URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Submission: On February 12 via api from GB — Scanned from GB

Summary

This website contacted 41 IPs in 5 countries across 29 domains to perform 111 HTTP transactions. The main IP is 99.83.219.100, located in United States and belongs to AMAZON-02, US. The main domain is www.newsweek.com. The Cisco Umbrella rank of the primary domain is 29242.
TLS certificate: Issued by Amazon on June 21st 2021. Valid for: a year.
This is the only time www.newsweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 99.83.219.100 16509 (AMAZON-02)
37 151.139.128.11 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:236... 16509 (AMAZON-02)
1 13.32.99.88 16509 (AMAZON-02)
3 142.250.74.194 15169 (GOOGLE)
4 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 52.222.210.175 16509 (AMAZON-02)
1 35.186.195.222 15169 (GOOGLE)
2 35.190.72.161 15169 (GOOGLE)
3 13.32.99.122 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
2 34.95.69.49 15169 (GOOGLE)
1 104.111.219.144 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 4 13.32.99.90 16509 (AMAZON-02)
1 35.190.36.172 15169 (GOOGLE)
1 34.206.115.172 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.204.254.104 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 13.32.99.80 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.49 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 13.32.99.54 16509 (AMAZON-02)
2 45.55.126.42 14061 (DIGITALOC...)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 52.222.236.122 16509 (AMAZON-02)
1 18.66.139.28 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 52.200.156.204 14618 (AMAZON-AES)
5 5 35.211.178.172 19527 (GOOGLE-2)
1 2600:1f18:612... 14618 (AMAZON-AES)
2 2 96.46.186.59 7979 (SERVERS-COM)
1 51.222.105.60 16276 (OVH)
1 167.99.21.53 14061 (DIGITALOC...)
1 2 50.57.31.206 19994 (RACKSPACE)
2 52.23.126.38 14618 (AMAZON-AES)
111 41
Apex Domain
Subdomains
Transfer
39 newsweek.com
www.newsweek.com — Cisco Umbrella Rank: 29242
g.newsweek.com — Cisco Umbrella Rank: 40156
d.newsweek.com — Cisco Umbrella Rank: 24590
gc.newsweek.com — Cisco Umbrella Rank: 49052
stats.newsweek.com — Cisco Umbrella Rank: 42835
614 KB
24 privacymanager.io
gdpr-wrapper.privacymanager.io — Cisco Umbrella Rank: 14366
geo.privacymanager.io — Cisco Umbrella Rank: 1451
gdpr.privacymanager.io — Cisco Umbrella Rank: 15117
cmp-consent-tool.privacymanager.io — Cisco Umbrella Rank: 29245
415 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
3 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 263
42 KB
4 pushnami.com
api.pushnami.com — Cisco Umbrella Rank: 4223
psp.pushnami.com — Cisco Umbrella Rank: 15025
93 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
1 KB
4 fqtag.com
query.fqtag.com — Cisco Umbrella Rank: 30686
fqtag.com — Cisco Umbrella Rank: 14093
cdn.fqtag.com — Cisco Umbrella Rank: 20188
91 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
148 KB
3 resetdigital.co
meta.resetdigital.co — Cisco Umbrella Rank: 49704
sync2.resetdigital.co — Cisco Umbrella Rank: 4071
3 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 574
script.hotjar.com — Cisco Umbrella Rank: 726
vars.hotjar.com — Cisco Umbrella Rank: 809
67 KB
2 semasio.net
uipus.semasio.net — Cisco Umbrella Rank: 4277
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1448
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
313 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 469
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
114 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1334
15 B
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 407
recommendationengine.googleapis.com — Cisco Umbrella Rank: 9971
120 KB
1 resetsrv.com
ads.resetsrv.com — Cisco Umbrella Rank: 40513
163 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 864
183 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1708
109 B
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3464
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1099
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1242
14 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1595
17 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
67 KB
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1336
38 KB
1 cloudfront.net
d275im4r3zngba.cloudfront.net
39 KB
111 29
Domain Requested by
20 g.newsweek.com www.newsweek.com
16 cmp-consent-tool.privacymanager.io d275im4r3zngba.cloudfront.net
cmp-consent-tool.privacymanager.io
16 d.newsweek.com www.newsweek.com
g.newsweek.com
5 x.bidswitch.net 5 redirects
5 c.amazon-adsystem.com www.newsweek.com
c.amazon-adsystem.com
4 sb.scorecardresearch.com 2 redirects www.newsweek.com
4 gdpr-wrapper.privacymanager.io www.newsweek.com
d275im4r3zngba.cloudfront.net
cmp-consent-tool.privacymanager.io
3 geo.privacymanager.io ats.rlcdn.com
d275im4r3zngba.cloudfront.net
3 securepubads.g.doubleclick.net www.newsweek.com
securepubads.g.doubleclick.net
2 psp.pushnami.com d275im4r3zngba.cloudfront.net
2 uipus.semasio.net 1 redirects
2 ads.betweendigital.com 2 redirects
2 www.facebook.com
2 sync.search.spotxchange.com 1 redirects
2 meta.resetdigital.co d275im4r3zngba.cloudfront.net
2 api.pushnami.com d275im4r3zngba.cloudfront.net
2 connect.facebook.net d275im4r3zngba.cloudfront.net
2 www.google-analytics.com d275im4r3zngba.cloudfront.net
www.newsweek.com
2 i.clean.gg d275im4r3zngba.cloudfront.net
2 fqtag.com www.newsweek.com
cdn.fqtag.com
1 ads.resetsrv.com
1 sync2.resetdigital.co
1 partners.tremorhub.com
1 bpi.rtactivate.com
1 vars.hotjar.com d275im4r3zngba.cloudfront.net
1 script.hotjar.com d275im4r3zngba.cloudfront.net
1 static.hotjar.com d275im4r3zngba.cloudfront.net
1 recommendationengine.googleapis.com www.newsweek.com
1 www.google.co.uk www.newsweek.com
1 www.google.com www.newsweek.com
1 ping.chartbeat.net www.newsweek.com
1 stats.g.doubleclick.net www.google-analytics.com
1 stats.newsweek.com d275im4r3zngba.cloudfront.net
1 cdn.fqtag.com d275im4r3zngba.cloudfront.net
1 static.chartbeat.com d275im4r3zngba.cloudfront.net
1 secure.cdn.fastclick.net d275im4r3zngba.cloudfront.net
1 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
1 gc.newsweek.com www.newsweek.com
1 query.fqtag.com www.newsweek.com
1 www.googletagmanager.com www.newsweek.com
1 ats.rlcdn.com www.newsweek.com
1 d275im4r3zngba.cloudfront.net www.newsweek.com
1 imasdk.googleapis.com www.newsweek.com
1 www.newsweek.com
111 44
Subject Issuer Validity Valid
*.newsweek.com
Amazon
2021-06-21 -
2022-07-20
a year crt.sh
g.newsweek.com
R3
2022-01-12 -
2022-04-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.privacymanager.io
Amazon
2021-09-25 -
2022-10-24
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
c.amazon-adsystem.com
Amazon
2021-07-06 -
2022-06-27
a year crt.sh
*.fqtag.com
R3
2022-01-27 -
2022-04-27
3 months crt.sh
d.newsweek.com
R3
2022-01-12 -
2022-04-12
3 months crt.sh
gc.newsweek.com
R3
2022-01-13 -
2022-04-13
3 months crt.sh
i.clean.gg
GTS CA 1D4
2021-12-19 -
2022-03-19
3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA
2022-01-15 -
2023-01-17
a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2021-05-20 -
2022-06-03
a year crt.sh
newsweek.com
Amazon
2021-11-29 -
2022-12-27
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2021-12-01 -
2022-12-30
a year crt.sh
www.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
www.google.co.uk
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-11-21 -
2022-02-19
3 months crt.sh
*.pushnami.com
Amazon
2021-04-18 -
2022-05-17
a year crt.sh
*.resetdigital.co
Sectigo RSA Domain Validation Secure Server CA
2021-10-04 -
2022-10-06
a year crt.sh
rtactivate.com
Amazon
2021-05-13 -
2022-06-11
a year crt.sh
resetsrv.com
R3
2022-01-22 -
2022-04-22
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Frame ID: 9B49619DD37746A80DD66132E46249AB
Requests: 88 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: A63F15A572FDDA731DAA24C2AEB4AA91
Requests: 17 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 466144B04C0E0335FA015B6826326BCD
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 786CFAD3E053077E0B11169CB409ABB3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2DF414E40F56263B08577A56EEC836B1
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Wendy Williams' Bank Says She's Being Exploited Amid Fight Over Cash Access

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com

Page Statistics

111
Requests

95 %
HTTPS

33 %
IPv6

29
Domains

44
Subdomains

41
IPs

5
Countries

1910 kB
Transfer

6004 kB
Size

33
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://sb.scorecardresearch.com/b?c1=2&c2=6972086&ns__t=1644646292993&ns_c=UTF-8&c8=Wendy%20Williams%27%20Bank%20Says%20She%27s%20Being%20Exploited%20Amid%20Fight%20Over%20Cash%20Access&c7=https%3A%2F%2Fwww.newsweek.com%2Fwendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6972086&ns__t=1644646292993&ns_c=UTF-8&c8=Wendy%20Williams%27%20Bank%20Says%20She%27s%20Being%20Exploited%20Amid%20Fight%20Over%20Cash%20Access&c7=https%3A%2F%2Fwww.newsweek.com%2Fwendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299&c9=
Request Chain 95
  • https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=a0d65f09-8bca-11ec-bf5f-1131174c0106
Request Chain 96
  • https://sb.scorecardresearch.com/c2/6972086/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 104
  • https://x.bidswitch.net/sync?dsp_id=447&user_id=&expires=90 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=447&user_id=&expires=90 HTTP 302
  • https://partners.tremorhub.com/sync?UIBS=32245699-3997-4888-bda6-e4b1d6bd47ff
Request Chain 105
  • https://x.bidswitch.net/sync?ssp=resetdigital&user_id=&expires=90 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=resetdigital&user_id=&expires=90 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dresetdigital%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dresetdigital%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=65c0fa17-b17d-532b-b5e2-06e9d7e5497f&ssp=resetdigital&expires=30&user_group=1 HTTP 302
  • https://sync2.resetdigital.co/csync/bs?type=s&userid=20e6ee15-afea-4823-a930-a3679803f4a8&gdpr=&gdpr_consent=
Request Chain 107
  • https://uipus.semasio.net/reset/1/info?sType=sync&sExtCookieId=&sInitiator=external HTTP 302
  • https://uipus.semasio.net/reset/1/info2?sType=sync&sExtCookieId=&sInitiator=external

111 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
www.newsweek.com/
233 KB
52 KB
Document
General
Full URL
https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.219.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4fb2973ac9c49f88.awsglobalaccelerator.com
Software
/
Resource Hash
0f576d87f4c5d772f9b4d21d0e66cdc8ccef98cd670d5afd978ae77670ce5a43
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-type
text/html; charset=UTF-8
content-length
52890
cache-control
public, max-age=3600
vary
Accept-Encoding
content-encoding
gzip
x-b
V6.3-3 web2
age
1927
x-cache
hit cached
x-cache-hits
18
x-forwarded-for
5.187.21.106
x-ua-device
desktop
x-debug
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=86400; includeSubDomains
accept-ranges
bytes
robotocondensed-bold-webfont.woff2
g.newsweek.com/www/fonts/
20 KB
20 KB
Font
General
Full URL
https://g.newsweek.com/www/fonts/robotocondensed-bold-webfont.woff2
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 16:32:40 GMT
server
Apache
etag
"1619713960"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds251.lo4.hn,1644646292.cds002.lo4.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
20051
robotocondensed-regular-webfont.woff2
g.newsweek.com/www/fonts/
20 KB
20 KB
Font
General
Full URL
https://g.newsweek.com/www/fonts/robotocondensed-regular-webfont.woff2
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Sat, 13 Nov 2021 00:31:07 GMT
server
Apache
etag
"1636763467"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds251.lo4.hn,1644646292.cds290.lo4.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
20051
Genericons.woff2
g.newsweek.com/www/fonts/
10 KB
11 KB
Font
General
Full URL
https://g.newsweek.com/www/fonts/Genericons.woff2
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
ceea53e44ec565f4238f76684d3c16fe2c0806d7d0208678105d6f64320b8e56
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 17 Dec 2021 06:56:34 GMT
server
Apache
etag
"1639724194"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds251.lo4.hn,1644646292.cds082.lo4.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
10711
btf.css
g.newsweek.com/sys/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://g.newsweek.com/sys/css/btf.css?v=1644598851
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
b9bb2d8462e6d0bdffd725ecaceb7ad38e6a416e16dabe7953280b8caddbceb1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 17:01:01 GMT
server
Apache
etag
"1644598861"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds287.lo4.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
1244
btf_article.css
g.newsweek.com/sys/css/
36 KB
8 KB
Stylesheet
General
Full URL
https://g.newsweek.com/sys/css/btf_article.css?v=1644598851
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
906aaa4fa63969c13fb82c03d1946f91872d55bbecc988e88d3c05015d526417
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 17:01:01 GMT
server
Apache
etag
"1644598861"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds279.lo4.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
7787
editor.css
g.newsweek.com/sys/css/
23 KB
5 KB
Stylesheet
General
Full URL
https://g.newsweek.com/sys/css/editor.css?v=1644598851
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
846557fcc89c509e9140fbbd99f60fe0dfd0018e0bba3d3a1cb39f0647b65084
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 17:01:01 GMT
server
Apache
etag
"1644598861"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds081.lo4.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
5155
more_slideshows_inline.css
g.newsweek.com/sys/css/
788 B
519 B
Stylesheet
General
Full URL
https://g.newsweek.com/sys/css/more_slideshows_inline.css?v=1644598851
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
fc6686761d3664feb55c6717335a43fcc4f9546505e3c1fd2d5c8bdb807b3b24
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 17:01:00 GMT
server
Apache
etag
"1644598860"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds046.lo4.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
412
in_text_slideshows_inline.css
g.newsweek.com/sys/css/
1 KB
527 B
Stylesheet
General
Full URL
https://g.newsweek.com/sys/css/in_text_slideshows_inline.css?v=1644598851
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
c829f9d67ab7851c5ce62820191525d4581aa26bc0a18f6cba0b5af2c7912dd6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 17:01:00 GMT
server
Apache
etag
"1644598860"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds291.lo4.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
431
f975cb2dee59c2867351daea194bffe3.css
g.newsweek.com/sys/css/
62 KB
15 KB
Stylesheet
General
Full URL
https://g.newsweek.com/sys/css/f975cb2dee59c2867351daea194bffe3.css?v=1644598851
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
df8ccf5bcfc849917eb4ab20039e8d40db30dfe904216477ae3df3d220e89736
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 17:01:00 GMT
server
Apache
etag
"1644598860"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds066.lo4.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
14845
07bba1a9c30c8f01d28d980808d6b064.js
g.newsweek.com/sys/js/
626 KB
174 KB
Script
General
Full URL
https://g.newsweek.com/sys/js/07bba1a9c30c8f01d28d980808d6b064.js?v=1644598851
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
7af84bd8a1f0308d667287a550d0110f1ab51d60c39ba10f9a428494a9a7ba0b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 17:01:00 GMT
server
Apache
etag
"1644598860"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds080.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
178354
ima3.js
imasdk.googleapis.com/js/sdkloader/
361 KB
120 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb1e7df8638fc8dc41f0559886fa0345821f65d677cef7bd0868a768b11a421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122262
x-xss-protection
0
expires
Sat, 12 Feb 2022 06:11:32 GMT
63de0ab067ff89c7907d9ce09f70f6ab.js
g.newsweek.com/sys/js/
144 KB
46 KB
Script
General
Full URL
https://g.newsweek.com/sys/js/63de0ab067ff89c7907d9ce09f70f6ab.js?v=1644598851
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
96a01cf6d62c030ac8efe0e148482b43dc3d5cbab60a383f9db1df05ab34c6b7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 17:01:00 GMT
server
Apache
etag
"1644598860"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds206.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
46473
script.js
d275im4r3zngba.cloudfront.net/
112 KB
39 KB
Script
General
Full URL
https://d275im4r3zngba.cloudfront.net/script.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:4000:8:bd4:5580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6ba0ded02b11273de2abf8bdfc391d044007206e94986e0eb5187104086c75e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:04:44 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 16:15:14 GMT
server
AmazonS3
age
409
etag
W/"27bbea5c63f30aff8d4a4a9c9ea75beb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
HeL149BP_LDc09YXr2FfRg5TElQWClmcWWtRC3R50X63GSbnsk9jKQ==
ats.js
ats.rlcdn.com/
109 KB
38 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-88.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
943
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Sat, 12 Feb 2022 05:55:50 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA60-P3
content-type
application/x-javascript
x-amz-cf-id
WneaCZ_NY3VrKC8Bk0Zh1L-W7bRnlY2Ddsyo0N-Noj-rpTvQN9txvA==
prebid.js
g.newsweek.com/www/js/
424 KB
129 KB
Script
General
Full URL
https://g.newsweek.com/www/js/prebid.js?v=6.10.0
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
21618b7703ba091f90da71de9d397ce330d11b42c9be51356a5a5d4f372fd76a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 04 Feb 2022 02:39:56 GMT
server
Apache
etag
"1643942396"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds292.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
132260
gpt.js
securepubads.g.doubleclick.net/tag/js/
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
4728872454e8775f7ef3d0a3359f411009ce30ba021ee87a0a567f78a49ac942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27218
x-xss-protection
0
server
sffe
etag
"1129 / 867 of 1000 / last-modified: 1644620926"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 12 Feb 2022 06:11:32 GMT
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/
20 KB
7 KB
Script
General
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/gdpr-liveramp.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3823487585822362741e3a820aee8d41f4e0bf7a01a216543a3945f272c54f92

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:12:48 GMT
content-encoding
gzip
age
46725
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="gdpr-liveramp.js"
last-modified
Fri, 25 Jun 2021 02:19:19 GMT
server
AmazonS3
etag
W/"effa2e5aeb22e39ae73ac61f37975ffa"
vary
Accept-Encoding
x-amz-version-id
I4oBr1zmFWGytRGLrBfcfmF0JqHZib56
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-type
text/javascript
x-amz-cf-id
4DWmg4DvvLOybCzize809V798LCQi1hIOcM5NKwzk3KnbdbWPA0-OA==
prebid.js
g.newsweek.com/www/js/
0
0
Fetch
General
Full URL
https://g.newsweek.com/www/js/prebid.js?v=6.10.0
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 04 Feb 2022 02:39:56 GMT
server
Apache
etag
"1643942396"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds251.lo4.hn,1644646292.cds292.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
132260
gtm.js
www.googletagmanager.com/
208 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVS8NW5
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96c05e43d57c66172070fdbb5a497d89eaacc14bc6b6262a963cd17b4312ef48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68388
x-xss-protection
0
expires
Sat, 12 Feb 2022 06:11:32 GMT
apstag.js
c.amazon-adsystem.com/aax2/
134 KB
36 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
GtBleBshAfJx9KFXwg43LDlo50FXi9le
content-encoding
gzip
etag
c1da564f59b83b9805e8df92eca012f5
age
757
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0GRHW0EDVJY1JBZYEV0P
date
Sat, 12 Feb 2022 05:59:02 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
1de7mhZYsTLEzcvFuctXASXiCCTPkXFVGeP5tunqdnQKL8FRfsBK5Q==
b
query.fqtag.com/
82 B
195 B
Script
General
Full URL
https://query.fqtag.com/b?org=YQwTNw4Muk9XFo4QH9JJ&sk=Wxsob0fAt4ZFyMO18SqG&callback=fq_callback&p=www.newsweek.com_article&a=article&cmp=none&cb=1644646292607&url=none&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.195.222 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
222.195.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82
icon-search-glass.svg
g.newsweek.com/www/images/
485 B
376 B
Image
General
Full URL
https://g.newsweek.com/www/images/icon-search-glass.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
62650fd33dce4209d2585176f5f4fcee4fb5abdeba5f3140bec1dd5f9abe043a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Mon, 27 Dec 2021 17:32:02 GMT
server
Apache
etag
"1640626322"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds066.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
293
83694e4b1e95c0ef591612ee7fe04d07.js
g.newsweek.com/sys/js/
68 KB
18 KB
Script
General
Full URL
https://g.newsweek.com/sys/js/83694e4b1e95c0ef591612ee7fe04d07.js?v=1644598851
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
6120f0aad9f193337754eb88657ba07ff36b316c6d1b152095ae1340c89a646f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 17:01:00 GMT
server
Apache
etag
"1644598860"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds097.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
18623
flipboard_srrw.png
g.newsweek.com/img/home/
877 B
1014 B
Image
General
Full URL
https://g.newsweek.com/img/home/flipboard_srrw.png
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
e4cf1c133b96419d7116640c9850740280ad5aed7e54b9749f7bb3211d6be4f7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 22:44:26 GMT
server
Apache
etag
"1632264266"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds011.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
900
wendy-williams.webp
d.newsweek.com/en/full/1984488/
42 KB
42 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1984488/wendy-williams.webp?w=790&f=75ae972e112bb0c46a0fbf3ff041100a
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
f246e889307cda594c53107c3baedee62240b07d243b4e8dec2a8196a7bc4c46
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
last-modified
Fri, 11 Feb 2022 09:31:42 GMT
server
Apache
x-cacheable
YES
etag
"1644571902"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds067.lo4.hn,1644646292.cds101.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
42604
opinion-headshot-bg.png
g.newsweek.com/www/images/
5 KB
5 KB
Image
General
Full URL
https://g.newsweek.com/www/images/opinion-headshot-bg.png
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
d73c80c747e2ebaa8fce065cb77d293449cc8ca02591327c5a95d924c1948364
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Tue, 17 Aug 2021 20:10:33 GMT
server
Apache
etag
"1629231033"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds233.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
4876
logo-n1.svg
g.newsweek.com/www/images/
409 B
402 B
Image
General
Full URL
https://g.newsweek.com/www/images/logo-n1.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 23:04:46 GMT
server
Apache
etag
"1626476686"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds208.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
294
free-sign-up.svg
g.newsweek.com/www/images/
3 KB
1 KB
Image
General
Full URL
https://g.newsweek.com/www/images/free-sign-up.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 16:44:24 GMT
server
Apache
etag
"1638377064"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds233.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
1332
doug-farrar.webp
d.newsweek.com/en/full/1982727/
2 KB
2 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1982727/doug-farrar.webp?w=63&h=63&f=ef36f2630c2ae42efdafe66cb9a16736
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
69d1e3c0b76bb9a417d454d7fdfb60c9aa6cd498840eca6a644987a7874549e0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
last-modified
Tue, 08 Feb 2022 22:03:28 GMT
server
Apache
x-cacheable
YES
etag
"1644357808"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds067.lo4.hn,1644646292.cds256.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
1870
michael-hurley.webp
d.newsweek.com/en/full/1982729/
2 KB
2 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1982729/michael-hurley.webp?w=63&h=63&f=56955fed53ba26f1d56b0c4522537fb3
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
d23bed1968d17c1aaeebc85e66fa450602cfa217128b6f3cf70a8c4f547223e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
last-modified
Tue, 08 Feb 2022 22:23:06 GMT
server
Apache
x-cacheable
YES
etag
"1644358986"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds067.lo4.hn,1644646292.cds045.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
2054
check.svg
g.newsweek.com/www/images/
171 B
255 B
Image
General
Full URL
https://g.newsweek.com/www/images/check.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
aa12b6968b55d509378d47dc26722bd22f3b62a5d85d11685817da0275601693
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 16:44:24 GMT
server
Apache
etag
"1638377064"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds006.lo4.hn,1644646292.cds217.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
158
implement-r.js
fqtag.com/tag/
2 KB
2 KB
Script
General
Full URL
https://fqtag.com/tag/implement-r.js?org=YQwTNw4Muk9XFo4QH9JJ&p=www.newsweek.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6aa69eaafff66c5ab3331b78a234dfebe2c7b6ce76979fa39364cd9f2f68949f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:11:32 GMT
via
1.1 google
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2150
x-xss-protection
0
expires
0
counter.js
gc.newsweek.com/front/js/
2 KB
1 KB
Script
General
Full URL
https://gc.newsweek.com/front/js/counter.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
a0b51ba25024fedcd9074066b464ec2dd88d655aa7d0821046ec3cc91dbc082a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 17:15:46 GMT
server
Apache
etag
"1620839746"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds210.lo4.hn,1644646292.cds002.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
873
play-list
d.newsweek.com/widget/
10 KB
2 KB
XHR
General
Full URL
https://d.newsweek.com/widget/play-list?nid=524952&items=4&v=11644598851
Requested by
Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/63de0ab067ff89c7907d9ce09f70f6ab.js?v=1644598851
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
7bfd8683288413b80b2e2fd050bc0d354a322e972bff102d720345ccb336822d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.newsweek.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 21:13:28 GMT
server
Apache
x-cacheable
YES
etag
"1644614008"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds038.lo4.hn,1644646292.cds040.lo4.c
content-type
application/json
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
2319
home-opinion
d.newsweek.com/json/
18 KB
2 KB
XHR
General
Full URL
https://d.newsweek.com/json/home-opinion?time=1644638189&te=1644598851
Requested by
Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/63de0ab067ff89c7907d9ce09f70f6ab.js?v=1644598851
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
d13d1c4995c7579259e4bfa91afe250b1b2f45252c9b2930a649e163c4deb2c5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.newsweek.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
last-modified
Sat, 12 Feb 2022 03:56:42 GMT
server
Apache
x-cacheable
YES
etag
"1644638202"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds038.lo4.hn,1644646292.cds030.lo4.c
content-type
application/json
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, public
accept-ranges
bytes
content-length
2198
/
geo.privacymanager.io/
28 B
590 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
a81b295b51029aa9eac46af64442efd6b08f8492104a6ca3c9bae23a58920b07

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 04:02:52 GMT
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront), 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
age
7720
x-amzn-requestid
968068a3-6470-49d5-ba2c-b4f7fd926822
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6207316c-7be3cecb3766ed6309d03a2f;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA60-P3
x-amz-apigw-id
NaSo_E9RDoEF3_g=
content-length
28
x-amz-cf-id
t6b8B5wBFe-k9hwnjWdoipKKiyUqZPe63AK3poxx-5leIzMpxFIGTQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
gdpr.bundle.js
gdpr.privacymanager.io/1/
179 KB
52 KB
Script
General
Full URL
https://gdpr.privacymanager.io/1/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:f000:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed73062336eb54549b93a96dfaca1bae38198614dfc85f6cd3b992e5568c4fe1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
m5MSvs08u5Tdcb8EwmgQ1jzIx7UNjM0T
content-encoding
gzip
etag
W/"bac22e7135c33a00ebc3e673fefe0838"
age
1530
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:4f7d9d16-6853-4c46-95e6-3d18587947dc
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
4f2f915ba6a93d7b98f4cfacaf241b9e
last-modified
Wed, 05 Jan 2022 14:07:29 GMT
server
AmazonS3
date
Sat, 12 Feb 2022 05:46:02 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
e273af2c7e20ad10b504cb3df84a22aedef59a08fedec45c87e0cb5b34fc84df
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
FRA60-P2
content-type
application/x-javascript
x-amz-cf-id
koIi3OT9TS3sVdeU6Jz4U9DD-gLoyBF7X3xSnDHpDEyIInhpDa24kg==
config
c.amazon-adsystem.com/cdn/prod/
986 B
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3376&u=https%3A%2F%2Fwww.newsweek.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
268c4a212397113380d519b659d552f2f85fe1cef024b21b6f4a9dd66239fe28

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 02:14:08 GMT
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
server
Server
age
14244
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsweek.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
content-length
986
x-amz-cf-id
9p4umn2SyxrkB52zMcGwwVLC3YQHjvsJoeZVpAe6EZjDJEOt_Gzf-Q==
config
c.amazon-adsystem.com/cdn/prod/
986 B
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3376&u=https%3A%2F%2Fwww.newsweek.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
268c4a212397113380d519b659d552f2f85fe1cef024b21b6f4a9dd66239fe28

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 02:14:08 GMT
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
server
Server
age
14244
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsweek.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
content-length
986
x-amz-cf-id
YB6epMgnB40qYzq4btDMlfIIsvX4HMwozuakIpgJ8XXa4MHzykXRbA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
12467
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Sat, 12 Feb 2022 02:46:00 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
8bKOnLzuR6YqwQjuXJ5oya02tOss0rlN2HSkyFts3gzhyeKdaL0ptQ==
pubads_impl_2022021001.js
securepubads.g.doubleclick.net/gpt/
358 KB
120 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 11:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122668
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:35:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 10 Feb 2023 11:50:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
471 B
222 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.newsweek.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
070301304cb782195aac71f215d91fb531130d64ecaa8b4901333202905d77a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Feb 2022 06:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
expires
Sat, 12 Feb 2022 06:11:32 GMT
1a
i.clean.gg/
0
15 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 12 Feb 2022 06:11:33 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Sat, 12 Feb 2022 06:11:33 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
wendy-williams-health-battles.webp
d.newsweek.com/en/full/1949292/
33 KB
33 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1949292/wendy-williams-health-battles.webp?w=790&h=444&q=75&f=2d4712d258d4e873b3157586e34fd05d
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
038ec7f2126177ecd090592ab11b340d9853329d3e6eaaaba737e0cd57f9c3dd
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
last-modified
Fri, 11 Feb 2022 08:22:48 GMT
server
Apache
x-cacheable
YES
etag
"1644567768"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds067.lo4.hn,1644646292.cds041.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
33832
truncated
/
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.newsweek.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
ilan-berman.webp
d.newsweek.com/en/full/1601984/
2 KB
2 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1601984/ilan-berman.webp?w=63&h=63&f=95962c8faa732beee34dac5c240da072
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
6d003a29a16eec11194694942956f355255118f6800068cf3caedfe52013b683
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
last-modified
Fri, 11 Feb 2022 18:00:10 GMT
server
Apache
x-cacheable
YES
etag
"1644602410"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds067.lo4.hn,1644646292.cds053.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
2074
jamil-jivani.webp
d.newsweek.com/en/full/1984646/
2 KB
2 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1984646/jamil-jivani.webp?w=63&h=63&f=7dbc836d6a41ced4790fb1cb0bf286e1
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
e86992851d6d96e9aaec59768fb9b1995af829f88646b8b641e21eede5368792
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
last-modified
Fri, 11 Feb 2022 14:48:49 GMT
server
Apache
x-cacheable
YES
etag
"1644590929"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds067.lo4.hn,1644646292.cds236.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
1846
cat-woods.webp
d.newsweek.com/en/full/1736093/
2 KB
2 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1736093/cat-woods.webp?w=63&h=63&f=713b942bf4051169224f05ee6c29ae57
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
96e5212e10d91c1ba7fc9180331510aa9c118eb59673e80752f1cd46c1881b63
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
last-modified
Thu, 13 Jan 2022 13:01:03 GMT
server
Apache
x-cacheable
YES
etag
"1642078863"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds067.lo4.hn,1644646292.cds035.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
1954
kamran-bokhari.webp
d.newsweek.com/en/full/1981197/
2 KB
2 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1981197/kamran-bokhari.webp?w=63&h=63&f=ee01f2984d9040c61017c9276d7fc66a
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
10e372ce2a29bdd2f484b406ff7bde1a39006793ba45da097a7e2383e17da133
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
last-modified
Fri, 11 Feb 2022 13:00:23 GMT
server
Apache
x-cacheable
YES
etag
"1644584423"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds067.lo4.hn,1644646292.cds275.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
1920
daniel-r-depetris.webp
d.newsweek.com/en/full/1896095/
2 KB
2 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1896095/daniel-r-depetris.webp?w=63&h=63&f=5f46d837d716c0eab547f102eba5ff64
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
575d0cf263d704e24f5096cea99f9e9668833c419170835d030eb224684ddbb1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:32 GMT
last-modified
Thu, 16 Sep 2021 16:53:20 GMT
server
Apache
x-cacheable
YES
etag
"1631811200"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds067.lo4.hn,1644646292.cds030.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
2060
rafi-eis.webp
d.newsweek.com/en/full/1981744/
2 KB
2 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1981744/rafi-eis.webp?w=63&h=63&f=67e2b32a888a424cdb14461d17a4b2c6
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
b91fd669fba9b78f555e3c5b80658091c68ba074e296276ae3a086a5d0370170
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:33 GMT
last-modified
Fri, 11 Feb 2022 12:00:11 GMT
server
Apache
x-cacheable
YES
etag
"1644580811"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds067.lo4.hn,1644646293.cds060.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
2018
dhillon-carroll-crotty.webp
d.newsweek.com/en/full/1984057/
2 KB
2 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1984057/dhillon-carroll-crotty.webp?w=63&h=63&f=4c06ab979bfa80807db592402636780a
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
658939d49a96af990ec80518225d6871c3a11cf49ddc6ba0beba1cc35087ecb1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:33 GMT
last-modified
Fri, 11 Feb 2022 11:30:30 GMT
server
Apache
x-cacheable
YES
etag
"1644579030"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646292.cds067.lo4.hn,1644646293.cds227.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
2288
josh-hammer.webp
d.newsweek.com/en/full/1978865/
2 KB
2 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1978865/josh-hammer.webp?w=63&h=63&f=6108b00453f3ccb5455bfd7a0e0bf3ba
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
09efc8fcc1755a8219beaa7faa32b4ce4a6fabb525aa423f2a46cf10a803796c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:33 GMT
last-modified
Thu, 03 Feb 2022 06:01:59 GMT
server
Apache
x-cacheable
YES
etag
"1643868119"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646293.cds067.lo4.hn,1644646293.cds279.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
2120
mark-fiddler-naomi-schaefer-riley.webp
d.newsweek.com/en/full/1983376/
2 KB
2 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1983376/mark-fiddler-naomi-schaefer-riley.webp?w=63&h=63&f=24b1a17a6796630ff9b48587ce87c90d
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
c6cfbbc764e12eb0f328c9a55b8c09595a846f0bd641a644dfa8d5a214c1108a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:33 GMT
last-modified
Fri, 11 Feb 2022 11:00:24 GMT
server
Apache
x-cacheable
YES
etag
"1644577224"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646293.cds067.lo4.hn,1644646293.cds070.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
2188
raman-mitra.webp
d.newsweek.com/en/full/1982787/
2 KB
2 KB
Image
General
Full URL
https://d.newsweek.com/en/full/1982787/raman-mitra.webp?w=63&h=63&f=03477528388723ca2139a69e5d35a01b
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
b5900a3c4c550550ddc67dcdf2b258310ecfd321c57e8db54dcf3d2050b59f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:33 GMT
last-modified
Thu, 10 Feb 2022 22:53:03 GMT
server
Apache
x-cacheable
YES
etag
"1644533583"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1644646293.cds067.lo4.hn,1644646293.cds103.lo4.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
2030
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
53 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:33 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Sat, 12 Feb 2022 06:26:33 GMT
bid
c.amazon-adsystem.com/e/dtb/
23 B
492 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2Fwendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299&pid=60ayZaVahn76j&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right1%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22id%22%3A%22Newsweek_VideoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:33 GMT
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
01NTSHPCG6RP0GV75046
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
qhYe-otyxqfL8klVuBmiJwoDuVp-Q5pIU3CeDPQbOY4bAv5QNMqkow==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
401
date
Sat, 12 Feb 2022 06:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 12 Feb 2022 08:04:52 GMT
chartbeat.js
static.chartbeat.com/js/
36 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:04:03 GMT
content-encoding
gzip
last-modified
Thu, 03 Feb 2022 22:23:33 GMT
server
nginx
age
4050
etag
W/"61fc55e5-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
HcoeutD5ouaQGgn7pn8y0FlwLcDUuVnS0iIoE2uNN3d0B24qRdSJ2g==
expires
Sat, 12 Feb 2022 07:04:03 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6972086&ns__t=1644646292993&ns_c=UTF-8&c8=Wendy%20Williams%27%20Bank%20Says%20She%27s%20Being%20Exploited%20Amid%20Fight%20Over%20Cash%20Access&c7=https%3...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6972086&ns__t=1644646292993&ns_c=UTF-8&c8=Wendy%20Williams%27%20Bank%20Says%20She%27s%20Being%20Exploited%20Amid%20Fight%20Over%20Cash%20Access&c7=https%...
0
224 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6972086&ns__t=1644646292993&ns_c=UTF-8&c8=Wendy%20Williams%27%20Bank%20Says%20She%27s%20Being%20Exploited%20Amid%20Fight%20Over%20Cash%20Access&c7=https%3A%2F%2Fwww.newsweek.com%2Fwendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299&c9=
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:33 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
J0GJaQnpTCdpUJDwpdAJ9wx-_dBnNRYItd9L-WdSA7JGGTpfeqO7DA==
x-cache
Miss from cloudfront

Redirect headers

date
Sat, 12 Feb 2022 06:11:33 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6972086&ns__t=1644646292993&ns_c=UTF-8&c8=Wendy%20Williams'%20Bank%20Says%20She's%20Being%20Exploited%20Amid%20Fight%20Over%20Cash%20Access&c7=https%3A%2F%2Fwww.newsweek.com%2Fwendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299&c9=
content-length
334
x-amz-cf-id
4xcebzzhAXBwYgkTl9fDck_gQSRfxNW9G-xcZbRpQKexdoJfl04rXA==
pixel.js
cdn.fqtag.com/1.27.339-ccfb11a/
88 KB
88 KB
Script
General
Full URL
https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.36.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:05:57 GMT
age
336
x-guploader-uploadid
ADPycdvYJVJouZYQX5kEZShF0vhCTMhFd_JQUjCa0hfTIPzTrTW0Rzbu6pWMqFrujANalYAZfAfJPL3dFMOH_Hn0d_XJH659TQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89647
last-modified
Wed, 27 Jan 2021 19:48:44 GMT
server
UploadServer
cache-control
public, max-age=3600
etag
"e0eff30579598f76147c9ea12f490d21"
x-goog-hash
crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
content-language
en
x-goog-generation
1611776924905378
x-goog-expiration
Sun, 11 Nov 2294 19:48:44 GMT
x-goog-stored-content-length
89647
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 12 Feb 2022 07:05:57 GMT
article
stats.newsweek.com/counter/
14 B
475 B
Script
General
Full URL
https://stats.newsweek.com/counter/article?ack=sys_callback&site_id=7&c_what=article&a_id=1678299&r_id=37465&c_id=107&c_url=&referer=&device=desktop&a_editor=10&c_country=GB&xz=5&c_uque=1&c_ruque=1&c_visits=1
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.115.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-115-172.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:33 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=25920000
strict-transport-security
max-age=86400; includeSubDomains
content-length
34
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ Frame
0
0
Preflight
General
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Fri, 11 Feb 2022 17:12:48 GMT
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-allow-headers
content-type
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
S3mZt1rrpp_mC5Zzu3f4FhFJjiPCEyqNgxZfa4jKrivokq1wsud_GA==
age
46726
/
geo.privacymanager.io/ Frame
0
0
Preflight
General
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Sat, 12 Feb 2022 06:11:33 GMT
x-amzn-requestid
fd8aa30d-47d8-4d46-b6f4-3914e473a931
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
NalfVHpTjoEF6RQ=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront), 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1 FRA60-P3
x-cache
Miss from cloudfront
x-amz-cf-id
rBPS2QcONWMti4roIVrvX779cJK4eUB4H7j7qogePnPRdNM_E4fXyA==
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/
54 KB
9 KB
Fetch
General
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afd14678daf3cc04207ebb7341b84255846ac5790cb1d4698ff4419aa5a21110

Request headers

Accept
application/json
Referer
https://www.newsweek.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

x-amz-version-id
aBjjYSpqEW8mmzQzrQIrA8Uqu5bjsQ.b
content-encoding
gzip
etag
W/"d4d8ade0302bd1e7c565abd6b37c8d44"
age
3519
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Fri, 11 Feb 2022 17:11:34 GMT
server
AmazonS3
date
Sat, 12 Feb 2022 05:12:56 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
JJZ1JUXxIOEGAb8slLhP3PvNyw-ESfGYQWD5bgL8GDOlkZwRygJLbw==
/
geo.privacymanager.io/
28 B
591 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
a81b295b51029aa9eac46af64442efd6b08f8492104a6ca3c9bae23a58920b07

Request headers

Accept
application/json
Referer
https://www.newsweek.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 12 Feb 2022 04:02:52 GMT
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront), 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
age
7721
x-amzn-requestid
968068a3-6470-49d5-ba2c-b4f7fd926822
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6207316c-7be3cecb3766ed6309d03a2f;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA60-P3
x-amz-apigw-id
NaSo_E9RDoEF3_g=
content-length
28
x-amz-cf-id
-EN9hdgbRfu7X0kvHRQzP3BZA4kJWY09ueYofev-iW9xEFPuLFYF3Q==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
collect
stats.g.doubleclick.net/j/
7 B
446 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44450862-1&cid=793499632.1644646293&jid=2088578512&gjid=542827611&_gid=1802152612.1644646293&_u=YGBAgUABAAAAAE~&z=1151872817
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsweek.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 12 Feb 2022 06:11:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1904868714&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsweek.com%2Fwendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299&ul=en-us&de=UTF-8&dt=Wendy%20Williams%27%20Bank%20Says%20She%27s%20Being%20Exploited%20Amid%20Fight%20Over%20Cash%20Access&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUAB~&jid=2088578512&gjid=542827611&cid=793499632.1644646293&tid=UA-44450862-1&_gid=1802152612.1644646293&gtm=2wg290TVS8NW5&cd1=Ryan%20Smith&cd2=Culture&cd3=&cd4=US&cd5=en&cd6=article&cd7=1678299&cd8=20220211&cd9=202202&cd10=newsweek.com%2Fculture%2Farticle&cd12=N&cd13=N&cd14=Y&cd15=Y&cd17=Arts%20%26%20Entertainment&cd18=related&cd19=web&cd20=21&cd21=7&cd22=article&cd23=web&cd24=N&cd25=Wells%20Fargo%2C%20Court%2C%20Finances%2C%20Legal%2C%20TV&cd26=ndef&cd27=nonpromoted&cd28=Breaking%20News%20-%20LON&cd30=Y&cd31=4&cd32=8&cd33=ndef&cd34=anon&cd35=711&cd36=Direct&cd37=4g&cd38=web&cd40=Aggregation&cd41=2&cd42=1&cd43=United%20States&cd44=N&cd45=N&cd46=0&z=1498583927
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Feb 2022 06:44:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
84419
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=newsweek.com&p=%2Fwendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299&u=BIc91lBnhWSd80PUP&d=newsweek.com&g=65968&g0=Culture&g1=Ryan%20Smith&n=1&f=00001&c=0&x=0&m=0&y=9133&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=863&t=C-tR4hBEWoQ8DU4Mq44oTeIJb1jm&V=129&i=Wendy%20Williams%27%20Bank%20Says%20She%27s%20Being%20Exploited%20Amid%20Fight%20Over%20Cash%20Access&tz=0&_acct=anon&sn=1&sv=DVQK0dDNa90XqSjBGDp1licTLkPC&sd=1&im=067b0fff&_
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.254.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-254-104.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:11:33 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44450862-1&cid=793499632.1644646293&jid=2088578512&_u=YGBAgUABAAAAAE~&z=103392966
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:11:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/
42 B
501 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44450862-1&cid=793499632.1644646293&jid=2088578512&_u=YGBAgUABAAAAAE~&z=103392966
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:11:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
fqtag.com/
0
10 B
XHR
General
Full URL
https://fqtag.com/pixel
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 12 Feb 2022 06:11:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
1 KB
1 KB
Document
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fecf08d48dbc946b3487abedf98eda2cc270626b457f350347e67729bb4c007c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/

Response headers

content-type
text/html
date
Wed, 09 Feb 2022 06:43:19 GMT
last-modified
Wed, 15 Dec 2021 14:47:12 GMT
etag
W/"b8061b8850e21ea20dba03d10b1747ea"
x-amz-server-side-encryption
AES256
cache-control
must-revalidate,public,max-age=604800
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
x-amz-version-id
23R9.udz4dRIqf_2.U3F5fxRxvuJ6aHi
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
server
AmazonS3
content-encoding
br
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
HAj-KMFUDfhKyFsiUaLff2piwIVN_OverOO3qE1eUGVItyBwy2QbiA==
age
257294
styles.css
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
95 KB
10 KB
Stylesheet
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/styles.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d96359b975ea60541c0a2af5c5de0197241e5e769841ac87cdb8dbb636dac16f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
phXBk2_SjiiRo3htXhs2mQMifmClUsNs
content-encoding
br
etag
W/"fc91ee31cf2e2dbba65546e19b425c59"
age
247116
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
last-modified
Wed, 15 Dec 2021 14:47:21 GMT
server
AmazonS3
date
Wed, 09 Feb 2022 09:32:58 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
content-type
text/css
x-amz-cf-id
7rskM7jPZuro9FpLTEwfYFx77ECr3WZuU-ohNvix2WosbHotMxvVsA==
openSans.css
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
26 KB
2 KB
Stylesheet
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c631d3bebb168e8549f41a8137a8681fc6d87da3b1b4c2cd6377b7d79b236caf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 16:06:17 GMT
content-encoding
br
age
396317
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
last-modified
Wed, 15 Dec 2021 14:47:19 GMT
server
AmazonS3
etag
W/"e0df7919fa5e82dca894ac73371effed"
vary
Accept-Encoding
x-amz-version-id
ywiilb2gfgLXT9VKYZLFjjSdal0WdLpw
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
content-type
text/css
x-amz-cf-id
tNJF1aZWiQoXcIo0fckPKNRUer146rWpylnHSO17LIdvBlpR46Chvw==
runtime.js
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
2 KB
2 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Q4.lapWZoaY96odfA.K4AQJBFuNTGPfv
content-encoding
br
etag
W/"5fe48064a68c5e51f208fb444eb5a84a"
age
480697
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
last-modified
Wed, 15 Dec 2021 14:47:06 GMT
server
AmazonS3
date
Sun, 06 Feb 2022 16:39:57 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
content-type
application/x-javascript
x-amz-cf-id
Wfk6DI9zG7-ILfZ-rU7IhF7iEWhCT3MxB7fDdDYfgKkFEmiGatqfEw==
polyfills.js
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
44 KB
15 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c04106baf1333a6d9411aff493577c67786b171cfa91501c8eb3e31405b3059

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 06 Feb 2022 16:45:21 GMT
content-encoding
br
age
480373
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
last-modified
Wed, 15 Dec 2021 14:47:26 GMT
server
AmazonS3
etag
W/"d40fc0a76f5b7cbdbb3f7a15f1038a44"
vary
Accept-Encoding
x-amz-version-id
X5JOeTo9OJ9CSxMdHRLELvZsI6eQhaUJ
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
content-type
application/x-javascript
x-amz-cf-id
NMszXUGGmEKwrQVI9N3mvKrAjNkzY4_e262hISshpgeskmMIRQ2MRQ==
vendor.js
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
783 KB
200 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d49b3070550d94e487ca7bb67ff0b7b7413fb13805385cf9ddb9b5fb32a97d0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
l7TKkSFOJEmvG3mRBupTzzJ0Y3d0pO6j
content-encoding
gzip
etag
W/"83497fb39f19b4dfaaa958cf6d4558b1"
age
585670
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
last-modified
Wed, 15 Dec 2021 14:47:39 GMT
server
AmazonS3
date
Sat, 05 Feb 2022 11:30:24 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
content-type
application/x-javascript
x-amz-cf-id
sR8pEWO1E5LNsmeqPurN4_QWNudlDl-CKCeZrUGqltyNjOWRRQVTtw==
main.js
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
42 KB
10 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef319f3bbf7ef80ab9f4b6a6521b95d4b99e8fb5e9e9175736ac59843f6618c9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
UhPjcM0AjnLha6JopwVDoWHX.h_8vkIt
content-encoding
br
etag
W/"a8b2d83df62798c51323f96018a06e88"
age
247116
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
last-modified
Wed, 15 Dec 2021 14:47:20 GMT
server
AmazonS3
date
Wed, 09 Feb 2022 09:32:58 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
content-type
application/x-javascript
x-amz-cf-id
KTPTprsNjEIM1mb86FubTfHEp9xiitX3CHi7BmYkoQRBm6T0eidhqA==
defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
0
6 KB
Other
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
800rkl9Y_OpKqolRt83Anv_4eVQqoOZg
content-encoding
br
etag
W/"ddb5e6d71b353c98624b1784c506f1ee"
age
247116
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
last-modified
Wed, 15 Dec 2021 14:47:07 GMT
server
AmazonS3
date
Wed, 09 Feb 2022 09:32:58 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
content-type
text/css
x-amz-cf-id
5UwN9IRKK_5nRJdLlRsZ6vfZXwP2fQFY9QEj1tU56AjAtNr0TsQ7hw==
1.js
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
59 KB
11 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/1.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7616f08be26a959b91cf7f8da6e20574a01544dc8086c5d8c89edeb8537531ff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
AOcq3Tz74N62PDh6GqREApRECq14ZsGn
content-encoding
br
etag
W/"cb642e4839994ca4fc3ef9623c877f36"
age
247116
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
last-modified
Wed, 15 Dec 2021 14:47:09 GMT
server
AmazonS3
date
Wed, 09 Feb 2022 09:32:58 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
content-type
application/x-javascript
x-amz-cf-id
YPjMxvFejocrnB28JDcjsh7vVdbbSKPb4pNP-FnMlbiCMzxdL5nkmg==
18.js
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
22 KB
5 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/18.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67713957fa35cc8b9c5f412ab236018cd56988a8ffd4f76caeeef0a4410e0fb2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
4OJ1fX5AR9seIJVqAM5zfiHN2dgMkAjI
content-encoding
br
etag
W/"4e8adeee94e1d567db84c74c42a910e9"
age
247116
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
last-modified
Wed, 15 Dec 2021 14:47:12 GMT
server
AmazonS3
date
Wed, 09 Feb 2022 09:32:58 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
content-type
application/x-javascript
x-amz-cf-id
g-qSQtCO1dRFlXYSWMflDa6VOls9KBi0UHJLokE7XfRm4F3oBOJjvQ==
userEvents:collect
recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/
7 B
368 B
Image
General
Full URL
https://recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/userEvents:collect?key=AIzaSyC941bziWOAfKYUryv4ZGBrZgm3nYWfyzE&uri=https%3A%2F%2Fwww.newsweek.com%2Fwendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299&user_event=%7B%22eventType%22%3A%22detail-page-view%22%2C%22userInfo%22%3A%7B%22visitorId%22%3A%22GA1.2.793499632.1644646293%22%7D%2C%22productEventDetail%22%3A%7B%22productDetails%22%3A%5B%7B%22id%22%3A%221678299%22%7D%5D%7D%7D&ets=1644646293628
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:11:33 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
vary
Origin, X-Origin, Referer
content-length
7
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bloodyMary.css
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
34 KB
6 KB
Stylesheet
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/bloodyMary.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d656a62d00379daf3bbc8d0f465cd1a4dd061289996f2e3b39d6f55abd21f8b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
yTMHurHU4JuYnNtO7IenIMTp4rntz4hl
content-encoding
gzip
etag
W/"5e36871e7832edc3fdbfedcb84619a9f"
age
577534
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
last-modified
Wed, 15 Dec 2021 14:47:21 GMT
server
AmazonS3
date
Fri, 11 Feb 2022 15:44:09 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
content-type
text/css
x-amz-cf-id
7pMdSI8d5fmR47MRW3iOeuCMgeltuM-mqsmlaskFAULU74_sZrXOwg==
17.js
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
123 KB
22 KB
Script
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/17.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67b08c185967e7dbda1aecb9e42a11c61f24a20c0ccefe9ebfea250a4d67990c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
ZJxE1VeXkC1ypmrlLi5NsoMndYH_iITn
content-encoding
br
etag
W/"ab5247f9ceb22da2bab708700b3ce763"
age
247116
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
last-modified
Wed, 15 Dec 2021 14:47:29 GMT
server
AmazonS3
date
Wed, 09 Feb 2022 09:32:58 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
content-type
application/x-javascript
x-amz-cf-id
GgK2vn3iAFDdMErfXg_zVWVc7u-c3Ll5RnW6Qtub8bHXxlGgLUZy3g==
open-sans-latin-400-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
14 KB
15 KB
Font
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-400-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 23:53:14 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
age
541100
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
content-length
14440
last-modified
Wed, 15 Dec 2021 14:47:12 GMT
server
AmazonS3
etag
"ff9d619b59f5cb3529b100448f398ac5"
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-version-id
9HjLJBJQaeT1Q_eQ42u08VDesitxuLal
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
fjwVa4PXFcx0hqkB_mrJm12FQczRVzH_48ZL-PUqfTweJMZ6X8ebKA==
manager-logo.png
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ Frame A63F
7 KB
8 KB
Image
General
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/manager-logo.png?time=1597988436991
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
058a98c46e5b15ed2c067641fe8cc79cc167a3c1aa024247d3675135a70392a9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 11 Feb 2022 17:12:52 GMT
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
last-modified
Fri, 21 Aug 2020 05:40:36 GMT
server
AmazonS3
age
46722
etag
"c0ece874cb8828b768781f22c83538d0"
x-cache
Hit from cloudfront
x-amz-version-id
2ie1Ur9NR5wMAjHZDgsckdhCF6rAqE5F
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
7360
x-amz-cf-id
5mc7tD5OwIc3kxXYYA21q5l0FniNdS17RVJcG8JE-IFB3E8GEVgYcQ==
icon-chevron-left.svg
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
441 B
1 KB
Image
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/icon-chevron-left.svg
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/bloodyMary.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/bloodyMary.css
Origin
https://cmp-consent-tool.privacymanager.io
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
SQTSgMhCL_wq7lNXsiGi6rrgu3K4n.v2
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
etag
"e2760515a843a0256b4b810489b5426b"
age
52555
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
content-length
441
last-modified
Wed, 15 Dec 2021 14:47:37 GMT
server
AmazonS3
date
Fri, 11 Feb 2022 15:35:39 GMT
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
lW96MtQkKWkpgP0CMcYr_bHoQqTpBsn3wxd272dVBW8MZghAY9d4PQ==
open-sans-latin-700-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
15 KB
15 KB
Font
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-700-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
cbgTlBS9Q9hzc_ZmcMMCs7zGT4My0CmP
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
etag
"b596676fc00af9806c16a12e9a0350f8"
age
500646
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
content-length
15112
last-modified
Wed, 15 Dec 2021 14:47:31 GMT
server
AmazonS3
date
Sun, 06 Feb 2022 11:07:28 GMT
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
QHGbnhhGzdTZC8B8QMZxdEj83c-LkY6hHpF8nxZpk1Af3Az4bkwQWg==
open-sans-latin-600-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame A63F
15 KB
15 KB
Font
General
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-600-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
cPx3rDB5X22KeqH0gHkIhCt9IYRW3j5m
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
etag
"4334c2753ff9f057d9de926e66882c9e"
age
548485
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:79d94d0c-daa6-4a5a-954d-997d714bcc27
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
efcacf39bb038bb8f13b97f7418e3921
content-length
14956
last-modified
Wed, 15 Dec 2021 14:47:19 GMT
server
AmazonS3
date
Sat, 12 Feb 2022 05:25:06 GMT
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
d6e5abd5749bc6d1b034c46b977359d6c7505bbc4b3a484d4824097ee47ca109
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
6-rwnjlt-9llSSX7Tv2kQ--3se1duDgde_h6WQGE3Qyc8lvIGqxdhA==
hotjar-2110774.js
static.hotjar.com/c/
8 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2110774.js?sv=7
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-49.fra56.r.cloudfront.net
Software
/
Resource Hash
795d86aee14f35040c1e9181f6f04b294c2218e790da57d4d90e6e8e6ed47540
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:33 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-P2
etag
W/f6f5716bb386b64509465b947090822b
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
SxPrQPA0dz33G03_D9hRuOBUhajJ9IUg9hNlcnhdJB0yH9K-g1wWeA==
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
/0yey6rxP8WLvNa+cZ4C2RXTGnzgk2wrBZokV9iw3iQ6vDEfLDHi+keN4TUEswxvqXAlzvbW2xWi9GUG044JwA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 12 Feb 2022 06:11:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
5e9e00b619144f0012bc03cf
api.pushnami.com/scripts/v1/pushnami-adv/
397 KB
91 KB
Script
General
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5e9e00b619144f0012bc03cf
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-54.fra60.r.cloudfront.net
Software
/
Resource Hash
73658a4a3848f5bfa218bc87055bb7e25cc419ad3d43086b8b6d850af834a451

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:01:59 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
age
574
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-pop
FRA60-P3
content-encoding
gzip
x-amz-cf-id
UCSJwrRIsXoKeG2v3xR0LH9CQ39sqFSiHn442khjFBUkgLmHvXj8oQ==
smart.js
meta.resetdigital.co/Scripts/
3 KB
3 KB
Script
General
Full URL
https://meta.resetdigital.co/Scripts/smart.js?px=1000160
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.55.126.42 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a7eaf01be46d47f1912beb66b83b897757d9fca9e69cbcf6f3cbb8aed8df3e5c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:33 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
2640
content-type
application/json
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5
  • https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=a0d65f09-8bca-11ec-bf5f-1131174c0106
0
588 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=a0d65f09-8bca-11ec-bf5f-1131174c0106
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sat, 12 Feb 2022 06:11:34 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
69
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sat, 12 Feb 2022 06:11:33 GMT
Server
nginx
Location
/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=a0d65f09-8bca-11ec-bf5f-1131174c0106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
86
Connection
keep-alive
Content-Length
0
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6972086/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
350 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:02:18 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
556
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
0
x-amz-cf-id
O0fgN9X5xxUFYbQcKt9uCD0UVGts7aq6MvIvEEprRfL871J61-WThw==

Redirect headers

date
Sat, 12 Feb 2022 06:11:33 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
cznoyyK4Bg3w3SelBKXWKL4C0dmnrJVuyIs366qLfIRrYvCz6GvjQQ==
496391994180701
connect.facebook.net/signals/config/
307 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/496391994180701?v=2.9.52&r=stable
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f205e8ce5a8e609c8be486a6dd3b731fd2041eeb2ad4b653e8ef4dc394477bda
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89459
x-xss-protection
0
pragma
public
x-fb-debug
MKT8OoERP3a2hcK3y8yAL3QcrdYpPCcHI6htVkei7EnE4RdvdeJCIDsiKnFRIX+eE4ySKaFyyHsTeEMENE0Czg==
x-frame-options
DENY
date
Sat, 12 Feb 2022 06:11:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.855de5fca5328f4d913a.js
script.hotjar.com/
235 KB
62 KB
Script
General
Full URL
https://script.hotjar.com/modules.855de5fca5328f4d913a.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 17:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
132688
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
62578
access-control-allow-origin
*
last-modified
Thu, 10 Feb 2022 17:19:42 GMT
etag
"6f96b4466f1ad2a1f9575d6ac84a137f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
NCYt4kgOeg6B3S9u4ZxZJQ1FdKNUaTFC6XHASWAofCVE0p8ytUTi5Q==
hub
api.pushnami.com/scripts/v1/ Frame 4661
2 KB
1 KB
Document
General
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-54.fra60.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/

Response headers

content-type
text/html; charset=utf-8
date
Sat, 12 Feb 2022 05:15:02 GMT
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-headers
X-Requested-With
content-security-policy
default-src 'unsafe-inline' *
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
cache-control
no-cache
content-encoding
gzip
vary
accept-encoding
x-cache
Hit from cloudfront
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
8N0IJwZHRd_rd2FfTW_u6LY_0hlFWI73o-LxLl-YrDOs4N81rSc5Gw==
age
3392
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 786C
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-28.fra60.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/

Response headers

content-type
text/html
content-length
1044
date
Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
aTfX2ixtyMYOo-VxfAUzL3d4x8KxRfzwhZzRlMZNLefZIAmPIH5E-Q==
age
681568
/
www.facebook.com/tr/
44 B
295 B
Image
General
Full URL
https://www.facebook.com/tr/?id=496391994180701&ev=PageView&dl=https%3A%2F%2Fwww.newsweek.com%2Fwendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299&rl=&if=false&ts=1644646294156&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644646294154.302984743&it=1644646293993&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sat, 12 Feb 2022 06:11:34 GMT
smart
meta.resetdigital.co/
35 B
347 B
Image
General
Full URL
https://meta.resetdigital.co/smart?px=1000160&tp=gif&k=&t=Wendy%20Williams%27%20Bank%20Says%20She%27s%20Being%20Exploited%20Amid%20Fight%20Over%20Cash%20Access&d=Talk%20show%20host%20Wendy%20Williams%2C%20whose%20ongoing%20health%20issues%20have%20forced%20her%20to%20step%20away%20from%20her%20talk%20show%2C%20is%20battling%20Wells%20Fargo%20for%20access%20to%20her%20finances.&email=&purl=https%3A%2F%2Fwww.newsweek.com%2Fwendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.55.126.42 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:11:33 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
accept-ranges
bytes
content-length
35
content-type
image/gif
/
bpi.rtactivate.com/tag/
43 B
109 B
Image
General
Full URL
https://bpi.rtactivate.com/tag/?id=20784&user_id=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.156.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-156-204.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:34 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
sync
partners.tremorhub.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=447&user_id=&expires=90
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=447&user_id=&expires=90
  • https://partners.tremorhub.com/sync?UIBS=32245699-3997-4888-bda6-e4b1d6bd47ff
43 B
183 B
Image
General
Full URL
https://partners.tremorhub.com/sync?UIBS=32245699-3997-4888-bda6-e4b1d6bd47ff
Protocol
H2
Server
2600:1f18:612b:4216:9b82:d73a:bab3:b9d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:34 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Location
//partners.tremorhub.com/sync?UIBS=32245699-3997-4888-bda6-e4b1d6bd47ff
Date
Sat, 12 Feb 2022 06:11:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
bs
sync2.resetdigital.co/csync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=resetdigital&user_id=&expires=90
  • https://x.bidswitch.net/ul_cb/sync?ssp=resetdigital&user_id=&expires=90
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dresetdigital%26expires%3D30%26user_group%3...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dresetdigital%26expires%3D30%26user_group%3...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=65c0fa17-b17d-532b-b5e2-06e9d7e5497f&ssp=resetdigital&expires=30&user_group=1
  • https://sync2.resetdigital.co/csync/bs?type=s&userid=20e6ee15-afea-4823-a930-a3679803f4a8&gdpr=&gdpr_consent=
35 B
316 B
Image
General
Full URL
https://sync2.resetdigital.co/csync/bs?type=s&userid=20e6ee15-afea-4823-a930-a3679803f4a8&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Server
51.222.105.60 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns576843.ip-51-222-105.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 12 Feb 2022 06:11:35 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
0

Redirect headers

Location
//sync2.resetdigital.co/csync/bs?type=s&userid=20e6ee15-afea-4823-a930-a3679803f4a8&gdpr=&gdpr_consent=
Date
Sat, 12 Feb 2022 06:11:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
hbsync
ads.resetsrv.com/
0
163 B
Image
General
Full URL
https://ads.resetsrv.com/hbsync?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.21.53 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:11:34 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-type
text/html
info2
uipus.semasio.net/reset/1/
Redirect Chain
  • https://uipus.semasio.net/reset/1/info?sType=sync&sExtCookieId=&sInitiator=external
  • https://uipus.semasio.net/reset/1/info2?sType=sync&sExtCookieId=&sInitiator=external
42 B
604 B
Image
General
Full URL
https://uipus.semasio.net/reset/1/info2?sType=sync&sExtCookieId=&sInitiator=external
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 12 Feb 2022 06:11:34 GMT
Frontend-ID
15
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 12 Feb 2022 06:11:34 GMT
Frontend-ID
10
Location
/reset/1/info2?sType=sync&sExtCookieId=&sInitiator=external
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
psp
psp.pushnami.com/api/
2 B
224 B
Fetch
General
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.126.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-126-38.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://www.newsweek.com/
key
5e9e00b619144f0012bc03cf
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 12 Feb 2022 06:11:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame
0
0
Preflight
General
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.126.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-126-38.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 12 Feb 2022 06:11:34 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
access-control-allow-headers
key
access-control-allow-methods
POST
cache-control
no-cache
vary
accept-encoding
content-encoding
gzip
/
www.facebook.com/tr/ Frame 2DF4
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.newsweek.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.newsweek.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Sat, 12 Feb 2022 06:11:34 GMT

Verdicts & Comments Add Verdict or Comment

357 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| structuredClone number| current_timestamp boolean| mobile_device boolean| bot_engine object| dfpSlots object| dfpEx number| brW number| brH function| LJ function| setCookie function| setCookieHours function| getCookie function| deleteCookie function| getUrlParameters function| checkDataCentre function| NW_DO_READY function| LSYE function| callbackCSS object| doFir object| docReady object| dataLayer function| loadJS function| GCSS object| Drupal object| documentReady function| execFunc function| NW_FUNC function| execDrupal function| multiLJ function| openLogin function| closeLogin function| adjustLoginHeight function| login_success function| LC function| loadCSS object| relList function| JSONsplit function| getGeoCookie function| getCookie2 object| xuaInfo function| LJS function| LJSA boolean| gdpr_eu boolean| gdpr_applies boolean| ccpa_applies number| is_gdpr boolean| ccpa_status string| uspString object| consentPrebid object| geoLabels function| setCookieSecure function| __tcfapi function| parseQuery function| sha256 function| sendToLiveRamp function| PelcroToLiveRamp function| LRScrape function| atsCallback string| referrer function| getUrlParameters2 object| utm_result2 function| TrafficSource string| trsource boolean| isAndroid boolean| highval string| emlhs string| frhp object| connection string| con_type string| brtype boolean| is_wv_android boolean| is_wv_ios string| highval_str number| p number| _sf_startpt number| timerStart number| hb_debug object| pbjs object| googletag function| parseQueryString function| ibtGetCookie function| nwsetCookie function| nw_log function| getBrowser string| site_name string| site_id string| site_domain number| site_random number| site_ads string| ibtmedia_device boolean| iOS boolean| ipadMac string| is_uxab string| is_video_embed string| ibp1 string| ibp2 string| is_slideshow string| s_layout string| is_slideshow_firstpage string| s_player string| enable_sponsor_logo string| sponsor_logo_slot number| numPr number| rf string| dfp_cat string| group_cat string| excl_label string| amzn_video_bid number| amzn_video_bid_flag string| prebid_video_bid string| prebid_cust_param string| NoPassFQ string| DVPreFilter string| fbprom string| fbpromoc string| otherpromoc object| keyEx string| keyExC number| wo_on number| iter function| checkGAcookie number| GAtimeout string| gdpr_video string| npa_consent string| consent_string string| dfp_adunit string| w1200 function| pageRefresh boolean| pb_allbids number| fqv string| ts object| utm_result number| nonPersonalizedAds function| setDfpRefreshKV function| setDfpRefreshKey function| setDfpRefreshKVLazy function| clearDfpRefreshKey function| verification_callback number| win_w number| win_h string| wo_browser string| wo_pageurl string| win_size string| wo_placement string| wo_section string| wo_layout string| wo_pagetype string| fq_pagetype string| pageFocus object| apstag boolean| fqs_loaded boolean| fqsp_loaded boolean| fqs_load_timeout boolean| pbjs_loaded boolean| amznads2_loaded boolean| all_hb_loaded boolean| is_bot number| abt_rand string| abt number| lazy_start number| abt100 number| abpr string| purlen string| fq_ref function| extractHostname string| doc_hostname string| utm_source string| fq_source string| pb_videos object| videoAdUnit object| videoAdUnitiOS object| adUnits object| amzSlotCfg object| adUnitsLazy object| amzSlotCfgLazy object| amzSlotNonU object| PWT object| fqtag function| fq_callback function| ivt_common object| d number| utc_hour string| fl_multi string| disp_floor string| disp_floor_str number| disp_floor_num string| sticky_floor string| sticky_floor_str number| sticky_floor_num string| vid_floor number| vid_floor_openx string| vid_floor_str number| vid_floor_num string| pb_env function| amznVideoAPS function| amznVideoAPS_refresh object| adexl_fpd function| addSpotxParam number| PREBID_TIMEOUT number| PREBID_TIMEOUT_LAZY number| FAILSAFE_TIMEOUT number| pb_auctionDelay number| pb_syncsPerBidder object| pbjsBpParams function| defineDFPSlot function| initAdserver number| hb_timeout_var function| prebidVideoAd_refresh object| fonts object| font number| pos number| current_time undefined| key number| is_prod object| Pelcro boolean| americas function| PelcroUserSubscriptionCheck undefined| exe string| fq_ua2 boolean| saf13 function| refreshInViewSlot object| ibt_cter string| a string| str string| DOMAIN string| SNS_D string| STATS_D string| MAIN_D string| DATA_D string| GRAPHIC_D number| rtid object| browser object| doWLoad number| text_pass number| main_body_pass string| bsettime function| createBookmark function| loadScript number| uuuui function| closeFrame function| get_msg function| sessSync function| signin_page function| login_callback function| logout_callback number| scroll_top_sign function| openSignin function| closeSignin function| _hasPopupBlocker object| scroll_initial function| scroll_active function| doAfterLoad function| isEmpty function| localLogin function| setJsonData function| putJsonData function| work_editor_region function| work_editor boolean| m_moving_on boolean| adjust_height function| m_move_next function| m_move_prev function| poll_result function| get_poll function| active_poll number| slide_started function| check_slide function| begin_slide function| lazyEmbed function| stickyRecommendation function| windowBlack function| closeBlack function| stickyAside object| ibtUrlParameter function| getLineItemTargeting function| getFrameDocument function| removeUnwantedCreative function| detect360 function| pauseOtherPlayer function| showIbtimesTv function| showIbtimesTv_360 string| videoTargs function| showIbtimesTv_nextStage function| showIbtimesTvArticle function| extra_do_video undefined| $ function| jQuery function| analyticsEvent number| incognito object| ats function| pbjsChunk object| _pbjsGlobals object| ADAGIO string| o object| cmp object| gdprConfiguration object| node boolean| apstagLOADED object| ggeac object| google_js_reporting_queue function| DataLayerHelper string| t object| google_tag_manager boolean| gaLoaded boolean| domLoaded string| GoogleAnalyticsObject function| ga object| google_tag_data function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm object| _sf_async_config object| _cbq object| gascrolldepth function| sys_callback function| news_counter undefined| google_measure_js_timing object| wpJsonpLiverampGdprCmp object| gaplugins object| gaGlobal object| gaData object| PublisherCommonId object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY function| fqPixel function| hj object| _hjSettings function| fbq function| _fbq object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule boolean| isOSXSafari undefined| safariScript object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| bowser object| mailnami function| CrossStorageClient object| pushnamiStorage function| uuid object| Pushnami function| fireResetPixel

33 Cookies

Domain/Path Name / Value
www.newsweek.com/ Name: X-UA-Info
Value: country|GB|state|OTHER|city|OTHER|latitude|51.496400|longitude|-0.122400|isp|Iomart Cloud Services Limited|ip|5.187.21.106|device|desktop|time|1644646293
www.newsweek.com/ Name: has_js
Value: 1
www.newsweek.com/ Name: orir
Value:
www.newsweek.com/ Name: _lr_geo_location
Value: GB
www.newsweek.com/ Name: gdpr-auditId
Value: 32571237cdc04d8bb38eb9ac4f361d54
.scorecardresearch.com/ Name: UID
Value: 1ECad53f6ab12495e10d7191644646293
.newsweek.com/ Name: _ga
Value: GA1.2.793499632.1644646293
.newsweek.com/ Name: _gid
Value: GA1.2.1802152612.1644646293
.newsweek.com/ Name: _dc_gtm_UA-44450862-1
Value: 1
www.newsweek.com/ Name: _cb_ls
Value: 1
www.newsweek.com/ Name: _cb
Value: BIc91lBnhWSd80PUP
www.newsweek.com/ Name: _chartbeat2
Value: .1644646293141.1644646293141.1.DVQK0dDNa90XqSjBGDp1licTLkPC.1
www.newsweek.com/ Name: _cb_svref
Value: null
www.newsweek.com/ Name: geo-location
Value: {"country":"GB","region":""}
.newsweek.com/ Name: cds1
Value: 2022-02-12
.newsweek.com/ Name: cus1
Value: 2022-02-12
.newsweek.com/ Name: cmx1
Value: 2022-02-12
.spotxchange.com/ Name: audience
Value: a0d65eb0-8bca-11ec-bf5f-1131174c0106
.newsweek.com/ Name: _fbp
Value: fb.1.1644646294154.302984743
.newsweek.com/ Name: _hjSessionUser_2110774
Value: eyJpZCI6IjgwOTQ2ZWUxLTBhZmYtNWM1NC1hZDk0LTE5ODljYTUwNjRiNyIsImNyZWF0ZWQiOjE2NDQ2NDYyOTQxOTAsImV4aXN0aW5nIjpmYWxzZX0=
.newsweek.com/ Name: _hjFirstSeen
Value: 1
www.newsweek.com/ Name: _hjIncludedInSessionSample
Value: 0
.newsweek.com/ Name: _hjSession_2110774
Value: eyJpZCI6IjYwMDY4MjI4LWEzM2MtNGU5ZC1hYTgzLTExM2E3MGUwOWEwNCIsImNyZWF0ZWQiOjE2NDQ2NDYyOTQyNDQsImluU2FtcGxlIjpmYWxzZX0=
.newsweek.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.resetdigital.co/ Name: ckbk
Value: 000E79F2A2CB28F8-1000160
.bidswitch.net/ Name: c
Value: 1644646294
.bidswitch.net/ Name: tuuid_lu
Value: 1644646294
.bidswitch.net/ Name: tuuid
Value: 20e6ee15-afea-4823-a930-a3679803f4a8
.semasio.net/ Name: SEUNCY
Value: FB3A653348C4C693
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 65c0fa17-b17d-532b-b5e2-06e9d7e5497f
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: YgdPlwAAD6Bb8UirjfWGevN7Ixk4ZUXnYrJYgg==

3 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Message:
The resource https://g.newsweek.com/sys/js/07bba1a9c30c8f01d28d980808d6b064.js?v=1644598851 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.newsweek.com/wendy-williams-bank-says-being-exploited-amid-fight-over-cash-access-wells-fargo-1678299
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.betweendigital.com
ads.resetsrv.com
api.pushnami.com
ats.rlcdn.com
bpi.rtactivate.com
c.amazon-adsystem.com
cdn.fqtag.com
cmp-consent-tool.privacymanager.io
connect.facebook.net
d.newsweek.com
d275im4r3zngba.cloudfront.net
fqtag.com
g.newsweek.com
gc.newsweek.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
i.clean.gg
imasdk.googleapis.com
meta.resetdigital.co
partners.tremorhub.com
ping.chartbeat.net
psp.pushnami.com
query.fqtag.com
recommendationengine.googleapis.com
sb.scorecardresearch.com
script.hotjar.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.chartbeat.com
static.hotjar.com
stats.g.doubleclick.net
stats.newsweek.com
sync.search.spotxchange.com
sync2.resetdigital.co
uipus.semasio.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.newsweek.com
x.bidswitch.net
104.111.219.144
13.32.99.122
13.32.99.54
13.32.99.80
13.32.99.88
13.32.99.90
142.250.74.194
151.139.128.11
167.99.21.53
18.66.139.28
18.66.97.49
185.94.180.125
2600:1f18:612b:4216:9b82:d73a:bab3:b9d7
2600:9000:223c:3800:18:1fcd:34f:cdc1
2600:9000:2250:f000:16:f82a:8600:93a1
2600:9000:2251:1200:11:2a6a:9480:93a1
2600:9000:236e:4000:8:bd4:5580:21
2a00:1450:4001:800::200a
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.206.115.172
34.95.69.49
35.186.195.222
35.190.36.172
35.190.72.161
35.211.178.172
45.55.126.42
50.57.31.206
51.222.105.60
52.200.156.204
52.222.210.175
52.222.236.122
52.23.126.38
54.204.254.104
96.46.186.59
99.83.219.100
038ec7f2126177ecd090592ab11b340d9853329d3e6eaaaba737e0cd57f9c3dd
058a98c46e5b15ed2c067641fe8cc79cc167a3c1aa024247d3675135a70392a9
06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
070301304cb782195aac71f215d91fb531130d64ecaa8b4901333202905d77a4
09efc8fcc1755a8219beaa7faa32b4ce4a6fabb525aa423f2a46cf10a803796c
0f576d87f4c5d772f9b4d21d0e66cdc8ccef98cd670d5afd978ae77670ce5a43
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e372ce2a29bdd2f484b406ff7bde1a39006793ba45da097a7e2383e17da133
1d656a62d00379daf3bbc8d0f465cd1a4dd061289996f2e3b39d6f55abd21f8b
21618b7703ba091f90da71de9d397ce330d11b42c9be51356a5a5d4f372fd76a
23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250
250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e
268c4a212397113380d519b659d552f2f85fe1cef024b21b6f4a9dd66239fe28
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48
3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035
3823487585822362741e3a820aee8d41f4e0bf7a01a216543a3945f272c54f92
388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709
3c04106baf1333a6d9411aff493577c67786b171cfa91501c8eb3e31405b3059
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
4728872454e8775f7ef3d0a3359f411009ce30ba021ee87a0a567f78a49ac942
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
575d0cf263d704e24f5096cea99f9e9668833c419170835d030eb224684ddbb1
584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987
6120f0aad9f193337754eb88657ba07ff36b316c6d1b152095ae1340c89a646f
62650fd33dce4209d2585176f5f4fcee4fb5abdeba5f3140bec1dd5f9abe043a
658939d49a96af990ec80518225d6871c3a11cf49ddc6ba0beba1cc35087ecb1
67713957fa35cc8b9c5f412ab236018cd56988a8ffd4f76caeeef0a4410e0fb2
67b08c185967e7dbda1aecb9e42a11c61f24a20c0ccefe9ebfea250a4d67990c
69d1e3c0b76bb9a417d454d7fdfb60c9aa6cd498840eca6a644987a7874549e0
6aa69eaafff66c5ab3331b78a234dfebe2c7b6ce76979fa39364cd9f2f68949f
6d003a29a16eec11194694942956f355255118f6800068cf3caedfe52013b683
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
73658a4a3848f5bfa218bc87055bb7e25cc419ad3d43086b8b6d850af834a451
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7616f08be26a959b91cf7f8da6e20574a01544dc8086c5d8c89edeb8537531ff
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
795d86aee14f35040c1e9181f6f04b294c2218e790da57d4d90e6e8e6ed47540
7af84bd8a1f0308d667287a550d0110f1ab51d60c39ba10f9a428494a9a7ba0b
7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae
7bfd8683288413b80b2e2fd050bc0d354a322e972bff102d720345ccb336822d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846557fcc89c509e9140fbbd99f60fe0dfd0018e0bba3d3a1cb39f0647b65084
8d49b3070550d94e487ca7bb67ff0b7b7413fb13805385cf9ddb9b5fb32a97d0
906aaa4fa63969c13fb82c03d1946f91872d55bbecc988e88d3c05015d526417
96a01cf6d62c030ac8efe0e148482b43dc3d5cbab60a383f9db1df05ab34c6b7
96c05e43d57c66172070fdbb5a497d89eaacc14bc6b6262a963cd17b4312ef48
96e5212e10d91c1ba7fc9180331510aa9c118eb59673e80752f1cd46c1881b63
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b51ba25024fedcd9074066b464ec2dd88d655aa7d0821046ec3cc91dbc082a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a7eaf01be46d47f1912beb66b83b897757d9fca9e69cbcf6f3cbb8aed8df3e5c
a81b295b51029aa9eac46af64442efd6b08f8492104a6ca3c9bae23a58920b07
aa12b6968b55d509378d47dc26722bd22f3b62a5d85d11685817da0275601693
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afd14678daf3cc04207ebb7341b84255846ac5790cb1d4698ff4419aa5a21110
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5900a3c4c550550ddc67dcdf2b258310ecfd321c57e8db54dcf3d2050b59f44
b6ba0ded02b11273de2abf8bdfc391d044007206e94986e0eb5187104086c75e
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b
b91fd669fba9b78f555e3c5b80658091c68ba074e296276ae3a086a5d0370170
b9bb2d8462e6d0bdffd725ecaceb7ad38e6a416e16dabe7953280b8caddbceb1
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c631d3bebb168e8549f41a8137a8681fc6d87da3b1b4c2cd6377b7d79b236caf
c6cfbbc764e12eb0f328c9a55b8c09595a846f0bd641a644dfa8d5a214c1108a
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c829f9d67ab7851c5ce62820191525d4581aa26bc0a18f6cba0b5af2c7912dd6
ceea53e44ec565f4238f76684d3c16fe2c0806d7d0208678105d6f64320b8e56
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d13d1c4995c7579259e4bfa91afe250b1b2f45252c9b2930a649e163c4deb2c5
d23bed1968d17c1aaeebc85e66fa450602cfa217128b6f3cf70a8c4f547223e6
d73c80c747e2ebaa8fce065cb77d293449cc8ca02591327c5a95d924c1948364
d96359b975ea60541c0a2af5c5de0197241e5e769841ac87cdb8dbb636dac16f
deb1e7df8638fc8dc41f0559886fa0345821f65d677cef7bd0868a768b11a421
df8ccf5bcfc849917eb4ab20039e8d40db30dfe904216477ae3df3d220e89736
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cf1c133b96419d7116640c9850740280ad5aed7e54b9749f7bb3211d6be4f7
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
e86992851d6d96e9aaec59768fb9b1995af829f88646b8b641e21eede5368792
ed73062336eb54549b93a96dfaca1bae38198614dfc85f6cd3b992e5568c4fe1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef319f3bbf7ef80ab9f4b6a6521b95d4b99e8fb5e9e9175736ac59843f6618c9
f205e8ce5a8e609c8be486a6dd3b731fd2041eeb2ad4b653e8ef4dc394477bda
f246e889307cda594c53107c3baedee62240b07d243b4e8dec2a8196a7bc4c46
fc6686761d3664feb55c6717335a43fcc4f9546505e3c1fd2d5c8bdb807b3b24
fecf08d48dbc946b3487abedf98eda2cc270626b457f350347e67729bb4c007c