GMT
via
1.1 varnish
age
290
x-served-by
cache-hhn4053-HHN
x-cache
HIT
x-cache-hits
771
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length
129
m-outer-b43290c4d50222c50d9f53f06af22482.js
js.stripe.com/v3/fingerprinted/js/ Frame A5D6 		1 KB
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-b43290c4d50222c50d9f53f06af22482.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:19 GMT
content-encoding
br
vary
Accept-Encoding
age
243
via
1.1 varnish
x-cache
HIT
content-length
628
x-amz-id-2
m5jOKtdudEchpNXBrLpK2AfGcCyQEiuobX/XM96ZND72GLwqOOSWGwR3bqzUhsXXqa6JIo0eZ5k=
x-served-by
cache-hhn4053-HHN
timing-allow-origin
*
last-modified
Mon, 03 May 2021 20:41:41 GMT
server
AmazonS3
etag
"356a16407e7a019ffdf35f454b7438a9"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
H5T52QBGZYA3EJXT
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
623
inner.html
m.stripe.network/ Frame 62F6 		33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-b43290c4d50222c50d9f53f06af22482.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.stripe.com/

Response headers

server
nginx
content-type
text/html; charset=utf-8
last-modified
Fri, 04 Dec 2020 19:17:49 GMT
etag
W/"5fca8b5d-84a0"
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
public, max-age=300
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Mon, 10 May 2021 11:32:19 GMT
age
231
x-served-by
cache-sea4469-SEA, cache-hhn4053-HHN
x-cache
HIT, HIT
x-cache-hits
3, 643
x-timer
S1620646339.070612,VS0,VE0
vary
Accept-Encoding
content-length
12226
6
m.stripe.com/ Frame 62F6 		156 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.121.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c4077f248ee27eaa42900a8d2c76b614cfec7d24c1a242104a8122f89e435304
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 May 2021 11:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/7922264/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-18.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:11:32 GMT
via
1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1250
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
RZU42zf39-UX7JV7NefMFpP6fM8qLZRPBrmu2X0-J2iXJl9_Pjq4QA==

Redirect headers

date
Mon, 10 May 2021 11:32:21 GMT
via
1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
iftwN8-QmcYSYlRtv4D1D-8Evij7hrE8YbROKO65_lenQdWLd6Qfag==
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75be99661c47792e78370c95d912cabdd5944906023c242b68cf425239ee549e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7654
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23959
x-fb-rlafr
0
pragma
public
x-fb-debug
X7UsqvHOf6k52UlNuQZ/5eY6Wu1vMgO9XCrWX50HJEe2qWmd2R6DeI3wR3ai5T5HjOv+Piho5rsILs1TWTLQpQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 10 May 2021 11:32:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
5e9e00b619144f0012bc03cf
api.pushnami.com/scripts/v1/pushnami-adv/ 		391 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5e9e00b619144f0012bc03cf
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-117.txl52.r.cloudfront.net
Software
/
Resource Hash
e9aa1fb219117b128e0c94f9b624d5af3eeafd6b6bbab15d92cf7e6fc1607668

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:26:38 GMT
via
1.1 41232b1248b5064ae14550b383a46695.cloudfront.net (CloudFront)
age
343
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-pop
TXL52-C1
content-encoding
gzip
x-amz-cf-id
TWT8rHpw98Q-2DrKjUlI02mPLoNdPglJ6yWlDDoxBD0L0zks1b2x2Q==
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5
  • https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=62cd201a-b183-11eb-afe8-10d4c6b20106
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=62cd201a-b183-11eb-afe8-10d4c6b20106
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Mon, 10 May 2021 11:32:22 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
121
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Mon, 10 May 2021 11:32:22 GMT
Server
nginx
Location
/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=62cd201a-b183-11eb-afe8-10d4c6b20106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
11
Connection
keep-alive
Content-Length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 10 May 2021 11:32:21 GMT
496391994180701
connect.facebook.net/signals/config/ 		254 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/496391994180701?v=2.9.39&r=stable
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dab4ee11ac9f3d02f169b69fdb80243140c4c8a99940750d3c6add9479dc2c9b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74365
x-fb-rlafr
0
pragma
public
x-fb-debug
WOtFuDOE/TD/GVrBWx9HqNGNIBuzGWDucv0j+lORdno646P30mrj/rBNmQynNM+CnGYoV59fwtbrSKDiWdnTBg==
x-frame-options
DENY
date
Mon, 10 May 2021 11:32:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7D41 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newsweek.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newsweek.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 10 May 2021 11:26:39 GMT
expires
Tue, 10 May 2022 11:26:39 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
342
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ 		44 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=496391994180701&ev=PageView&dl=https%3A%2F%2Fwww.newsweek.com%2Ftop-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E&rl=&if=false&ts=1620646341182&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620646341179.1790803692&it=1620646341107&coo=false&exp=l1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:32:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 10 May 2021 11:32:21 GMT
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Server
52.7.13.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 10 May 2021 11:32:22 GMT
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age
86400
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.13.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://www.newsweek.com/
key
5e9e00b619144f0012bc03cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 10 May 2021 11:32:22 GMT
cache-control
no-cache
content-type
text/html; charset=utf-8
content-length
2
access-control-expose-headers
WWW-Authenticate,Server-Authorization
juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
pagead2.googlesyndication.com/bg/ Frame 7D41 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eec042900d799bfe65a2455927946f3bcdc6c2282b4a4e7ba749c95ec579770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
1439
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5663
x-xss-protection
0
expires
Tue, 10 May 2022 11:08:22 GMT
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryLD1mA4jkaBCSKR4w

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Mon, 10 May 2021 11:32:21 GMT
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=899352204674544&bg=!UFOlUxfNAAYP3QOmD907ACkAdvg8WsDNMkVV2PBB6ycxwqRkEzNuM9jaSSf_6qOQuHwnr_Lg7NzvYwIAAAHeUgAAABloAQeZAj-VYQjTTMwxr0zleQlGPOa7DZEimM8rxqOaAnRa-lda4iuMHSfPMXFf_LQVkD-UD1PmhsVgqA5bXoz82dGvh4cdhifwP0QJM4YbHX-Tttti5PcJwBarXe3C0Wxekz4CggBEqmiw2fDvfoWv2VvflFNWioqFlW1H0n1qoiiwUFz6ob6DzGA4VjDvzoCPcSzFbdSvo5-jsV3butoVB1tnT3GdPmHv2nM1rpBhPu2wHBnI_zPTCaSeIIqDp5eAxAoH8YBPoGWhWPim_JGomoFEX8bzMH2a_WlzrqVbbpvNAziS0L9JKIkVRm5EDpAIw9uyl5kDyWCErVDIcL9V8GKqOOoUU22muXIXq-TW5msZ5abhl97qDvQ6LrWfXD0-ImyzTvHLKL3gDlcZLON21IvgCAvAsfDo-l73fD2Kh3GL_8UFfWh9Jm8BpmVpbkdAn35Q3bZIGNFPrtckeq8AAhDgqjIdOMFVfWN2MI3L8GVbHpw95SNFtxxDpwL90hEluVxjJ-WXs8SMCdbT9Z1F65zmdd526fS7JnPz2olc2i0MVFdJbPBSmRvDVj5cs10xEs5BPZAjAKdqs8H1-LPZuNE5LBe7CU8ri1i2aQzDp3gq6oqYurfxpWpOHslkAvLOT7XdVmAE-yqExRw-A4GS6tW157RzKBELjdf7nFlQZCnLsRoL0amrhyiIPe72AhKs_OytAfmmiMWg9l3vc21-zgA56din-RgGTsewoocACP_iT98AoaqtXUYZAG8tfz0ywxQg1A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=newsweek.com&p=%2Ftop-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912&u=Cbhg4_CerGkLHwSAG&d=newsweek.com&g=65968&g0=Politics&g1=Christina%20Zhao&n=1&f=00001&c=0.25&x=0&m=0&y=7249&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=2883&t=ov8TsC0IDO8BZgjljDgvHIco18Ul&V=126&tz=-120&_acct=anon&sn=2&sv=CUJOChBSrRlFBD5QZQDd22hFDNzcLp&sd=1&im=067b0ef0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.213.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-213-29.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:32:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Verdicts & Comments Add Verdict or Comment

386 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated number| current_timestamp boolean| mobile_device boolean| bot_engine object| dfpSlots object| dfpEx number| brW number| brH function| LJ function| setCookie function| setCookieHours function| getCookie function| deleteCookie function| getUrlParameters function| checkDataCentre function| NW_DO_READY function| LSYE function| callbackCSS object| doFir object| docReady object| dataLayer function| loadJS function| GCSS object| Drupal object| documentReady function| execFunc function| NW_FUNC function| execDrupal function| multiLJ function| LC function| loadCSS object| relList function| JSONsplit function| getGeoCookie object| xuaInfo function| LJS function| LJSA boolean| gdpr_eu boolean| gdpr_applies boolean| ccpa_applies number| is_gdpr boolean| ccpa_status object| consentPrebid object| geoLabels function| __tcfapi function| parseQuery function| sha256 function| setCookieSecure function| sendToLiveRamp function| PelcroToLiveRamp function| LRScrape function| atsCallback string| referrer function| TrafficSource string| trsource boolean| isAndroid object| connection string| con_type string| brtype boolean| is_wv_android boolean| is_wv_ios number| _sf_startpt number| timerStart number| hb_debug object| pbjs object| googletag function| parseQueryString function| ibtGetCookie function| nwsetCookie function| nw_log function| getBrowser string| site_name string| site_id string| site_domain number| site_ads string| ibtmedia_device boolean| iOS boolean| ipadMac string| is_uxab string| is_video_embed string| ibp1 string| ibp2 string| is_slideshow string| s_layout string| is_slideshow_firstpage string| s_player string| enable_sponsor_logo string| sponsor_logo_slot number| numPr number| rf string| dfp_cat string| group_cat string| excl_label string| amzn_video_bid number| amzn_video_bid_flag string| prebid_video_bid string| prebid_cust_param string| NoPassFQ string| DVPreFilter string| fbprom string| fbpromoc string| otherpromoc object| keyEx string| keyExC number| wo_on number| iter function| checkGAcookie number| GAtimeout string| gdpr_video string| npa_consent string| consent_string string| dfp_adunit string| w1200 function| pageRefresh boolean| pb_allbids number| fqv string| ts object| utm_result number| nonPersonalizedAds function| setDfpRefreshKV function| setDfpRefreshKey function| setDfpRefreshKVLazy function| clearDfpRefreshKey function| verification_callback number| win_w number| win_h string| wo_browser string| wo_pageurl string| win_size string| wo_placement string| wo_section string| wo_layout string| wo_pagetype string| fq_pagetype string| pageFocus undefined| cc number| p object| apstag boolean| fqs_loaded boolean| fqsp_loaded boolean| fqs_load_timeout boolean| pbjs_loaded boolean| amznads2_loaded boolean| all_hb_loaded boolean| is_bot number| abt_rand string| abt number| lazy_start number| abt100 number| abpr string| purlen string| fq_ref function| extractHostname string| doc_hostname string| utm_source string| fq_source string| pb_videos object| videoAdUnit object| videoAdUnitiOS object| adUnits object| amzSlotCfg object| adUnitsLazy object| amzSlotCfgLazy object| amzSlotNonU object| PWT object| fqtag function| fq_callback function| ivt_common object| d number| utc_hour string| fl_multi string| disp_floor string| disp_floor_str number| disp_floor_num string| sticky_floor string| sticky_floor_str number| sticky_floor_num string| vid_floor number| vid_floor_openx string| vid_floor_str number| vid_floor_num string| pb_env function| amznVideoAPS function| amznVideoAPS_refresh object| adexl_fpd function| addSpotxParam number| PREBID_TIMEOUT number| PREBID_TIMEOUT_LAZY number| FAILSAFE_TIMEOUT number| pb_auctionDelay number| pb_syncsPerBidder function| defineDFPSlot function| initAdserver number| hb_timeout_var function| prebidVideoAd_refresh object| fonts object| font number| pos undefined| current_time undefined| key number| is_prod object| Pelcro boolean| americas function| PelcroUserSubscriptionCheck string| a string| str string| DOMAIN string| SNS_D string| STATS_D string| MAIN_D string| DATA_D string| GRAPHIC_D number| rtid object| browser object| doWLoad number| text_pass number| main_body_pass string| bsettime function| createBookmark function| loadScript number| uuuui function| closeFrame function| get_msg function| sessSync function| signin_page function| login_callback function| logout_callback number| scroll_top_sign function| openSignin function| closeSignin function| _hasPopupBlocker object| scroll_initial function| scroll_active function| doAfterLoad function| isEmpty function| localLogin function| setJsonData function| putJsonData function| pelcro_newsletter function| checkProduct function| work_editor_region function| work_editor boolean| m_moving_on boolean| adjust_height function| m_move_next function| m_move_prev function| poll_result function| get_poll function| active_poll number| slide_started function| check_slide function| begin_slide function| lazyEmbed function| stickyRecommendation function| pelcroCookie function| windowBlack function| closeBlack function| remainingArticle function| ValidateEmail function| scorePassword function| loadedPelcro number| lastScrollTop2 number| paywallScrollUp function| signup_slide function| stickyAside function| $ function| jQuery function| analyticsEvent undefined| exe object| vttjs function| WebVTT function| videojs number| incognito object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| google_tag_manager object| cmp object| gdprConfiguration object| node boolean| gaLoaded boolean| domLoaded object| google_tag_data string| GoogleAnalyticsObject function| ga function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm object| _sf_async_config object| _cbq boolean| stb_exitintent boolean| apstagLOADED object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime string| fq_ua2 boolean| saf13 function| refreshInViewSlot object| ibt_cter object| ats function| pbjsChunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| o object| ggeac function| DataLayerHelper string| t string| videoad_bid_request object| adslider object| adsliderlv object| seekBar object| closure_lm_690452 object| _cbv object| gascrolldepth object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| gaplugins object| gaGlobal object| gaData function| sys_callback function| news_counter function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| closure_lm_697624 object| wpJsonpLiverampGdprCmp function| fqPixel object| __webpackStripeJSv3Jsonp function| Stripe object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id function| fbq function| _fbq object| GoogleGcLKhOms object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule undefined| isOSXSafari undefined| safariScript boolean| _babelPolyfill function| bowser object| mailnami object| Pushnami object| google_image_requests

1 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: SPugT
Value: 1620646338

24 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VW99Wl5HMV4SW49Yz2-910NgLW7HlLKX4rpXMzN8fXWBQ2-HwrV1-WJV7CgQ-QW6lmhpm1SRL1GW3BbJWz8yT_pdW7Dppsw8cy9sxVhN8yT4CVHTRW6DbJr75WXMJWW97Zy9z8gmBRYW1MF2cR3rNbJdW8VZdr73vNY08W4wdjdx3T7ZFCW8Bml9R2YgjFyN2dlcvbWk9vqW6jjzvd7SXCtPW161TYj5PHszvW9bG0241bGS4lW8Bbh0d4ZV1BWW3Z0QV188j9nDW5SVJdl66-9D2W1H2KDZ493GZLW66jjyl6ZCC01VdCtkN3b_Lb6VcJz-p8tjH80W408LDp3LCf5CW8gdtLT7W7xZPW2w7pXW2nVp3lW5jrBcm8FPvrJW8pcGLf7vbSbH3mtG1(Line 13)
Message:
toS
console-api log URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E(Line 1)
Message:
prebid_ads_xuaInfo_country CH
console-api log URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E(Line 6)
Message:
con_type 4g
console-api log URL: https://www.newsweek.com/top-gop-regulator-falsely-claims-vaccine-turns-people-potted-plants-1589912?_hsmi=96965274&_hsenc=p2ANqtz--uDWwMLgzrEgBFNyZOF9ToOfGkomeCv3EMYV6tGNqfhjKEWr3o8QK8gi8lWASKkWlORiX4iT7QUcaWw9BdMI25DYJL9IAKYGS0cI8Q9kz8vRAVi9E(Line 7)
Message:
device: desktop false 1600 x 1200
console-api log URL: https://g.newsweek.com/sys/js/518ec47cf8245d54b92ff59a32c5dd83.js?v=1620386476(Line 14)
Message:
script loaded :464 2 1
console-api debug URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
[bugsnag] Loaded!
console-api warning URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
480p
console-api log URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
o.ampAutoplay undefined
console-api log URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
doFir on doc ready
console-api log URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
document ready:2232
console-api info URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
INFO - (ATS) Location of the user is NOT in country that has GDPR or CCPA regulation!
console-api log URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
stats counted
console-api log URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
GDPR_isLoaded
console-api warning URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api warning URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api warning URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api warning URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api log URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
pelcro_visit_value 6 3499
console-api warning URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api warning URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api warning URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api log URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
pelcro_visit_cookie_value 5 4034
console-api log URL: https://js.pelcro.com/sdk/main.min.js(Line 8)
Message:
window.onload:11412 2 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

44821c6a272228950bbd123dc78bfab4.safeframe.googlesyndication.com
a.sportradarserving.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
adservice.google.ch
adservice.google.com
amazon-tam-match.dotomi.com
aorta.clickagy.com
ap.lijit.com
api-location-prd.pelcro.com
api.pushnami.com
ats.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cdn.fqtag.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
d.newsweek.com
d275im4r3zngba.cloudfront.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fqtag.com
g.newsweek.com
gc.newsweek.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
i.clean.gg
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
info.silobreaker.com
inv-nets.admixer.net
js.pelcro.com
js.stripe.com
m.stripe.com
m.stripe.network
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
query.fqtag.com
recommendationengine.googleapis.com
rtb.adentifi.com
rtb.gumgum.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
simage2.pubmatic.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
stats.newsweek.com
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.pushnami.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
uploads.pelcro.com
ups.analytics.yahoo.com
us-u.openx.net
video.newsweek.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.newsweek.com
www.pelcro.com
x.bidswitch.net
124.146.215.43
13.224.95.123
13.224.95.18
13.224.95.71
13.224.95.75
13.225.74.104
142.250.185.226
146.0.227.110
151.101.112.176
151.101.114.49
151.139.128.11
159.253.128.183
159.65.197.210
169.197.150.7
172.217.23.98
173.231.181.122
178.250.2.151
18.159.17.140
18.184.39.197
18.195.155.181
185.184.8.30
185.29.135.233
185.64.189.110
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.94.180.126
193.0.160.129
193.122.174.27
198.148.27.139
199.60.103.2
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
213.155.156.167
213.19.147.44
216.52.2.48
23.79.143.124
2600:1901:0:7a0b::
2600:9000:20e8:9800:11:2a6a:9480:93a1
2600:9000:20e8:ae00:18:1fcd:34e:d2a1
2600:9000:20eb:c600:8:bd4:5580:21
2600:9000:2190:5e00:c:b42a:3740:93a1
2600:9000:2190:7a00:16:f82a:8600:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:958
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:803::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9c
2a00:1450:400c:c04::9d
2a02:fa8:8806:12::1400
2a02:fa8:8806:16::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a0b:4d07:102::1
3.126.56.137
3.127.92.82
3.222.149.159
3.222.213.29
34.204.22.100
34.208.121.230
34.252.153.38
34.95.69.49
35.158.9.168
35.186.195.222
35.190.36.172
35.190.72.161
35.201.96.126
35.244.159.8
35.244.174.68
37.157.4.25
37.252.173.62
50.31.142.95
52.19.106.86
52.214.120.236
52.28.167.150
52.45.11.130
52.46.130.13
52.6.250.79
52.7.13.99
52.95.124.165
54.162.255.214
54.77.47.243
64.74.236.159
66.155.71.149
67.202.110.23
69.173.144.138
69.173.144.165
72.251.249.14
77.243.60.138
85.114.159.118
88.214.206.142
99.83.219.100
99.84.153.196
99.84.156.117
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0fa5d7802f3c053b08ac896377916d36270c68c9ea74a9190edf9386275668d1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1150566eb9fe9f889b12323429562fe74682d81ff55aa1ebad111733f3b6b4be
134e2c21e9ce1ae2d2aac71755df2b753a6c912e20b7fe734c216f4bb026d618
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a9a29be2c0728cfaaade2a97d6c18f9f393d93f0d330ffe2f2655b23a12cb8d
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f1e6e2c3cabebed69823fc9cf8d77bb48876706e2f91f445eaf4057c6a85b46
2180294a615b6326e3de1cd5728663a9e9c7fb9ff21d9e10d3c2b1c5df75925f
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
24866b4c57618123a0094663d461cec423235da5f9a3681f732d79f36c7d05fd
26afa415e1221eefb1b5aeac203c50935a2fb77ad77589f509d90202cc617c6d
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d2b28073cceec1084619ee22cb15e64a19fb40ebabfb7c933cfd8b183940f3a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48
3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035
34ece1baba2708b6381b24324cd8818761d2f5f69569911322da90bead86638a
3644618ec7012ca1879d2068d71c6caa2d247f624515610f51a1d2748b63c64f
374f5d96c910e2e5ae3abcd81bf2cbe1c4a7eb2ec5779a4e42cc5672ee95b289
388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709
3dfa26bf50a49ee6d7782ae0ab785a040bcf61f3136160ec1e82ecb9035a3d87
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
485d1e9597d74b48109f11c4bde59393d4a232d99a31a3c6989d5e56ff9a5fbf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4d2e28ae6a54f406031e363b154ea0fcb41e5e19f53137d142d4c0461a976115
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987
5a9a338a72639fee3250bbb8f257669cf84cd8bf3193578d74a26f7af208e4ac
5b191c0b8cd4fe9d3fa6a2c5fda524c9cb392f0ab959e924d7d9786b04953503
62650fd33dce4209d2585176f5f4fcee4fb5abdeba5f3140bec1dd5f9abe043a
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
66788007326bb28be3e5d92262e40947d0cb5ec4f10023644f761ad36d31d5c6
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a534e6cdeecbc6edeb5eeaab7772b29d205bc4220c5c6fe8f605fe81b77c0c9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c6dc0d26ab498bfdf44092fa6b0fdef9a857f42f57e05894a7fba9557568780
6d2d492670d72801262c085eab2f3d8264e662536106f67877ca485db8065df3
71a36ce53c8c7b6ab4b8b86e9fd7d0874245fc7f0884b7efa5041ec7a9324a7a
75be99661c47792e78370c95d912cabdd5944906023c242b68cf425239ee549e
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7dfa2c5118feaa5fededbf034dfd3c05d4c0c7dcabe8c6018ffebb6a4e2f2263
7ffd8332e8533d8878e569ed460c4ea8e24becb06da4fef3dfe77fffc2ffddb4
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
8304c4370f3c0694fadf3af1b943722fb21e278e8a30639d8d5a3f9ad1009d62
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841084b6978cf839a179bc09779f635ee006a5ca93004a9e5c20811810b6c67e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85368b94aad0e77f6076f6a9cf9fef9cc0d9a8baa6109b07dbc12c7ad153d1b5
875d966af6ebee8cdb648cec821ad6dd05718734025f5c093109990d3e8bee3f
8a8fc2a99422a24d4309b9dc2c57d7a72ef6585d756c5a53d6edee01ad7d2b76
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8eec042900d799bfe65a2455927946f3bcdc6c2282b4a4e7ba749c95ec579770
94bab600bceb53dcb103ced28d5a5818d609fc8218a546985855952a7fe113f4
98ada2f20ace30c628f3e5c2aeae635372ad2687dc9824a7c81b04a3375e1c22
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b5f6997ef2320ba8cebae37a138db2e682ab12129135574d705011c97e03dd1
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4acc30393eaf1d64e84457ea82dda8b9e557fc13026d39349b367867e21877f
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
aa12b6968b55d509378d47dc26722bd22f3b62a5d85d11685817da0275601693
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
ad25197f295b6522df9c772ab9b55503fda89ebef72696cb958452f3879b91b7
aebbc3c2257a75d60685bb213d048a00c5dd444f44c63e9920ac2f43dec55983
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b68087dec4bb4fb1c3b99f398a7435e5bb4c752ccc351afc60df7a8068c6c174
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b
b89c53af0daa8ade19397650fa2265056c4bc68f36f9c3cd4ea0b061a4119955
bf5b2c42d0fa22557f5ad50d157f90320900c73db31360f64f3e540dcf3625ae
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d98955505568ff589dee622ca30c1940f0a1484625cde7a51b4455963a1e96
c4077f248ee27eaa42900a8d2c76b614cfec7d24c1a242104a8122f89e435304
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c829f9d67ab7851c5ce62820191525d4581aa26bc0a18f6cba0b5af2c7912dd6
cac6fa173b5c98b7e7d35719f80633d2d39e17303247ad360bb9f9b62e6dd283
cc59d406a4a87dc2cae39fbb74414e4694b7720ee57f4d1b8710e515e65a83e7
ce41d21d911ed2f698b60ef3680104adde2585787e5df20f79092a39995e9ea0
ceea53e44ec565f4238f76684d3c16fe2c0806d7d0208678105d6f64320b8e56
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9e7ae315363540a8d53177e34c0161dcaaa7f782640f1a363834b0c57810b8
cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d73c80c747e2ebaa8fce065cb77d293449cc8ca02591327c5a95d924c1948364
dab4ee11ac9f3d02f169b69fdb80243140c4c8a99940750d3c6add9479dc2c9b
dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1d222c05451e66d24bcae72a24c0f39b453b6d7a9e2f1883dcd5c799cc53488
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40e44825fb6505b782bcf515d50633fbfeb5f8a17856808f76945571fbb72d0
e4cf1c133b96419d7116640c9850740280ad5aed7e54b9749f7bb3211d6be4f7
e5d34237538c418fbc6ad62cf0b1a0959bde8e7318c78adb89b0b46f045fa8c8
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
e9aa1fb219117b128e0c94f9b624d5af3eeafd6b6bbab15d92cf7e6fc1607668
e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe483404e7a6c8802ee6d1e5e0a116f6cdab91c26c8cc4356dc0f7c5ce44c0d
f213a25b17a1082269b78663f1e041f98b88cb028c9015ec457991b0d0e63ec1
f23c0cf83f19b4b302b90418d5d71045c1edc3ed7f9b2953f9f832eed366cbdb
f711a885cf31afed69664befc5b5d3911ef41ac1d5e62e938f2061eb8748a416
f89876f58219dcc1beebdd496798494462bc583f2f54bac08c93c6fc2a630659
fc6686761d3664feb55c6717335a43fcc4f9546505e3c1fd2d5c8bdb807b3b24
fcd036ae5e6f1ee13790e41fcd22034f99f8bacfbdb95516bbfe7d9f3c31907b
fd90c74a256c879ce6d6774b6f837c13a0fc31a122dcc3352ab63f76191cbc11
ff6d9e3175cc545423afe87dd0dc42c8d1e3c4681a5a71e115481bf3324dd9b7