www.newsweek.com Open in urlscan Pro
99.83.219.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzv5nR32W50kH_H6lZ3ndW7ymm2752...
Effective URL:
https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illic...
Submission: On September 29 via api (September 29th 2023, 4:06:35 pm UTC) from US — Scanned from DE

Summary HTTP 238 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 91 IPs in 10 countries across 58 domains to perform 238 HTTP transactions. The main IP is 99.83.219.100, located in United States and belongs to AMAZON-02, US. The main domain is www.newsweek.com. The Cisco Umbrella rank of the primary domain is 47834.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 15th 2023. Valid for: a year.

This is the only time www.newsweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67e4	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	99.83.219.100 99.83.219.100	16509 (AMAZON-02) (AMAZON-02)
46	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	18.239.18.45 18.239.18.45	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:20a... 2600:9000:20a0:6600:11:2a6a:9480:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	18.239.83.119 18.239.83.119	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9256	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:209... 2600:9000:2090:9e00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:a7e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.239.69.131 18.239.69.131	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	35.186.195.222 35.186.195.222	15169 (GOOGLE) (GOOGLE)
6	13.227.219.126 13.227.219.126	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20c... 2600:9000:20c3:9400:16:f82a:8600:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700:440... 2606:4700:4400::6812:2aef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:9111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.238.243.82 18.238.243.82	16509 (AMAZON-02) (AMAZON-02)
4	18.239.83.118 18.239.83.118	16509 (AMAZON-02) (AMAZON-02)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:440... 2606:4700:4400::ac40:90d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	108.156.60.58 108.156.60.58	16509 (AMAZON-02) (AMAZON-02)
1 3	18.239.83.98 18.239.83.98	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:8... 2600:1901:0:8344::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.163.238.217 54.163.238.217	14618 (AMAZON-AES) (AMAZON-AES)
5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	52.205.227.48 52.205.227.48	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:730... 2600:1f18:730:b120:ec5e:651e:a0cc:77a3	14618 (AMAZON-AES) (AMAZON-AES)
1	3.222.49.156 3.222.49.156	14618 (AMAZON-AES) (AMAZON-AES)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
1	34.225.27.9 34.225.27.9	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	35.190.36.172 35.190.36.172	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
20	18.239.94.119 18.239.94.119	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.64.105.94 3.64.105.94	16509 (AMAZON-02) (AMAZON-02)
1	167.99.21.53 167.99.21.53	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 5	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.239.36.57 18.239.36.57	16509 (AMAZON-02) (AMAZON-02)
1	54.82.170.117 54.82.170.117	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:244... 2600:9000:2449:3600:10:c6f4:d940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1f18:ed:... 2600:1f18:ed:550f:70e6:f7b1:bd3b:3c24	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
4	18.239.50.128 18.239.50.128	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20a... 2600:9000:20ab:e600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.238.243.111 18.238.243.111	16509 (AMAZON-02) (AMAZON-02)
4	34.233.10.100 34.233.10.100	14618 (AMAZON-AES) (AMAZON-AES)
2	3.222.124.68 3.222.124.68	14618 (AMAZON-AES) (AMAZON-AES)
4	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20b... 2600:9000:20b4:8e00:1f:2473:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.18.25.18 104.18.25.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 1	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
9 9	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10 10	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4 4	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 5	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
5	18.239.36.109 18.239.36.109	16509 (AMAZON-02) (AMAZON-02)
4	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:252b:25e8:bda8:4a4b	16509 (AMAZON-02) (AMAZON-02)
1 1	45.137.176.88 45.137.176.88	60350 (VP) (VP)
4 4	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1 2	54.239.33.158 54.239.33.158	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	52.31.175.73 52.31.175.73	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	35.172.171.236 35.172.171.236	14618 (AMAZON-AES) (AMAZON-AES)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d018:d29... 2a05:d018:d29:3602:18d0:4fce:99a6:af2f	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
238	91

2 2606:2c40::c73c:67e4 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.illicitedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.219.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4fb2973ac9c49f88.awsglobalaccelerator.com

www.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

g.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
videos.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gc.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-45.ams58.r.cloudfront.net

ats-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20a0:6600:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.83.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-119.ams58.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9256 (United States)

ASN13335 (CLOUDFLARENET, US)

f35b59fc-90c6-428e-a9e4-494353d0f0e1.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2090:9e00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:a7e0 (United States)

ASN13335 (CLOUDFLARENET, US)

pub.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.69.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-131.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.195.222 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 222.195.186.35.bc.googleusercontent.com

query.fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.227.219.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-126.ams54.r.cloudfront.net

public.flourish.studio	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:9400:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2aef (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9111 (United States)

ASN13335 (CLOUDFLARENET, US)

pxsrv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-82.ams58.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.83.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-118.ams58.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:90d6 (United States)

ASN13335 (CLOUDFLARENET, US)

flo.uri.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-58.ams1.r.cloudfront.net

fpa-cdn.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.83.98 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-98.ams58.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.163.238.217 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-238-217.compute-1.amazonaws.com

prebid.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.72.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.227.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-227-48.compute-1.amazonaws.com

stats.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:ec5e:651e:a0cc:77a3 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.49.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-49-156.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.27.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-27-9.compute-1.amazonaws.com

fpa-events.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.36.172 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 172.36.190.35.bc.googleusercontent.com

cdn.fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

recommendationengine.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 18.239.94.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-119.ams1.r.cloudfront.net

cmp-consent-tool.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.105.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-105-94.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.99.21.53 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.resetsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.27.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.36.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-57.ams58.r.cloudfront.net

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.170.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-170-117.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2449:3600:10:c6f4:d940:93a1 (United States)

ASN16509 (AMAZON-02, US)

sli.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:70e6:f7b1:bd3b:3c24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.50.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-128.ams58.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ab:e600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-111.ams58.r.cloudfront.net

cdn.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.233.10.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-10-100.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.222.124.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-124-68.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20b4:8e00:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

ibt-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.202.187 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.64.190.79 (United Kingdom) 9 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.130 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.205 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.47.127.20 (United States) 4 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.239.36.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-109.ams58.r.cloudfront.net

usr.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:252b:25e8:bda8:4a4b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.137.176.88 (France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.237 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.33.158 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.191.210 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.175.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.172.171.236 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-171-236.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:18d0:4fce:99a6:af2f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	newsweek.com www.newsweek.com — Cisco Umbrella Rank: 47834 g.newsweek.com — Cisco Umbrella Rank: 55406 d.newsweek.com — Cisco Umbrella Rank: 45007 videos.newsweek.com — Cisco Umbrella Rank: 101413 gc.newsweek.com — Cisco Umbrella Rank: 105851 fpa-cdn.newsweek.com — Cisco Umbrella Rank: 97018 stats.newsweek.com — Cisco Umbrella Rank: 54888 fpa-events.newsweek.com — Cisco Umbrella Rank: 74565 sli.newsweek.com — Cisco Umbrella Rank: 84426 video.newsweek.com — Cisco Umbrella Rank: 60238 Failed	3 MB
30	privacymanager.io ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3863 gdpr-wrapper.privacymanager.io — Cisco Umbrella Rank: 20070 gdpr.privacymanager.io — Cisco Umbrella Rank: 26112 geo.privacymanager.io — Cisco Umbrella Rank: 2742 cmp-consent-tool.privacymanager.io — Cisco Umbrella Rank: 40302	620 KB
26	pubmatic.com 21 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 840 ads.pubmatic.com — Cisco Umbrella Rank: 837 image8.pubmatic.com — Cisco Umbrella Rank: 1061 image2.pubmatic.com — Cisco Umbrella Rank: 1547 image4.pubmatic.com — Cisco Umbrella Rank: 1978 image6.pubmatic.com — Cisco Umbrella Rank: 1171 simage2.pubmatic.com — Cisco Umbrella Rank: 1265 simage4.pubmatic.com	31 KB
13	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	162 KB
11	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 5657 cdn.pushnami.com — Cisco Umbrella Rank: 24961 trc.pushnami.com — Cisco Umbrella Rank: 5815 psp.pushnami.com — Cisco Umbrella Rank: 29567	101 KB
11	rubiconproject.com 1 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1314 eus.rubiconproject.com — Cisco Umbrella Rank: 916 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537 pixel.rubiconproject.com — Cisco Umbrella Rank: 649 token.rubiconproject.com — Cisco Umbrella Rank: 764	25 KB
9	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 803 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026 dsum.casalemedia.com — Cisco Umbrella Rank: 2664	6 KB
9	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 404 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945 s.amazon-adsystem.com — Cisco Umbrella Rank: 429 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066	73 KB
7	undertone.com hb.undertone.com — Cisco Umbrella Rank: 4825 cdn.undertone.com — Cisco Umbrella Rank: 5194 usr.undertone.com — Cisco Umbrella Rank: 3242	5 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	42 KB
6	uri.sh flo.uri.sh — Cisco Umbrella Rank: 47255	485 KB
6	flourish.studio public.flourish.studio — Cisco Umbrella Rank: 37086	54 KB
6	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 4242 rp.liadm.com — Cisco Umbrella Rank: 2359 rp4.liadm.com — Cisco Umbrella Rank: 5359 i.liadm.com — Cisco Umbrella Rank: 1067 i6.liadm.com — Cisco Umbrella Rank: 4419	20 KB
5	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 657 recommendationengine.googleapis.com — Cisco Umbrella Rank: 41902 fonts.googleapis.com — Cisco Umbrella Rank: 113	357 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 637	1 KB
5	doubleverify.com 2 redirects pub.doubleverify.com — Cisco Umbrella Rank: 6361 vtrk.doubleverify.com — Cisco Umbrella Rank: 1567	12 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 3797	3 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 954 dmp.adform.net — Cisco Umbrella Rank: 4243	2 KB
4	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186	374 B
4	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 509 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783	581 B
4	gstatic.com fonts.gstatic.com	59 KB
4	criteo.com gum.criteo.com — Cisco Umbrella Rank: 640 dis.criteo.com — Cisco Umbrella Rank: 910	1 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1662	104 KB
4	fqtag.com query.fqtag.com — Cisco Umbrella Rank: 64170 fqtag.com — Cisco Umbrella Rank: 27091 cdn.fqtag.com — Cisco Umbrella Rank: 41767	91 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	361 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30144	898 B
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1029 ibt-d.openx.net — Cisco Umbrella Rank: 64767 us-u.openx.net — Cisco Umbrella Rank: 863	656 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 239	3 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	2 KB
2	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1803 cms.quantserve.com — Cisco Umbrella Rank: 1260	10 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 970 eb2.3lift.com — Cisco Umbrella Rank: 713	670 B
2	dotomi.com 1 redirects proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4264 casale-match.dotomi.com — Cisco Umbrella Rank: 5639	580 B
2	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1465	321 B
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 5137	496 B
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 2175	104 B
2	pxsrv.net pxsrv.net — Cisco Umbrella Rank: 83259	112 B
2	illicitedge.com 1 redirects info.illicitedge.com	4 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 1332	612 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 1377	265 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164	524 B
1	adotmob.com 1 redirects sync.adotmob.com — Cisco Umbrella Rank: 2756	281 B
1	adroll.com d.adroll.com — Cisco Umbrella Rank: 2238	181 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 2383	310 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 1069	2 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1617	634 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122	14 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 408	17 KB
1	resetsrv.com ads.resetsrv.com — Cisco Umbrella Rank: 19143	385 B
1	google.de www.google.de — Cisco Umbrella Rank: 3974	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 11	408 B
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	3 KB
1	parsely.com p1.parsely.com — Cisco Umbrella Rank: 3408	257 B
1	rkdms.com prebid.sv.rkdms.com — Cisco Umbrella Rank: 40389	284 B
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 2914	540 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 2332	251 B
1	permutive.app f35b59fc-90c6-428e-a9e4-494353d0f0e1.edge.permutive.app — Cisco Umbrella Rank: 76589	118 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 5109	33 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 2808	45 KB
238	58

	Domain	Requested by
22	g.newsweek.com	www.newsweek.com g.newsweek.com videos.newsweek.com
20	cmp-consent-tool.privacymanager.io	cadmus.script.ac cmp-consent-tool.privacymanager.io
20	d.newsweek.com	www.newsweek.com g.newsweek.com videos.newsweek.com
10	cm.g.doubleclick.net	10 redirects
9	image8.pubmatic.com	9 redirects
6	flo.uri.sh	cadmus.script.ac flo.uri.sh
6	public.flourish.studio	www.newsweek.com flo.uri.sh
5	usr.undertone.com	cdn.undertone.com ssum-sec.casalemedia.com ads.pubmatic.com
5	match.adsrvr.org	cadmus.script.ac g.newsweek.com cdn.undertone.com ssum-sec.casalemedia.com
4	a.audrte.com	3 redirects
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	pixel-sync.sitescout.com	cdn.undertone.com ads.pubmatic.com
4	image4.pubmatic.com	4 redirects
4	image2.pubmatic.com	4 redirects
4	eus.rubiconproject.com	g.newsweek.com eus.rubiconproject.com cdn.undertone.com
4	trc.pushnami.com	cadmus.script.ac
4	api.pushnami.com	cadmus.script.ac
4	fonts.gstatic.com	fonts.googleapis.com
4	secure.cdn.fastclick.net	cadmus.script.ac
4	geo.privacymanager.io	cadmus.script.ac
4	c.amazon-adsystem.com	www.newsweek.com c.amazon-adsystem.com
4	www.googletagmanager.com	www.newsweek.com cadmus.script.ac flo.uri.sh
4	gdpr-wrapper.privacymanager.io	www.newsweek.com cadmus.script.ac cmp-consent-tool.privacymanager.io
3	simage2.pubmatic.com	3 redirects
3	c1.adform.net	3 redirects
3	ups.analytics.yahoo.com	cdn.undertone.com
3	ssum-sec.casalemedia.com	1 redirects cdn.undertone.com ssum-sec.casalemedia.com
3	prebid-server.rubiconproject.com	g.newsweek.com
3	region1.google-analytics.com	www.googletagmanager.com
3	sb.scorecardresearch.com	1 redirects www.newsweek.com
3	www.google-analytics.com	cadmus.script.ac www.google-analytics.com videos.newsweek.com
3	pub.doubleverify.com	www.newsweek.com pub.doubleverify.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	cr.frontend.weborama.fr	2 redirects
2	ib.adnxs.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	ads.pubmatic.com	g.newsweek.com
2	psp.pushnami.com	cadmus.script.ac
2	video.newsweek.com	www.newsweek.com g.newsweek.com
2	dis.criteo.com	i.liadm.com ads.pubmatic.com
2	fonts.googleapis.com	flo.uri.sh
2	imasdk.googleapis.com	videos.newsweek.com imasdk.googleapis.com
2	fqtag.com	cadmus.script.ac cdn.fqtag.com
2	api.rlcdn.com	cadmus.script.ac g.newsweek.com
2	gum.criteo.com	cadmus.script.ac
2	api.sail-personalize.com	cadmus.script.ac
2	i.clean.gg	cadmus.script.ac
2	pxsrv.net	www.newsweek.com
2	vtrk.doubleverify.com	2 redirects
2	securepubads.g.doubleclick.net	www.newsweek.com cadmus.script.ac
2	b-code.liadm.com	www.newsweek.com cadmus.script.ac
2	info.illicitedge.com	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com
1	um.simpli.fi
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr
1	sync.crwdcntrl.net
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	1 redirects
1	sync.adotmob.com	1 redirects
1	d.adroll.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	pixel.rubiconproject.com	cdn.undertone.com
1	pixel.advertising.com	1 redirects
1	us-u.openx.net	cdn.undertone.com
1	secure-assets.rubiconproject.com	1 redirects
1	eb2.3lift.com	g.newsweek.com
1	ibt-d.openx.net	g.newsweek.com
1	js-sec.indexww.com	g.newsweek.com
1	cdn.undertone.com	g.newsweek.com
1	cdn.pushnami.com	cadmus.script.ac
1	rules.quantcount.com	cadmus.script.ac
1	secure.quantserve.com	cadmus.script.ac
1	pagead2.googlesyndication.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	i6.liadm.com	i.liadm.com
1	sli.newsweek.com	www.newsweek.com
1	i.liadm.com	cadmus.script.ac
1	hb.undertone.com	g.newsweek.com
1	htlb.casalemedia.com	g.newsweek.com
1	rtb.openx.net	g.newsweek.com
1	ads.resetsrv.com	g.newsweek.com
1	tlx.3lift.com	g.newsweek.com
1	hbopenbid.pubmatic.com	g.newsweek.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	recommendationengine.googleapis.com	www.newsweek.com
1	www.google.de	www.newsweek.com
1	www.google.com	www.newsweek.com
1	cdn.fqtag.com	cadmus.script.ac
1	cdn.ampproject.org	videos.newsweek.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fpa-events.newsweek.com	www.newsweek.com
1	p1.parsely.com	www.newsweek.com
1	rp4.liadm.com	www.newsweek.com
1	rp.liadm.com	1 redirects
1	stats.newsweek.com	cadmus.script.ac
1	prebid.sv.rkdms.com	cadmus.script.ac
1	id.a-mx.com	cadmus.script.ac
1	lexicon.33across.com	cadmus.script.ac
1	fpa-cdn.newsweek.com	cadmus.script.ac
1	config.aps.amazon-adsystem.com	cadmus.script.ac
1	gc.newsweek.com	cadmus.script.ac
1	videos.newsweek.com	www.newsweek.com
1	gdpr.privacymanager.io	gdpr-wrapper.privacymanager.io
1	query.fqtag.com	www.newsweek.com
1	f35b59fc-90c6-428e-a9e4-494353d0f0e1.edge.permutive.app	www.newsweek.com
1	ak.sail-horizon.com	www.newsweek.com
1	cadmus.script.ac	www.newsweek.com
1	ats-wrapper.privacymanager.io	www.newsweek.com
1	www.newsweek.com	info.illicitedge.com
238	114

This site contains links to these domains. Also see Links.

Domain
subscribe.newsweek.com
www.facebook.com
twitter.com
www.linkedin.com
reddit.com
flipboard.com
flourish.studio
www.instagram.com
www.newsweekjapan.jp
www.newsweek.pl
newsweek.ro

Subject Issuer	Validity	Valid
info.illicitedge.com GTS CA 1P5	`2023-08-02` - `2023-10-31`	3 months	crt.sh
*.newsweek.com Amazon RSA 2048 M02	`2023-06-15` - `2024-07-12`	a year	crt.sh
g.newsweek.com R3	`2023-09-03` - `2023-12-02`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
cadmus.script.ac E1	`2023-09-02` - `2023-12-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-16`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-08`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.fqtag.com R3	`2023-07-27` - `2023-10-25`	3 months	crt.sh
public.flourish.studio Amazon RSA 2048 M01	`2023-04-11` - `2024-05-10`	a year	crt.sh
d.newsweek.com R3	`2023-09-09` - `2023-12-08`	3 months	crt.sh
videos.newsweek.com R3	`2023-09-03` - `2023-12-02`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-09-17` - `2023-12-16`	3 months	crt.sh
gc.newsweek.com R3	`2023-09-04` - `2023-12-03`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
api.sail-personalize.com Amazon RSA 2048 M01	`2023-04-25` - `2024-05-23`	a year	crt.sh
uri.sh E1	`2023-08-12` - `2023-11-10`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
fpa-events.newsweek.com Amazon RSA 2048 M01	`2023-04-26` - `2024-05-24`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-08-05` - `2023-11-03`	3 months	crt.sh
a-mx.com E1	`2023-08-27` - `2023-11-25`	3 months	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
newsweek.com Amazon RSA 2048 M02	`2023-09-29` - `2024-10-27`	a year	crt.sh
*.parsely.com R3	`2023-09-10` - `2023-12-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
resetsrv.com E1	`2023-09-13` - `2023-12-12`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.undertone.com Amazon RSA 2048 M02	`2023-08-03` - `2024-08-30`	a year	crt.sh
sli.newsweek.com Amazon RSA 2048 M02	`2023-08-23` - `2024-09-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
video.newsweek.com R3	`2023-09-04` - `2023-12-03`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.pushnami.com Amazon RSA 2048 M01	`2023-03-04` - `2024-04-02`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Frame ID: F4DF740291B1C54899B0DCB36C9FD965
Requests: 111 HTTP requests in this frame

Frame: https://videos.newsweek.com/share/565302?autostart=0
Frame ID: FDD443F9D30FBC19380A12E1C6C39B8A
Requests: 27 HTTP requests in this frame

Frame: https://flo.uri.sh/visualisation/14579019/embed?auto=1
Frame ID: 3CAA88F8EDE10332B34E29BBED687EA5
Requests: 11 HTTP requests in this frame

Frame: https://flo.uri.sh/visualisation/14579378/embed?auto=1
Frame ID: 0D82BEC7142CBCF92F771A42B7F50424
Requests: 11 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: 6DB7AEAB70F5449F1DD9B1B8A2537CE2
Requests: 21 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-08dr?s=&cim=&ps=true&ls=true&duid=01a1b5c576a3--01hbgv203g5a3c53hsrex2e5qq&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: D2218162AF10499A8E087C78D556FE66
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Frame ID: 503732DC17663A95EE917E01341D3A77
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 64E0D48F57DB58339D1B328AA8A917D3
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: A0F4BF04258D21014C0C78A68C076CD5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5FAA159EC1A415907FC02A392A1FCFA7
Requests: 3 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 29BC14963E570CD4DF3D1BFE82CE8232
Requests: 8 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 86AA9E59DF49AC3207F26B14932C7F3A
Requests: 1 HTTP requests in this frame

Frame: https://ibt-d.openx.net/w/1.0/pd
Frame ID: FAAD75B1F6EDA5EBCB9F4B7D1E28DC19
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156850
Frame ID: 592B99A898CD3FFCB76B803627994E06
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 435F2014607840C7BA602A7378F5F3A5
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 8741B16FD5A80E5BD7DF5FB12891732A
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: D17AD1F76ABD0315BCCB2C4A263F60F4
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A2834DC9C046AA0C2F82C0BB4C03507A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=672838BE-16DA-42A9-A805-BB14EF095D82&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: B8D5D7AE441209A9448E71F4F09F9D07
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82
Frame ID: FCAA0E1FEA40C004189481EB5C4DEDD5
Requests: 1 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Frame ID: 452D4A6F9D5BD5A1A9BEC621C9CE8DA7
Requests: 1 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Frame ID: 66764EFD1F6AFD21E341F18CB8BEFC91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Exclusive: How $1M From China-linked Groups Oiled New York Politics

Page URL History Show full URLs

https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzv5nR32W5... Page URL
https://info.illicitedge.com/events/public/v1/encoded/track/tc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW... HTTP 307
https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-182873... Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

238
Requests

90 %
HTTPS

36 %
IPv6

58
Domains

114
Subdomains

91
IPs

10
Countries

5618 kB
Transfer

14149 kB
Size

73
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://subscribe.newsweek.com/
Title: Subscribe for $1

Search URL Search Domain Scan URL

URL: https://subscribe.newsweek.com/product/2
Title: Subscribe for $1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Exclusive%3A+How+%241M+from+China-linked+Groups+Oiled+New+York+Politics+https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730&title=Exclusive%3A+How+%241M+from+China-linked+Groups+Oiled+New+York+Politics
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730&title=Exclusive%3A+How+%241M+from+China-linked+Groups+Oiled+New+York+Politics
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://flipboard.com/
Title: Share on Flipboard

Search URL Search Domain Scan URL

URL: https://subscribe.newsweek.com/?subref=incontent_web_3
Title: SUBSCRIBE NOW FROM JUST $1 PER MONTH >

Search URL Search Domain Scan URL

URL: https://flourish.studio/visualisations/line-bar-pie-charts/?utm_source=showcase&utm_campaign=visualisation/14579019
Title: A Flourish chart

Search URL Search Domain Scan URL

URL: https://flourish.studio/visualisations/line-bar-pie-charts/?utm_source=showcase&utm_campaign=visualisation/14579378
Title: A Flourish chart

Search URL Search Domain Scan URL

URL: https://subscribe.newsweek.com/product/1
Title: Subscribe now

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Newsweek

Search URL Search Domain Scan URL

URL: https://twitter.com/Newsweek

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newsweek/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/newsweek

Search URL Search Domain Scan URL

URL: https://www.newsweekjapan.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.newsweek.pl/
Title: Polska

Search URL Search Domain Scan URL

URL: https://newsweek.ro/
Title: România

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzv5nR32W50kH_H6lZ3ndW7ymm27525yTcW11bWhZ3y8ZdcV65m_H4KxhSkW90zJ4f5dtB8XW6sBV7g5hm5xnW6cw6Bs93tLJ_W7yG_9M7_hN3pVNT07595LF50W8xwDvy7tFnn1W22pkfQ6dBkxZW1jBk6-10kKRJW6B1z_12rtLv9V7Cm-v8B6XCCN4ywLDXkwHjDN71T4hpv4ylwN7mpVTKKR3N-W5G4SbX2Xv-gRW3kfMLX8CZGj9W1fXFXf4sZ9-MW3ywxrM37L7fVW8kcZw75ZWc9lN5WPdcjSdvmzW1vdn7v4Wkq4hW73c_VN75STrxW8F1W1214cRXlW8Dnjgl8FwMGgVRYc_H48XDmGN3ytMbp-Jy3lW5v-CnB6XVB8lN7DWZVytl5HTW29lX3S78P9cbW2PFGBX6SpHm_f4GLRzH04 Page URL
https://info.illicitedge.com/events/public/v1/encoded/track/tc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzv5nR32W50kH_H6lZ3ndW7ymm27525yTcW11bWhZ3y8ZdcV65m_H4KxhSkW90zJ4f5dtB8XW6sBV7g5hm5xnW6cw6Bs93tLJ_W7yG_9M7_hN3pVNT07595LF50W8xwDvy7tFnn1W22pkfQ6dBkxZW1jBk6-10kKRJW6B1z_12rtLv9V7Cm-v8B6XCCN4ywLDXkwHjDN71T4hpv4ylwN7mpVTKKR3N-W5G4SbX2Xv-gRW3kfMLX8CZGj9W1fXFXf4sZ9-MW3ywxrM37L7fVW8kcZw75ZWc9lN5WPdcjSdvmzW1vdn7v4Wkq4hW73c_VN75STrxW8F1W1214cRXlW8Dnjgl8FwMGgVRYc_H48XDmGN3ytMbp-Jy3lW5v-CnB6XVB8lN7DWZVytl5HTW29lX3S78P9cbW2PFGBX6SpHm_f4GLRzH04?_ud=6d9c639f-1cf0-4741-97c8-ee7548d9987b&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://vtrk.doubleverify.com/?t=event&ec=page&ea=load-pq&v=1&ctx=19955922&cmp=DV1012600&cid=25b6bcd4-0b2a-4795-b527-a847ebbf59bf&z=287377489602&cd105=mode&cd160=b16d441e-1d2d-4072-80e9-d94bf3ea6150&cd161=https%3A%2F%2Fnewsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3F%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&cd50=upt&cd51=31da3c5&cd180=network&cm180=99&cm181=17&cm182=19&cm183=24&cm184=29&cm185=1&cm186=134 HTTP 302
https://pxsrv.net/redir-to-empty

Request Chain 59

https://sb.scorecardresearch.com/cs/6972086/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 72

https://vtrk.doubleverify.com/?t=event&ec=page&ea=load-signals&v=1&ctx=19955922&cmp=DV1012600&cid=25b6bcd4-0b2a-4795-b527-a847ebbf59bf&z=37204238702&cd105=mode&cd160=fbceaf9b-2fb3-4ee4-90b1-6e37227474d7&cd161=https%3A%2F%2Fnewsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3F%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&cd50=upt&cd51=31da3c5&cd180=network&cd52=getTargeting&cm56=1&cm57=1&cm58=1&cm59=1&cm60=1&cm188=81&cm180=84&cm181=0&cm182=0&cm183=24&cm184=58&cm185=1&cm186=476&cd191=80e579378a53196a&cm187=84&cm170=1&cm61=1&cd171=80000200%2C84121001&cm62=2&cm63=1&cd53=1&cm54=478 HTTP 302
https://pxsrv.net/redir-to-empty

Request Chain 100

https://rp.liadm.com/j?dtstmp=1696003588370&aid=a-08dr&se=e30&duid=01a1b5c576a3--01hbgv203g5a3c53hsrex2e5qq&tna=v2.8.0&pu=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw%26utm_content%3D276331523%26utm_source%3Dhs_email&ext__pubcid=5198806b-c3e4-4df7-8474-1ee9243af4dd&wpn=lc-bundle&c=PHRpdGxlPkV4Y2x1c2l2ZTogSG93ICQxTSBGcm9tIENoaW5hLWxpbmtlZCBHcm91cHMgT2lsZWQgTmV3IFlvcmsgUG9saXRpY3M8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIE5ld3N3ZWVrIGludmVzdGlnYXRpb24gZm91bmQgY2FtcGFpZ24gY29udHJpYnV0aW9ucyBmcm9tIGtub3duICZxdW90O3VuaXRlZCBmcm9udCZxdW90OyBmaWd1cmVzIGFuZCBncm91cHMgaW4gdGhlIE5ldyBZb3JrIGFyZWEuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cubmV3c3dlZWsuY29tL2NoaW5hLWNvbW11bmlzdC1wYXJ0eS1uZXcteW9yay1wb2xpdGljYWwtaW5mbHVlbmNlLWNhbXBhaWduLWRvbmF0aW9ucy0xODI4NzMwIj48aDEgY2xhc3M9ImFyMjMtdGl0bGUiPkV4Y2x1c2l2ZTogSG93ICQxTSBGcm9tIENoaW5hLWxpbmtlZCBHcm91cHMgT2lsZWQgTmV3IFlvcmsgUG9saXRpY3M8L2gxPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1696003588370&aid=a-08dr&se=e30&duid=01a1b5c576a3--01hbgv203g5a3c53hsrex2e5qq&tna=v2.8.0&pu=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw%26utm_content%3D276331523%26utm_source%3Dhs_email&ext__pubcid=5198806b-c3e4-4df7-8474-1ee9243af4dd&wpn=lc-bundle&c=PHRpdGxlPkV4Y2x1c2l2ZTogSG93ICQxTSBGcm9tIENoaW5hLWxpbmtlZCBHcm91cHMgT2lsZWQgTmV3IFlvcmsgUG9saXRpY3M8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIE5ld3N3ZWVrIGludmVzdGlnYXRpb24gZm91bmQgY2FtcGFpZ24gY29udHJpYnV0aW9ucyBmcm9tIGtub3duICZxdW90O3VuaXRlZCBmcm9udCZxdW90OyBmaWd1cmVzIGFuZCBncm91cHMgaW4gdGhlIE5ldyBZb3JrIGFyZWEuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cubmV3c3dlZWsuY29tL2NoaW5hLWNvbW11bmlzdC1wYXJ0eS1uZXcteW9yay1wb2xpdGljYWwtaW5mbHVlbmNlLWNhbXBhaWduLWRvbmF0aW9ucy0xODI4NzMwIj48aDEgY2xhc3M9ImFyMjMtdGl0bGUiPkV4Y2x1c2l2ZTogSG93ICQxTSBGcm9tIENoaW5hLWxpbmtlZCBHcm91cHMgT2lsZWQgTmV3IFlvcmsgUG9saXRpY3M8L2gxPg&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmExNzg6NmJiODphYTU4&n3pc=true

Request Chain 202

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 203

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 205

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true

Request Chain 208

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0FGOTFGNkQtNDNFRC00MjkzLUJDNzktN0UyNkM2Q0UzODEz&gdpr=-1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0FGOTFGNkQtNDNFRC00MjkzLUJDNzktN0UyNkM2Q0UzODEz&gdpr=-1&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D672838BE-16DA-42A9-A805-BB14EF095D82&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82

Request Chain 213

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRb2CVCNbVdDLnqdPB58XAAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZRb2CVCNbVdDLnqdPB58XAAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOPuvsLOeG_JiCZ3N28b23A&google_cver=1

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRb2CVCNbVdDLnqdPB58XAAADOUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZRb2CVCNbVdDLnqdPB58XAAADOUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO9uoKj46n6W5TeL1TaV4QM&google_cver=1

Request Chain 215

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRb2CVCNbVdDLnqdPB58XAAADOUAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRb2CVCNbVdDLnqdPB58XAAADOUAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 216

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1696089993

Request Chain 218

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

Request Chain 219

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1513387752976789289&expiration=1697213203

Request Chain 223

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=672838BE-16DA-42A9-A805-BB14EF095D82&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=672838BE-16DA-42A9-A805-BB14EF095D82&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 224

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EktVBUJIVAoJSlcCHUlJVUBHUAEJTgIFQhw5_qJx HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D672838BE-16DA-42A9-A805-BB14EF095D82&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82

Request Chain 225

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2507687704818515354&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

Request Chain 226

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284279965842143379&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Zyg4vhbaQqmoBbsU7wldgg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 229

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1631497706 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=672838BE-16DA-42A9-A805-BB14EF095D82

Request Chain 230

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=672838BE-16DA-42A9-A805-BB14EF095D82 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZDMzV3ZzMDJCMFRRanFRalUzajZmdUNIZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=1513387752976789289&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjcyODM4QkUtMTZEQS00MkE5LUE4MDUtQkIxNEVGMDk1RDgy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D672838BE-16DA-42A9-A805-BB14EF095D82&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMDeMfbNnt-VK8_yXCcHZFs&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D672838BE-16DA-42A9-A805-BB14EF095D82&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82

Request Chain 234

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5219754741709597558 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

238 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzv5nR32W50kH_H6lZ3ndW7ymm27525yTcW11bWhZ3y8ZdcV65m_H4KxhSkW90zJ4f5dtB8XW6sBV7g5hm5xnW6cw6Bs93tLJ_W7yG_9M7_hN3pVNT07595LF50W8xwDvy7tFnn1W22pkfQ6dBkxZW1jBk6...
info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/ 8 KB
3 KB 303ms
210ms Document
text/html 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzv5nR32W50kH_H6lZ3ndW7ymm27525yTcW11bWhZ3y8ZdcV65m_H4KxhSkW90zJ4f5dtB8XW6sBV7g5hm5xnW6cw6Bs93tLJ_W7yG_9M7_hN3pVNT07595LF50W8xwDvy7tFnn1W22pkfQ6dBkxZW1jBk6-10kKRJW6B1z_12rtLv9V7Cm-v8B6XCCN4ywLDXkwHjDN71T4hpv4ylwN7mpVTKKR3N-W5G4SbX2Xv-gRW3kfMLX8CZGj9W1fXFXf4sZ9-MW3ywxrM37L7fVW8kcZw75ZWc9lN5WPdcjSdvmzW1vdn7v4Wkq4hW73c_VN75STrxW8F1W1214cRXlW8Dnjgl8FwMGgVRYc_H48XDmGN3ytMbp-Jy3lW5v-CnB6XVB8lN7DWZVytl5HTW29lX3S78P9cbW2PFGBX6SpHm_f4GLRzH04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 80e579312aff9004-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Fri, 29 Sep 2023 16:06:26 GMT
last-modified: Fri, 29 Sep 2023 16:06:26 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsTHekcg%2BRxBK80LCp6v8wztP5OvTwlEkDgWBab5VLabaxtFZ%2FXEC9XVv9huo8XFBSneMGN14XJ0pWqVKkALCF7fNCEZmHKJcsydUSfHRJ7eZcxRLmO0VXhSRi1NysN9YTsFSTerkqkItdlUSCJEmSHl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 31
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-7d997f8c5-kcsnm
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hubspot-correlation-id: 0e58118e-9403-4315-880f-25f1b9b57dd7
x-request-id: 0e58118e-9403-4315-880f-25f1b9b57dd7
x-robots-tag: none

GET
H2

200

Primary Request china-communist-party-new-york-political-influence-campaign-donations-1828730 Show response
www.newsweek.com/
Redirect Chain

https://info.illicitedge.com/events/public/v1/encoded/track/tc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzv5nR32W50kH_H6lZ3ndW7ymm27525yTcW11bWhZ3y8ZdcV65m_H4KxhSkW90zJ4f5dtB8XW6sB...
https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQT...

369 KB
86 KB

360ms
112ms

Document
text/html

99.83.219.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email

Requested by

Host: info.illicitedge.com
URL: https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzv5nR32W50kH_H6lZ3ndW7ymm27525yTcW11bWhZ3y8ZdcV65m_H4KxhSkW90zJ4f5dtB8XW6sBV7g5hm5xnW6cw6Bs93tLJ_W7yG_9M7_hN3pVNT07595LF50W8xwDvy7tFnn1W22pkfQ6dBkxZW1jBk6-10kKRJW6B1z_12rtLv9V7Cm-v8B6XCCN4ywLDXkwHjDN71T4hpv4ylwN7mpVTKKR3N-W5G4SbX2Xv-gRW3kfMLX8CZGj9W1fXFXf4sZ9-MW3ywxrM37L7fVW8kcZw75ZWc9lN5WPdcjSdvmzW1vdn7v4Wkq4hW73c_VN75STrxW8F1W1214cRXlW8Dnjgl8FwMGgVRYc_H48XDmGN3ytMbp-Jy3lW5v-CnB6XVB8lN7DWZVytl5HTW29lX3S78P9cbW2PFGBX6SpHm_f4GLRzH04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a4fb2973ac9c49f88.awsglobalaccelerator.com

Software

Resource Hash

6bdec229eed0828ed72159419659e753626704fbb15321788e2f6be0cad1bf56

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzv5nR32W50kH_H6lZ3ndW7ymm27525yTcW11bWhZ3y8ZdcV65m_H4KxhSkW90zJ4f5dtB8XW6sBV7g5hm5xnW6cw6Bs93tLJ_W7yG_9M7_hN3pVNT07595LF50W8xwDvy7tFnn1W22pkfQ6dBkxZW1jBk6-10kKRJW6B1z_12rtLv9V7Cm-v8B6XCCN4ywLDXkwHjDN71T4hpv4ylwN7mpVTKKR3N-W5G4SbX2Xv-gRW3kfMLX8CZGj9W1fXFXf4sZ9-MW3ywxrM37L7fVW8kcZw75ZWc9lN5WPdcjSdvmzW1vdn7v4Wkq4hW73c_VN75STrxW8F1W1214cRXlW8Dnjgl8FwMGgVRYc_H48XDmGN3ytMbp-Jy3lW5v-CnB6XVB8lN7DWZVytl5HTW29lX3S78P9cbW2PFGBX6SpHm_f4GLRzH04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 87621
content-type: text/html; charset=UTF-8
date: Fri, 29 Sep 2023 16:06:27 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
x-b: V6.3-3 web3
x-cache: hit cached
x-cache-hits: 2
x-content-type-options: nosniff
x-debug
x-forwarded-for: 217.114.215.131
x-frame-options: SAMEORIGIN
x-ua-device: desktop
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 80e579329ced9004-FRA
content-security-policy: upgrade-insecure-requests
date: Fri, 29 Sep 2023 16:06:27 GMT
link: <https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email>; rel="canonical"
location: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tN1AROGK0ncH49qL1XODppDm5fT5iGPb5NoR6NnyUhswgc%2Bd4EAwz4mT%2F7NmdNWnRaVjcFmYVkqcgQtHi5Pa9YhzFa%2BusHxKMZZwoqx1nXAqOm0DhUruo%2Bmhhzbm4Uv4m9M17%2Fn3NfhtY7i3FRWSfeHX"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 49
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-7d997f8c5-c5sdl
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hubspot-correlation-id: 5380a361-f0dc-42ec-b6dc-f2d3e7123a0c
x-request-id: 5380a361-f0dc-42ec-b6dc-f2d3e7123a0c
x-robots-tag: none

GET
H2 200 merriweather.woff2
g.newsweek.com/www/fonts/ 13 KB
13 KB 98ms
27ms Font
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/fonts/merriweather.woff2

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

75a101a7c3214c232948e4251501543cb799110b868d79c0d5e820add0de292d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
Origin: https://www.newsweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Mon, 03 Apr 2023 02:17:21 GMT
server: Apache
etag: "1680488241"
x-hw: 1696003587.cds291.fr8.hn,1696003587.cds286.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 12855

GET
H2 200 roboto-regular.woff2
g.newsweek.com/www/fonts/ 11 KB
11 KB 98ms
28ms Font
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/fonts/roboto-regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
Origin: https://www.newsweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Mon, 03 Apr 2023 02:17:21 GMT
server: Apache
etag: "1680488241"
x-hw: 1696003587.cds291.fr8.hn,1696003587.cds246.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 11051

GET
H2 200 roboto-medium.woff2
g.newsweek.com/www/fonts/ 11 KB
11 KB 101ms
31ms Font
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/fonts/roboto-medium.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
Origin: https://www.newsweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Mon, 03 Apr 2023 02:17:21 GMT
server: Apache
etag: "1680488241"
x-hw: 1696003587.cds291.fr8.hn,1696003587.cds166.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 11095

GET
H2 200 Genericons.woff2
g.newsweek.com/www/fonts/ 10 KB
11 KB 119ms
49ms Font
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/fonts/Genericons.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

ceea53e44ec565f4238f76684d3c16fe2c0806d7d0208678105d6f64320b8e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
Origin: https://www.newsweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Wed, 19 Jul 2023 01:54:06 GMT
server: Apache
etag: "1689731646"
x-hw: 1696003587.cds291.fr8.hn,1696003587.cds254.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 10711

GET
H2 200 df5dc5eecc36a33265e9b716ef5d826c.css
g.newsweek.com/sys/css/ 48 KB
10 KB 102ms
32ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/df5dc5eecc36a33265e9b716ef5d826c.css?v=1695994039

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

f353642b9b7c2a0ce7b9664de3a95a4877b46103bbc061eb683cdb1701208c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 13:27:22 GMT
server: Apache
etag: "1695994042"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds154.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 9852

GET
H2 200 f975cb2dee59c2867351daea194bffe3.css
g.newsweek.com/sys/css/ 67 KB
16 KB 102ms
32ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/f975cb2dee59c2867351daea194bffe3.css?v=1695994039

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

6cf37ac3911a6525d9594180a9a71744979d8ef399c91f6a2df81b32c58b21da

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 13:27:22 GMT
server: Apache
etag: "1695994042"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds333.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 16616

GET
H2 200 07bba1a9c30c8f01d28d980808d6b064.js Show response
g.newsweek.com/sys/js/ 652 KB
189 KB 121ms
52ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/js/07bba1a9c30c8f01d28d980808d6b064.js?v=1695994039

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

3745e2aec03f7cbf1fd5588a8abc421733c57b87c50dbe9edc358f4495ef5d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 13:27:22 GMT
server: Apache
etag: "1695994042"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds334.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 193368

GET
H2 200 63de0ab067ff89c7907d9ce09f70f6ab.js Show response
g.newsweek.com/sys/js/ 145 KB
46 KB 167ms
98ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/js/63de0ab067ff89c7907d9ce09f70f6ab.js?v=1695994039

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

518841db695f2284b31a21152fce366c48ceb946bff927e44c961924f4bf81d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 13:27:22 GMT
server: Apache
etag: "1695994042"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds217.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 46712

GET
H2 200 ats.js Show response
ats-wrapper.privacymanager.io/ats-modules/6fbf74f5-22f0-45ea-952c-e066909dd9f1/ 156 KB
51 KB 98ms
28ms Script
application/javascript 18.239.18.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats-wrapper.privacymanager.io/ats-modules/6fbf74f5-22f0-45ea-952c-e066909dd9f1/ats.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-45.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 895af39f3eef3eeb1cc33ab556291014f811b089d1a1c2915b8fcf6b61ef336a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: bJkAYYDMhA.jBDQs1R2aI9naL1a5NhE2
content-encoding: gzip
via: 1.1 552fc57e69ec905c4246244771e7453a.cloudfront.net (CloudFront)
date: Fri, 29 Sep 2023 15:43:21 GMT
last-modified: Thu, 28 Sep 2023 12:32:24 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 1388
x-amz-server-side-encryption: AES256
etag: W/"1d073c2975e2b4244222833d442207f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: xyUzdPvsaCuMchwksC4IjMtTCpjGjJVsPBc3ViIbS79D1MfyT5nN5A==

GET
H2 200 script.js Show response
cadmus.script.ac/d275im4r3zngba/ 129 KB
45 KB 92ms
28ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54f41257aafb6a6d9a39fd692d7d696b46747871568e0025e3362d7974bc1e36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
last-modified: Fri, 29 Sep 2023 11:48:06 GMT
server: cloudflare
age: 0
etag: W/"19b2790b482ec20541eaf595e85c8389a41b5960"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 80e57936ff8e30c0-FRA

GET
H2 200 gdpr-liveramp.js Show response
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ 20 KB
7 KB 90ms
26ms Script
text/javascript 2600:9000:20a0:6600:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/gdpr-liveramp.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:6600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec4542eb50bc747d25076b6bf41c5d80b139e6ed8b68ddd5f47ede10c3666120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 20:34:52 GMT
x-amz-version-id: LzURT3UdseyWngodcZbTCoBKe.MohWab
content-encoding: gzip
via: 1.1 818c6aa3ba5cbb6c0be8757bc2002810.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 70296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="gdpr-liveramp.js"
last-modified: Thu, 24 Aug 2023 10:21:45 GMT
server: AmazonS3
etag: W/"6bfb295b1b802d022c7dd3e569c9d1af"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: 3guuDwfEVvZ0mdcY2hhJXbJrqAuBSCKfg9fy0F-HD9TizNsaDD_8fA==

HEAD
H2 200 prebid.js
g.newsweek.com/www/js/ 0
0 98ms
53ms Fetch
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/js/prebid.js?v=8.16.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 22 Sep 2023 20:50:45 GMT
server: Apache
etag: "1695415845"
x-hw: 1696003587.cds291.fr8.hn,1696003587.cds237.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 162783

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 275 KB
89 KB 83ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TVS8NW5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa17366e04180aef2dbdbcf00c2c0e4f5df7784de2ee6d1cc6f1e20c0714346f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90839
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Sep 2023 16:06:27 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 98 KB
33 KB 110ms
29ms Script
application/javascript 18.239.83.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-119.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:03:36 GMT
content-encoding: gzip
via: 1.1 459ec09472abb8544521a9b5cc6706ce.cloudfront.net (CloudFront)
last-modified: Tue, 29 Aug 2023 21:44:22 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 172
x-amz-server-side-encryption: AES256
etag: W/"edee28fbd3a5c9f3c17e0333554b5646"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: ZdUwl5ETCVfgZlb59PdjbvD7hOvuUoNrAk8MIf-9mcrRYJ1BfD7Upg==

GET
H2 200 1167ac37-ecf7-4344-80a3-0f9b85c11565-web.js Show response
f35b59fc-90c6-428e-a9e4-494353d0f0e1.edge.permutive.app/ 408 KB
118 KB 106ms
50ms Script
application/javascript 2606:4700:4400::ac40:9256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://f35b59fc-90c6-428e-a9e4-494353d0f0e1.edge.permutive.app/1167ac37-ecf7-4344-80a3-0f9b85c11565-web.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c767d7126ec71e3cbc2f834c4bc9cddba77a62cb3c29a711c3e26bcdb0651f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: f35b59fc-90c6-428e-a9e4-494353d0f0e1
age: 0
x-guploader-uploadid: ADPycdsJSu_B_XPzjQBZPLblz3lkorJ58222CSk-mMIWhtHuoCn05TIJRxclXVmIdIxsYYIYYrH7YYf_XD6DeNbRYji6mf5Yx8E1
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Fri, 29 Sep 2023 15:07:13 GMT
server: cloudflare
etag: W/"60d68a6a186fbc081914f713fca97d9a"
vary: Accept-Encoding
x-goog-generation: 1696000033933374
content-type: application/javascript
x-goog-hash: crc32c=WaRgJQ==, md5=YNaKahhvvAgZFPcT/Kl9mg==
cache-control: public, max-age=900
x-goog-stored-content-length: 123850
timing-allow-origin: *
cf-ray: 80e57936eae39b6e-FRA
expires: Fri, 29 Sep 2023 16:21:27 GMT

GET
H2 200 a-08dr.min.js Show response
b-code.liadm.com/ 44 KB
15 KB 108ms
29ms Script
application/javascript 2600:9000:2090:9e00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-08dr.min.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:9e00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 63191055d5aa5d78954138c232f3874189570389c0994e58d7152ca7133c9f1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:12:29 GMT
content-encoding: gzip
via: 1.1 a7f9178d47a7241f2ecd6c65877f7100.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 21238
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: TxqAmc_uIrVSnFjkyBO-yxn8bWEKSUHU0a12mpz-gOHn37uEKD3UsQ==

GET
H2 200 pub.js Show response
pub.doubleverify.com/signals/ 34 KB
12 KB 92ms
29ms Script
text/javascript 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/signals/pub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6717a799c2d9ca1870f33d998ec4c655dee7ef80974168a4fa937919a2a89aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 80e57936fc8c377b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 prebid.js Show response
g.newsweek.com/www/js/ 494 KB
159 KB 101ms
100ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/js/prebid.js?v=8.16.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

48b0a7bb064129b8e4cbee21c4af10820488cec23ab7f2b5d90a170198035f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 22 Sep 2023 20:50:45 GMT
server: Apache
etag: "1695415845"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds237.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 162783

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 255 KB
63 KB 90ms
28ms Script
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 15:15:38 GMT
content-encoding: gzip
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 4792ba662c3860029a9df33f3dc5f36c.cloudfront.net (CloudFront)
last-modified: Thu, 21 Sep 2023 19:18:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P4
age: 3050
x-amz-server-side-encryption: AES256
etag: W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 8yB3GF14NcRannN9hHIo8U0w3WjWzXPz7WjXY1C8Oz1GKGjanrs_uQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 172ms
122ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9031f418f14bed68af4f0f6a17a6f8cce44c41f41b8edb2fe386038e57f07d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29473
x-xss-protection: 0
server: cafe
etag: 933 / 19629 / m202309210101 / config-hash: 6693637385863441016
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 16:06:27 GMT

GET
H2 200 b Show response
query.fqtag.com/ 82 B
186 B 94ms
31ms Script
text/plain 35.186.195.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.fqtag.com/b?org=YQwTNw4Muk9XFo4QH9JJ&sk=Wxsob0fAt4ZFyMO18SqG&callback=fq_callback&p=www.newsweek.com_article&a=article&cmp=hs_email%7Cemail%7CIllicit%2520Edge%2520Daily&cb=1696003587597&url=none&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.132%20Safari%2F537.36
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.222 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 222.195.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82

GET
H2 200 embed.js Show response
public.flourish.studio/resources/ 20 KB
7 KB 93ms
26ms Script
application/javascript 13.227.219.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.flourish.studio/resources/embed.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-126.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e25eab19abdd2c4f70c40c3b57c3c654771ff74374fe79658e2ec80ee01075a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: DuTH0Tlx_E.ooKW7PWoN67Wwqy4KfME7
content-encoding: gzip
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
date: Fri, 29 Sep 2023 16:04:52 GMT
x-amz-cf-pop: AMS54-C1
age: 95
x-cache: Hit from cloudfront
last-modified: Thu, 21 Sep 2023 08:12:03 GMT
server: AmazonS3
etag: W/"b16d36182e82b18bd9eace58b0bd85df"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: gWYiHiFfwhr5tttLJNfIm4C0caRrrJz0RCYzSH-03ePf2mti9Moisg==

GET
H2 200 newsweek-desktop-tablet.svg
g.newsweek.com/www/images/ 5 KB
2 KB 101ms
101ms Image
image/svg+xml 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/newsweek-desktop-tablet.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

8ce476dde9b9b92f126791e81d5cbae559136c63f4d6bed6247c772fac4f2fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Sun, 20 Aug 2023 21:28:26 GMT
server: Apache
etag: "1692566906"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds016.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 2190

GET
H2 200 newsweek-90-desktop-tablet.svg
g.newsweek.com/www/images/ 4 KB
2 KB 101ms
100ms Image
image/svg+xml 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/newsweek-90-desktop-tablet.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

7400a35ae835dcd70e251075bbc749f934f7b7c3e949e4c80707f8b7b10cc11b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Tue, 28 Mar 2023 22:17:21 GMT
server: Apache
etag: "1680041841"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds056.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 1731

GET
H2 200 search-icon-header.svg
g.newsweek.com/www/images/ 714 B
490 B 102ms
101ms Image
image/svg+xml 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/search-icon-header.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

b89c1b190cb7edcbe5357a9876d19b8066f5bfdc7863352441fc1d78582acb3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Tue, 28 Mar 2023 22:17:20 GMT
server: Apache
etag: "1680041840"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds216.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 382

GET
H2 200 flipboard_srrw.png
g.newsweek.com/img/home/ 877 B
1015 B 102ms
101ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/img/home/flipboard_srrw.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

e4cf1c133b96419d7116640c9850740280ad5aed7e54b9749f7bb3211d6be4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Wed, 24 May 2023 02:01:57 GMT
server: Apache
etag: "1684893717"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds202.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 900

GET
H2 200 america-changle-association-ny-under-scrutiny.webp
d.newsweek.com/en/full/2286176/ 61 KB
61 KB 128ms
58ms Image
image/webp 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2286176/america-changle-association-ny-under-scrutiny.webp?w=790&f=381340b8fa665400be2dbd6afe9591d9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

dbda4174773e066475dd7d9aa90f172bdfd1fd3aee99790161bc5d178aad2573

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Tue, 26 Sep 2023 09:40:58 GMT
server: Apache
x-cacheable: YES
etag: "1695721258"
x-hw: 1696003587.cds330.fr8.hn,1696003587.cds288.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 62486

GET
H2 200 mike-gallagher.jpg
d.newsweek.com/en/full/2288503/ 2 KB
2 KB 158ms
93ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2288503/mike-gallagher.jpg?w=80&h=80&f=4ba9fbff4de0c97953cd1002c691c3e7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

995da27ba7f46489860e5cc10407228c43d5afe4bdee767ef5197de6ab40aa81

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 14:12:10 GMT
server: Apache
x-cacheable: YES
etag: "1695996730"
x-hw: 1696003587.cds330.fr8.hn,1696003587.cds329.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 2126

GET
H2 200 nydia-m-velazquez.jpg
d.newsweek.com/en/full/2288468/ 2 KB
2 KB 146ms
94ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2288468/nydia-m-velazquez.jpg?w=80&h=80&f=d436f5352e82f66473ac1db8bad4d2ec

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

3782023c21d509cfa5875b43f66922be7aacb09e0572a5714252363006956eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 14:12:10 GMT
server: Apache
x-cacheable: YES
etag: "1695996730"
x-hw: 1696003587.cds330.fr8.hn,1696003587.cds241.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 2070

GET
H2 200 a9c162b1189fd6a54b963148bf7ae3f1.js Show response
g.newsweek.com/sys/js/ 111 KB
29 KB 88ms
87ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/js/a9c162b1189fd6a54b963148bf7ae3f1.js?v=1695994039

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

f8ed7b2f7cb7c629badba2956c108c1568d2cf8ffad78b6ea018e79c798e9825

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 13:27:26 GMT
server: Apache
etag: "1695994046"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds287.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 29669

GET
H2 200 gdpr.bundle.js Show response
gdpr.privacymanager.io/latest/ 134 KB
43 KB 132ms
28ms Script
application/x-javascript 2600:9000:20c3:9400:16:f82a:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Requested by: Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/gdpr-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:9400:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6f6958cafc1ce8137b98916ad77ecdadbfbb7a3e1c4b5e42844761c88969f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: wgQRrK3AdqBfPxb10e5DlI1VGxAm.0nR
content-encoding: gzip
via: 1.1 47b2ce4c0cbd550c326fba9b552b2176.cloudfront.net (CloudFront)
date: Fri, 29 Sep 2023 15:35:39 GMT
x-amz-cf-pop: MUC50-C1
age: 1849
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:aa4939b7-8938-4263-bad6-735b2f438e74
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a774fb43ac377f3d5dab27ed94dd7eab
last-modified: Wed, 14 Jun 2023 14:11:47 GMT
server: AmazonS3
etag: W/"8e556b9e5b88a3af690f396e711da9e6"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 4b0d2139b39d6bed3333e2ea058eb5b2511f421b6bb9c6269c2e2fa6c85ff31c
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: QFTZ2ZiuCJg8did-1SwdniXJvxszU5hsggC5feIDg54lthlQBvvj1w==

GET
H2

204

redir-to-empty
pxsrv.net/
Redirect Chain

https://vtrk.doubleverify.com/?t=event&ec=page&ea=load-pq&v=1&ctx=19955922&cmp=DV1012600&cid=25b6bcd4-0b2a-4795-b527-a847ebbf59bf&z=287377489602&cd105=mode&cd160=b16d441e-1d2d-4072-80e9-d94bf3ea615...
https://pxsrv.net/redir-to-empty

0
82 B

73ms
30ms

Ping
text/plain

2606:4700:4400::ac40:9111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pxsrv.net/redir-to-empty
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Server: 2606:4700:4400::ac40:9111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
server: cloudflare
cf-ray: 80e57938fa87906c-FRA
vary: Accept-Encoding

Redirect headers

location: https://pxsrv.net/redir-to-empty
date: Fri, 29 Sep 2023 16:06:27 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 80e57937ec7191e9-FRA
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/ids/ 13 B
245 B 82ms
58ms Fetch
application/json 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/ids/pub.json?ctx=19955922&cmp=DV1012600&url=https%3A%2F%2Fnewsweek.com&ids=1

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a9c1dec1a24dd650f7b3b74a5c8ab1f6b68b653deef124accbde1c8a24abf0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.newsweek.com
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=900
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 80e579378a53196a-FRA
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H3 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/bsc/ 50 B
319 B 79ms
56ms Fetch
application/json 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/bsc/pub.json?ctx=19955922&cmp=DV1012600&url=https%3A%2F%2Fnewsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3F%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&bsc=1&abs=1

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa8255324ae6ffbf1a7a80482bf0d8019668ce3689c5623478e18d6330cd0fdb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.newsweek.com
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: public, max-age=14400
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 80e579378a55196a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 565302 Show response
videos.newsweek.com/share/ Frame FDD4 73 KB
21 KB 548ms
471ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.newsweek.com/share/565302?autostart=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

7cf97c9209764a66bd302ae849790a2cf6b9b008d6eca1e4ef0b3e285d922bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 20833
content-type: text/html; charset=UTF-8
date: Fri, 29 Sep 2023 16:06:28 GMT
server: Apache
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1696003587.cds237.fr8.hn,1696003587.cds215.fr8.sc,1696003588.dop187.dc2.r,1696003588.cds090.dc2.c,1696003588.cds215.fr8.p

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 164ms
109ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.newsweek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 29 Sep 2023 16:06:27 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 109ms
108ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 mini-red-arrow.png
g.newsweek.com/www/images/ 293 B
419 B 26ms
26ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/mini-red-arrow.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

663e7a7ff116be91e78826f6ded95eb96e4f25f278895e8074854684eef0b439

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Mon, 03 Apr 2023 02:18:51 GMT
server: Apache
etag: "1680488331"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds249.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 312

GET
H2 200 counter.js Show response
gc.newsweek.com/front/js/ 2 KB
1 KB 101ms
37ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://gc.newsweek.com/front/js/counter.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

c5731df9cb85bb777fe8589795bf6fd7da11bc4057e68bab4b69a20d32c172eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Tue, 22 Aug 2023 05:22:41 GMT
server: Apache
etag: "1692681761"
x-hw: 1696003587.cds219.fr8.hn,1696003587.cds216.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 822

GET
H2 200 3376 Show response
config.aps.amazon-adsystem.com/configs/ 505 B
771 B 96ms
26ms Script
application/javascript 18.238.243.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3376
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-82.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: f6a1c2a83a1913c8b2f1c5531f60d93bba3534509f5e8bb887f965398a0db240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 15:47:09 GMT
via: 1.1 d120748dba94009201c8a9c5c612c7fc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
age: 1158
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: 7in_Lq2RVj5p3trXQMvZMXnsWnlvtfX_CikBuLPm5tdo-cAC4HY1GA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 25ms
24ms XHR
application/json 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3376&u=https%3A%2F%2Fwww.newsweek.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 5f67ee310c4ef7f8a218add2bdc6f18bf316d239b07a3d4b62c9c33e13b65e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 13:48:34 GMT
via: 1.1 4792ba662c3860029a9df33f3dc5f36c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
age: 8272
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.newsweek.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1260
x-amz-cf-id: -QUfOMnBid2Mf8RzS-dyNwf6fEJIX1Ms6nA5XJbczWiWTYS2LWjt6Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 24ms
24ms XHR
application/json 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3376&u=https%3A%2F%2Fwww.newsweek.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 5f67ee310c4ef7f8a218add2bdc6f18bf316d239b07a3d4b62c9c33e13b65e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 13:48:34 GMT
via: 1.1 4792ba662c3860029a9df33f3dc5f36c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
age: 8272
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.newsweek.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1260
x-amz-cf-id: sniHtawnj6ILodJ4BSvnh8rRf2bPmiRtOqRlQrcp44T6L2QnsgRgoA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 74ms
25ms XHR
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 13676fca7076b460ad3ad018e40a51da.cloudfront.net (CloudFront)
date: Fri, 29 Sep 2023 05:24:41 GMT
x-amz-cf-pop: AMS58-P4
age: 38508
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: kzm6GF2D3HMKO6s_bjX-aXQ9BFuN9R-hzNjH_zt7AxdATnDCUEoBQw==

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
606 B 128ms
27ms Fetch
application/json 18.239.83.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-118.ams58.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 01:36:57 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront), 1.1 06cdb267b93af0cbfcd6cc564136784a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, AMS58-P5
age: 52171
x-amzn-requestid: 99463ceb-7b88-4794-b970-d0354b2140ca
x-amzn-trace-id: Root=1-65162a38-26aa0a5b6accc4613003b70e;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: L_uI8EBUDoEFi6w=
content-length: 28
x-amz-cf-id: otVmuzjqgRALx-MQNTF20DwapZZ4nBbxH7oW2sXYp344jWAtKtYqow==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 356ms
111ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=utm_campaign%3DIllicit%20Edge%20Daily&page=utm_medium%3Demail&page=_hsmi%3D276331523&page=_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&page=utm_content%3D276331523&page=utm_source%3Dhs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://www.newsweek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://www.newsweek.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Fri, 29 Sep 2023 16:06:28 GMT

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 288 B
496 B 116ms
115ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=utm_campaign%3DIllicit%20Edge%20Daily&page=utm_medium%3Demail&page=_hsmi%3D276331523&page=_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&page=utm_content%3D276331523&page=utm_source%3Dhs_email
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: c61eb1590bfcc266b488a4b4ba12f5ab75a72faf91d34f9e4ac4c37e212aa6d4

Request headers

x-lib-version: v1.0.1
accept-language: de-DE,de;q=0.9
authorization: Bearer 52c43f73e41c3f02b4244eced8ecb340
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://www.newsweek.com/
x-referring-url: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 195
expires: -1

GET
H2 200 logo-n1.svg
g.newsweek.com/www/images/ 409 B
365 B 25ms
24ms Image
image/svg+xml 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/logo-n1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Wed, 19 Jul 2023 01:54:09 GMT
server: Apache
etag: "1689731649"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds154.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 294

GET
H2 200 free-sign-up.svg
g.newsweek.com/www/images/ 3 KB
1 KB 25ms
25ms Image
image/svg+xml 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/free-sign-up.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Wed, 19 Jul 2023 01:54:09 GMT
server: Apache
etag: "1689731649"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds135.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 1332

GET
H2 200 sub-triangle.svg
g.newsweek.com/www/images/ 162 B
253 B 25ms
24ms Image
image/svg+xml 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/sub-triangle.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

d65830a977d509eea74379eec45272c4eef7e32fb55150d9b86cf199a2f542be

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Tue, 28 Mar 2023 22:17:20 GMT
server: Apache
etag: "1680041840"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds321.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 157

GET
H2 200 arrow-red-right.svg
g.newsweek.com/www/images/ 607 B
457 B 24ms
24ms Image
image/svg+xml 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/arrow-red-right.svg

Requested by

Host: g.newsweek.com
URL: https://g.newsweek.com/sys/css/df5dc5eecc36a33265e9b716ef5d826c.css?v=1695994039

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

ac14c791cd3f93147861337f1e5afe7aea4d06046d31132937fe5071b977786b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g.newsweek.com/sys/css/df5dc5eecc36a33265e9b716ef5d826c.css?v=1695994039
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Mon, 28 Aug 2023 23:08:18 GMT
server: Apache
etag: "1693264098"
x-hw: 1696003587.cds226.fr8.hn,1696003587.cds270.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 349

GET
H2 200 embed Show response
flo.uri.sh/visualisation/14579019/ Frame 3CAA 827 KB
240 KB 100ms
36ms Document
text/html 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/visualisation/14579019/embed?auto=1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5bd1ec0b44d29f4faeacad2a327eb92a4ebce46809e3138501b364c0fe0e904

Request headers

Referer: https://www.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44605
cache-control: max-age=0
cf-cache-status: HIT
cf-ray: 80e579393c38036e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 29 Sep 2023 16:06:28 GMT
last-modified: Thu, 28 Sep 2023 15:52:46 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: K0rOHCfK0SqQcGSJJE2rL72qdFZUj6IG91JEQMJC55Nohsrvw1QeUjXe1Rl2x3sAKaWPdPYot+U=
x-amz-request-id: V88GMFHSP1S8ZD9A
x-amz-version-id: pexWs8x9pGf3oN_sBl0373E7knBLV97g

GET
H2 200 embed Show response
flo.uri.sh/visualisation/14579378/ Frame 0D82 826 KB
240 KB 94ms
40ms Document
text/html 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/visualisation/14579378/embed?auto=1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8404ddfde874af663654f2786296ca6328f35711996cb76ae15b86611af3a17

Request headers

Referer: https://www.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36345
cache-control: max-age=0
cf-cache-status: HIT
cf-ray: 80e579393c3b036e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 29 Sep 2023 16:06:28 GMT
last-modified: Thu, 28 Sep 2023 15:53:01 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: qO644JJZZ7bMHSkcZIITaNtfHC8jYIVXjPUmt3VULuDpbVzYm61muubnfVv+qK2h7Lo4o+n7ta0=
x-amz-request-id: V68C0GAVNEJKYM4R
x-amz-version-id: 3mHJgI28CbsDhdBP4iH6GS8Cs_YxMCKB

GET
H2 200 bosh.svg
public.flourish.studio/resources/ 1 KB
1 KB 26ms
25ms Image
image/svg+xml 13.227.219.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/resources/bosh.svg
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-126.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0006523de48f55fcc9ba3033a00b971eca83c0393217fcacaa0bf60be40d9cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: VoHkv0b23GO0FIAN0gF.w6LPgqv_jdIp
content-encoding: gzip
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
date: Thu, 28 Sep 2023 20:16:59 GMT
x-amz-cf-pop: AMS54-C1
age: 71369
x-cache: Hit from cloudfront
last-modified: Wed, 11 Nov 2020 12:02:50 GMT
server: AmazonS3
etag: W/"3ac8022f70176732ca94dd87bb59ee9d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: fHjLZfvWOfEtbw11hX05zQAmMadoVvDFps7HEs0mjULKmYtbsTjz6g==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 138ms
35ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 29 Sep 2023 16:21:28 GMT

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 136ms
34ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Fri, 29 Sep 2023 16:21:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
92 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2PP6KZK9B2&l=dataLayer&cx=c

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce061d4f82a8144bf91b19b8e48633d241f936fd00afaf2b470a21717c1bd892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93653
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Sep 2023 16:06:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 29 Sep 2023 15:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1327
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 29 Sep 2023 17:44:21 GMT

GET
H2 200 p.js Show response
fpa-cdn.newsweek.com/keys/newsweek.com/ 57 KB
19 KB 123ms
31ms Script
application/x-javascript 108.156.60.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fpa-cdn.newsweek.com/keys/newsweek.com/p.js?gtm_ver=3.1f
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-58.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e8968dd711bd151575e58f6251e4c82f36658fce33aceea48257d7038940fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:45:10 GMT
content-encoding: gzip
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 17:59:17 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 29640
x-amz-server-side-encryption: AES256
etag: W/"4912b6e62aef4fc3513b6dc4032f6f53"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YZUjTS_eUA8AeW0713mwZX29x-_46B6Pat9rPDLH74w8f8yB_q307g==

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6972086/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

28ms
27ms

Script
application/javascript

18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:24:17 GMT
content-encoding: gzip
via: 1.1 cf275c3404dbe6c17a831886bac6a64c.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 09:10:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 57051
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: Xgp4yj7fX2ej4aleJqZrywVZOs522yD1tosBkd-1q2h2Y8KhfZrVqw==

Redirect headers

date: Fri, 29 Sep 2023 16:06:28 GMT
via: 1.1 cf275c3404dbe6c17a831886bac6a64c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: IhHciIfUPfVEWMsVW4pprqKnDI6twPiTmI6kSuEuyihw62zt17F3zA==

GET
H2 200 play-list Show response
d.newsweek.com/widget/ 6 KB
1 KB 87ms
41ms XHR
application/json 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://d.newsweek.com/widget/play-list?nid=565305&items=3&v=11695994039

Requested by

Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/63de0ab067ff89c7907d9ce09f70f6ab.js?v=1695994039

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

dd8a72bddea56b664e8cd6c3e7503bb45da1cd228dfedd2ac14ac836d2ed7fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 14:36:19 GMT
server: Apache
x-cacheable: YES
etag: "1695998179"
x-hw: 1696003588.cds281.fr8.hn,1696003588.cds258.fr8.c
content-type: application/json
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 1102

GET
H2 200 home-opinion Show response
d.newsweek.com/json/ 22 KB
3 KB 74ms
35ms XHR
application/json 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://d.newsweek.com/json/home-opinion?time=1695992781&te=1695994039

Requested by

Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/63de0ab067ff89c7907d9ce09f70f6ab.js?v=1695994039

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

cc9d9b6725b3c0f5438b9daa1cebe0d4d6df447144f9ca782b55e3a3e84236b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 13:27:23 GMT
server: Apache
x-cacheable: YES
etag: "1695994043"
x-hw: 1696003588.cds281.fr8.hn,1696003588.cds256.fr8.c
content-type: application/json
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, public
accept-ranges: bytes
content-length: 2565

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/ 409 KB
129 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:19:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20827
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132106
x-xss-protection: 0
server: cafe
etag: 17184539905708832606
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 28 Sep 2024 10:19:21 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 447ms
32ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsweek.com%2F&domain=www.newsweek.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.newsweek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 29 Sep 2023 16:06:27 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 178272
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
251 B 150ms
108ms Fetch
application/json 2600:1901:0:8344::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0014000000xvEivAAE&gdpr=0&src=pbjs&ver=8.16.0&coppa=0
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Sep 2023 16:06:27 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.newsweek.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 / Show response
id.a-mx.com/sync/ 66 B
540 B 97ms
33ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email&tl=https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email&nf=0&rt=true&v=8.16.0&av=2.0&vg=pbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72293ed147ea7bab4fe14ba0afca55f2fadb477d3a1ecefa397f36fd2b5f5647

Request headers

Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zPuePNA%2B9w5f9MWa2Pklx2xjGnRNlaUBi1Cejc6B4IWTB163o3Ew8BzOuw1Ca2IO%2BW3%2B8ZfkUK7zhzqRzh27%2FHuYeaFbyczTY53T4HZRiVA0SFMkDl0EAB8AAZU0nm0wSAC0mko1zCQag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.newsweek.com
access-control-allow-credentials: true
cf-ray: 80e5793a9acc91ed-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
375 B 105ms
34ms Fetch
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsweek.com%2F&domain=www.newsweek.com&cw=1&lsw=1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 209711
expires: 0

GET
H2 406 / Show response
prebid.sv.rkdms.com/identity/ 112 B
284 B 399ms
141ms Fetch
application/json 54.163.238.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.sv.rkdms.com/identity/?sv_domain=newsweek.com&sv_pubid=9619&ssp_ids=534404531
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.238.217 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-238-217.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: c2e5a6fd9b7945c633d8de3df04da2154f67cc1a82274b16fe595984e8c8a235

Request headers

Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.newsweek.com
date: Fri, 29 Sep 2023 16:06:28 GMT
access-control-allow-credentials: true
server: nginx/1.24.0
content-length: 112
vary: Origin
content-type: application/json

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
423 B 146ms
47ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=ww6qwsf&fmt=json
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: c932465e168592cf635b755c83988e681b12c1f28779565075a476550298b9e3

Request headers

Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.newsweek.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sun, 29 Oct 2023 16:06:28 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
254 B 94ms
30ms Fetch 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=33
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.newsweek.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 27ms
26ms Script
application/javascript 2600:9000:2090:9e00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:9e00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: P2G05QRInXqMbYiaQAfs8F93v0Opxze8
content-encoding: gzip
via: 1.1 a7f9178d47a7241f2ecd6c65877f7100.cloudfront.net (CloudFront)
date: Thu, 07 Sep 2023 10:11:06 GMT
last-modified: Mon, 24 Jul 2023 11:11:51 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
age: 1922123
x-amz-server-side-encryption: AES256
etag: W/"ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=2592000
x-amz-cf-id: n9UeVK05_RlkvwF3z3bTOf59y6Gav6h6WGVxpPUuf4XHR0nFdreg4Q==

GET
H2 200 implement-r.js Show response
fqtag.com/tag/ 2 KB
3 KB 90ms
32ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fqtag.com/tag/implement-r.js?org=YQwTNw4Muk9XFo4QH9JJ&p=www.newsweek.com_article_risk_Y&a=article&cmp=hs_email%7Cemail%7CIllicit%2520Edge%2520Daily&rd=none&rt=display&sl=1&fq=1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

2852b6d90407ab97ba05c07b9fe86f98ae8348c07e41f43578df1f71c9d0da5b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:28 GMT
via: 1.1 google
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2436
x-xss-protection: 0
expires: 0

GET
H2

204

redir-to-empty
pxsrv.net/
Redirect Chain

https://vtrk.doubleverify.com/?t=event&ec=page&ea=load-signals&v=1&ctx=19955922&cmp=DV1012600&cid=25b6bcd4-0b2a-4795-b527-a847ebbf59bf&z=37204238702&cd105=mode&cd160=fbceaf9b-2fb3-4ee4-90b1-6e37227...
https://pxsrv.net/redir-to-empty

0
30 B

36ms
36ms

Ping
text/plain

2606:4700:4400::ac40:9111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pxsrv.net/redir-to-empty
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Server: 2606:4700:4400::ac40:9111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
server: cloudflare
cf-ray: 80e5793b0c77906c-FRA
vary: Accept-Encoding

Redirect headers

location: https://pxsrv.net/redir-to-empty
date: Fri, 29 Sep 2023 16:06:28 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 80e5793a6f6191e9-FRA
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
BLOB 200
OK 0b305165-06f8-42c3-9fef-c6f731e72773
https://www.newsweek.com/ 121 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsweek.com/0b305165-06f8-42c3-9fef-c6f731e72773
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7555b43a01159abd10fccb227258d5d6d271f58040a078ba5f12bd9943c8618

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length: 124002
Content-Type

GET
H2 200 choices.min.css
flo.uri.sh/template/14591/v11/static/choices/styles/css/ Frame 3CAA 5 KB
2 KB 30ms
28ms Stylesheet
text/css 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/template/14591/v11/static/choices/styles/css/choices.min.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/14579019/embed?auto=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebf010cf3503db862eb22610bc84f1d2f0b174bac152f1e654e73fe9ead91ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/visualisation/14579019/embed?auto=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
x-amz-version-id: lIRpEUG1PyKcPhxFASctQ_h2ikwJc6zn
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Jun 2023 17:59:32 GMT
server: cloudflare
x-amz-request-id: FQSQB5GN96D51VZ9
age: 8627802
etag: W/"ac45b0abe30007c417750608d660cf6b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, immutable
cf-ray: 80e5793a8e50036e-FRA
x-amz-id-2: wQey4lHHDfvOCodypgnJlyvkkLzpndoqCWnXCxsl7D6hJeQwK6LwdaB9YCR0p8zQvpFYlR2yfkM=

GET
H2 200 bundle.css
flo.uri.sh/template/14591/v11/static/ Frame 3CAA 2 KB
948 B 29ms
28ms Stylesheet
text/css 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/template/14591/v11/static/bundle.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/14579019/embed?auto=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26e173d46b50b2a8c8d380a69bb31615c1e4398ea30ebbb70ffa4132d9210cdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/visualisation/14579019/embed?auto=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
x-amz-version-id: 1XC8MmMzCtRrGmiliUzwHXzn4s9f5EqF
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Jun 2023 17:59:32 GMT
server: cloudflare
x-amz-request-id: FQSGX06HM634NP9M
age: 8627802
etag: W/"b49aa2d66a0b1eb8fc849605abb0528e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, immutable
cf-ray: 80e5793a9e52036e-FRA
x-amz-id-2: xZMX9TkPY2LIYJzI7woa7FiRowrDhAbvfo7bljBafvHQCAwjRuN88/fDFVO+ZOAt8nX8ktYu53g=

GET
H2 200 embedded.js Show response
public.flourish.studio/resources/v3/ Frame 3CAA 11 KB
4 KB 27ms
27ms Script
application/javascript 13.227.219.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.flourish.studio/resources/v3/embedded.js
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/14579019/embed?auto=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-126.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7afe8f4f0ed4731290d1d60c72ff3799fdbd1e470e480b96958d118469564635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: 1WsuQCHpBMLFLXUUym2Bs6Zh.T39Om1s
content-encoding: gzip
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
date: Fri, 29 Sep 2023 16:06:16 GMT
x-amz-cf-pop: AMS54-C1
age: 12
x-cache: Hit from cloudfront
last-modified: Thu, 21 Sep 2023 08:12:03 GMT
server: AmazonS3
etag: W/"213142b5df81a77bfe162f146732d6e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: LT9Sa-Cd09HBw2F6tEzNKjWekmUURSfkj7R-gJyY8I_R342DvVowVA==

GET
H2 200 choices.min.css
flo.uri.sh/template/14591/v11/static/choices/styles/css/ Frame 0D82 5 KB
1 KB 30ms
29ms Stylesheet
text/css 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/template/14591/v11/static/choices/styles/css/choices.min.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/14579378/embed?auto=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebf010cf3503db862eb22610bc84f1d2f0b174bac152f1e654e73fe9ead91ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/visualisation/14579378/embed?auto=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
x-amz-version-id: lIRpEUG1PyKcPhxFASctQ_h2ikwJc6zn
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Jun 2023 17:59:32 GMT
server: cloudflare
x-amz-request-id: FQSQB5GN96D51VZ9
age: 8627802
etag: W/"ac45b0abe30007c417750608d660cf6b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, immutable
cf-ray: 80e5793aae80036e-FRA
x-amz-id-2: wQey4lHHDfvOCodypgnJlyvkkLzpndoqCWnXCxsl7D6hJeQwK6LwdaB9YCR0p8zQvpFYlR2yfkM=

GET
H2 200 bundle.css
flo.uri.sh/template/14591/v11/static/ Frame 0D82 2 KB
755 B 30ms
29ms Stylesheet
text/css 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/template/14591/v11/static/bundle.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/14579378/embed?auto=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26e173d46b50b2a8c8d380a69bb31615c1e4398ea30ebbb70ffa4132d9210cdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/visualisation/14579378/embed?auto=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
x-amz-version-id: 1XC8MmMzCtRrGmiliUzwHXzn4s9f5EqF
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Jun 2023 17:59:32 GMT
server: cloudflare
x-amz-request-id: FQSGX06HM634NP9M
age: 8627802
etag: W/"b49aa2d66a0b1eb8fc849605abb0528e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, immutable
cf-ray: 80e5793aae82036e-FRA
x-amz-id-2: xZMX9TkPY2LIYJzI7woa7FiRowrDhAbvfo7bljBafvHQCAwjRuN88/fDFVO+ZOAt8nX8ktYu53g=

GET
H2 200 embedded.js Show response
public.flourish.studio/resources/v3/ Frame 0D82 11 KB
4 KB 26ms
25ms Script
application/javascript 13.227.219.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.flourish.studio/resources/v3/embedded.js
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/14579378/embed?auto=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-126.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7afe8f4f0ed4731290d1d60c72ff3799fdbd1e470e480b96958d118469564635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: 1WsuQCHpBMLFLXUUym2Bs6Zh.T39Om1s
content-encoding: gzip
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
date: Fri, 29 Sep 2023 16:06:16 GMT
x-amz-cf-pop: AMS54-C1
age: 12
x-cache: Hit from cloudfront
last-modified: Thu, 21 Sep 2023 08:12:03 GMT
server: AmazonS3
etag: W/"213142b5df81a77bfe162f146732d6e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: uYLDh_ufOtbp11GfIwCEeE2_OxWYwDRbxAwUeTA4zG0cT6Otj6WuSg==

OPTIONS
H2 200 vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ Frame 0
0 77ms
25ms Preflight 2600:9000:20a0:6600:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:6600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.newsweek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
age: 29124
content-length: 0
date: Fri, 29 Sep 2023 08:01:05 GMT
server: AmazonS3
via: 1.1 0b7cb67940347be0c4ee6f93e9091938.cloudfront.net (CloudFront)
x-amz-cf-id: ny8evnFwQRs1LlYBz6tob6RIcwHNbJztzKEyqLlR7ojEn2RKp8bwCQ==
x-amz-cf-pop: AMS58-P2
x-cache: Hit from cloudfront

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 49ms
49ms Preflight
application/json 18.239.83.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-118.ams58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.newsweek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 29 Sep 2023 16:06:28 GMT
via: 1.1 400be015a105355a3fb16d2aa2a6d926.cloudfront.net (CloudFront), 1.1 06cdb267b93af0cbfcd6cc564136784a.cloudfront.net (CloudFront)
x-amz-apigw-id: MBtguG8rDoEFUAA=
x-amz-cf-id: edGQpeY_t_s5be_2ETqdpLYe9KI1-8pmfUwb9ajM39wCRX6UXr1ylw==
x-amz-cf-pop: AMS1-P3 AMS58-P5
x-amzn-requestid: 130c4b44-6053-4b89-a69c-7cc4c2aeffab
x-cache: Miss from cloudfront

GET
H2 200 vendor-list.json Show response
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ 54 KB
10 KB 35ms
33ms Fetch
application/json 2600:9000:20a0:6600:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:6600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d0c340910af98d7950c7cbcc751d776526381202e46d7050d8acc7ec3333b85

Request headers

Accept: application/json
Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

x-amz-version-id: x5YHYTt4J4OvwnKWO8ioCfGpina9_Uhw
content-encoding: gzip
via: 1.1 0b7cb67940347be0c4ee6f93e9091938.cloudfront.net (CloudFront)
date: Fri, 29 Sep 2023 04:13:45 GMT
x-amz-cf-pop: AMS58-P2
age: 42829
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="vendor-list.json"
last-modified: Thu, 24 Aug 2023 10:21:44 GMT
server: AmazonS3
etag: W/"b1e104a2a7e86815758079764bfc2728"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-amz-cf-id: QuFNVqWVg4xc6rsGQE075eKxbWwLv9G_8AiGfirIJjqnpmwrbfl6Vg==

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
606 B 28ms
27ms Fetch
application/json 18.239.83.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-118.ams58.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept: application/json
Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Sep 2023 01:36:57 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront), 1.1 06cdb267b93af0cbfcd6cc564136784a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, AMS58-P5
age: 52171
x-amzn-requestid: 99463ceb-7b88-4794-b970-d0354b2140ca
x-amzn-trace-id: Root=1-65162a38-26aa0a5b6accc4613003b70e;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: L_uI8EBUDoEFi6w=
content-length: 28
x-amz-cf-id: ztHfjMSCXo6XmMLApHKCcTh_7N25vy1jnWqAchFTvzGLtjXD5UFUAA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
606 B 27ms
26ms Fetch
application/json 18.239.83.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-118.ams58.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 01:36:57 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront), 1.1 06cdb267b93af0cbfcd6cc564136784a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, AMS58-P5
age: 52171
x-amzn-requestid: 99463ceb-7b88-4794-b970-d0354b2140ca
x-amzn-trace-id: Root=1-65162a38-26aa0a5b6accc4613003b70e;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: L_uI8EBUDoEFi6w=
content-length: 28
x-amz-cf-id: OP2TBeynYUj5Io_DVwzDv0jC2HZ0MAKyHJ94v-lLAeYQwfrcIl8nKQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 article Show response
stats.newsweek.com/counter/ 14 B
476 B 369ms
118ms Script
text/html 52.205.227.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.newsweek.com/counter/article?ack=sys_callback&site_id=7&c_what=article&a_id=1828730&r_id=35246&c_id=108&c_url=&referer=&device=desktop&a_editor=10&c_country=DE&xz=5&c_uque=1&c_ruque=1&c_visits=1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.227.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-227-48.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=25920000
content-length: 34

GET
H2 200 zhou-fengsuo.webp
d.newsweek.com/en/full/2280693/ 31 KB
31 KB 29ms
28ms Image
image/webp 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2280693/zhou-fengsuo.webp?w=790&h=444&q=75&f=3ebcd95e433ab98eacc663d6dc8735ac

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

046c53d668825a7ea3b58a5f6a66c36fa96a0013691f17fd58ed3bd9fc7e0763

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Thu, 28 Sep 2023 09:06:42 GMT
server: Apache
x-cacheable: YES
etag: "1695892002"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds275.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 31558

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d2f1224eafb6a9035c3b847f46493f285e48fd81b5e6e34f157a24d36e6230e

Request headers

Referer
Origin: https://www.newsweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 liam-barrett-bw.png
d.newsweek.com/en/full/2002678/ 5 KB
5 KB 31ms
28ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2002678/liam-barrett-bw.png?w=63&h=63&l=51&t=52&f=ebff480fae1633d5674a8ba9aaaa410d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

6e1e819cd967eaa1fddca1a6736e8d492f584812dd07f6daed0ec398a7d8107e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 12:01:45 GMT
server: Apache
x-cacheable: YES
etag: "1695988905"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds327.fr8.c
content-type: image/png
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 5254

GET
H2 200 kevin-bolling-bw.png
d.newsweek.com/en/full/2173226/ 5 KB
5 KB 36ms
32ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2173226/kevin-bolling-bw.png?w=63&h=63&f=7915edbd5b73107e03c9669aaa89b1f7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

d226c571a533aacbc049438f3c632e2233335330e2af7e593834e362518c01bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 11:29:56 GMT
server: Apache
x-cacheable: YES
etag: "1695986996"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds097.fr8.c
content-type: image/png
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 5249

GET
H2 200 josh-hammer-v2-transparent-background.png
d.newsweek.com/en/full/2204427/ 6 KB
6 KB 36ms
33ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2204427/josh-hammer-v2-transparent-background.png?w=63&h=63&l=50&t=53&f=d553f94bbcdd3bd9d4051cfc320b7d3c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

0c65f52cd578be952e12c44a2300581ebd0e457c27d9f8a91c0168539e2df4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 04 Aug 2023 22:39:35 GMT
server: Apache
x-cacheable: YES
etag: "1691188775"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds056.fr8.c
content-type: image/png
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 5677

GET
H2 200 tom-rogers.png
d.newsweek.com/en/full/1538932/ 5 KB
6 KB 36ms
33ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1538932/tom-rogers.png?w=63&h=63&f=0b40bd95cb8f95020c438d20ee6188b9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

6749b7217fb8c8fb1c099466d9c2ed1e6c64e3526e20be1377d8b0469cf7e124

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Sat, 29 Apr 2023 11:05:24 GMT
server: Apache
x-cacheable: YES
etag: "1682766324"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds334.fr8.c
content-type: image/png
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 5556

GET
H2 200 mark-mix.png
d.newsweek.com/en/full/2277398/ 6 KB
6 KB 36ms
33ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2277398/mark-mix.png?w=63&h=63&l=47&t=51&f=437715a47d873629b3b796a66058ae29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

953e842eed2fddf0b2965e54069c501d4a5ef3ba6e1e806f5c71a414ce9329ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 01 Sep 2023 17:46:44 GMT
server: Apache
x-cacheable: YES
etag: "1693590404"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds107.fr8.c
content-type: image/png
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 5679

GET
H2 200 jeff-charles-bw-v2.png
d.newsweek.com/en/full/2004535/ 6 KB
6 KB 44ms
42ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2004535/jeff-charles-bw-v2.png?w=63&h=63&l=53&t=51&f=08407139a5f3ea4d43edb7c63f694683

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

7fc0afc079ef9487d71d822f4e06b7dc0dbf0563210958381f107673f8556aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 08:01:43 GMT
server: Apache
x-cacheable: YES
etag: "1695974503"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds338.fr8.c
content-type: image/png
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 6011

GET
H2 200 dan-perry-bw.png
d.newsweek.com/en/full/1899917/ 5 KB
5 KB 45ms
42ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1899917/dan-perry-bw.png?w=63&h=63&f=18920d56066c2decdb2fe6b9a4b8a97e

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

b37282820be5f58196fdf35b9b27bff1e15cbccd576bbb5333521e3229f06037

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Wed, 01 Feb 2023 12:40:50 GMT
server: Apache
x-cacheable: YES
etag: "1675255250"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds211.fr8.c
content-type: image/png
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 5297

GET
H2 200 nina-turner.png
d.newsweek.com/en/full/2250562/ 5 KB
5 KB 52ms
50ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2250562/nina-turner.png?w=63&h=63&f=b77e577e7a4a350f7f8783eb8b082056

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

98cd841cc4c1b7ce06841f9753edd0194569cd4807db58fbb4b59e45a658b6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 30 Jun 2023 18:14:29 GMT
server: Apache
x-cacheable: YES
etag: "1688148869"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds129.fr8.c
content-type: image/png
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 5443

GET
H2 200 julia-jassey.jpg
d.newsweek.com/en/full/2288066/ 2 KB
2 KB 53ms
51ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2288066/julia-jassey.jpg?w=63&h=63&f=13fedaa25ec3399b6cd15abe0eb80634

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

9c3eb4fb6c5b1447a14d2401ef4cb5467fe085b0dd1b259350ac3f3914b1dad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Thu, 28 Sep 2023 16:08:24 GMT
server: Apache
x-cacheable: YES
etag: "1695917304"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds271.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 1770

GET
H2 200 emma-marsano.jpg
d.newsweek.com/en/full/2285952/ 2 KB
2 KB 53ms
51ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2285952/emma-marsano.jpg?w=63&h=63&f=2440b2f86d1ea09c651ad859ea58b471

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

e26ac49f5471a6ee543ded47b2e2525912132ac877f3c5589b5a9252d4b65289

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Thu, 28 Sep 2023 12:13:17 GMT
server: Apache
x-cacheable: YES
etag: "1695903197"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds236.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 1602

GET
H2 200 andy-biggs.png
d.newsweek.com/en/full/2187946/ 5 KB
5 KB 55ms
53ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2187946/andy-biggs.png?w=63&h=63&l=53&t=54&f=605061277ae32065ef75d474464083b5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

9b7116fcbfb51f6c5e64cc49ecac7096cc1085dc419728e8f5d1821cc23050e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Thu, 28 Sep 2023 12:13:17 GMT
server: Apache
x-cacheable: YES
etag: "1695903197"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds341.fr8.c
content-type: image/png
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 5280

GET
H2 200 daniel-r-depetris-bw.png
d.newsweek.com/en/full/1896095/ 5 KB
5 KB 54ms
52ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1896095/daniel-r-depetris-bw.png?w=63&h=63&f=11e2e0766274eb90a0663b3fb2e79d95

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

d56f05596fc462f8ccd83627f96400dec572df7a21a7c25b43351a941eb68e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Thu, 09 Mar 2023 22:14:52 GMT
server: Apache
x-cacheable: YES
etag: "1678400092"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds214.fr8.c
content-type: image/png
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 5429

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1696003588370&aid=a-08dr&se=e30&duid=01a1b5c576a3--01hbgv203g5a3c53hsrex2e5qq&tna=v2.8.0&pu=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-i...
https://rp4.liadm.com/j?dtstmp=1696003588370&aid=a-08dr&se=e30&duid=01a1b5c576a3--01hbgv203g5a3c53hsrex2e5qq&tna=v2.8.0&pu=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-...

45 B
584 B

443ms
121ms

XHR
application/json

3.222.49.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1696003588370&aid=a-08dr&se=e30&duid=01a1b5c576a3--01hbgv203g5a3c53hsrex2e5qq&tna=v2.8.0&pu=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw%26utm_content%3D276331523%26utm_source%3Dhs_email&ext__pubcid=5198806b-c3e4-4df7-8474-1ee9243af4dd&wpn=lc-bundle&c=PHRpdGxlPkV4Y2x1c2l2ZTogSG93ICQxTSBGcm9tIENoaW5hLWxpbmtlZCBHcm91cHMgT2lsZWQgTmV3IFlvcmsgUG9saXRpY3M8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIE5ld3N3ZWVrIGludmVzdGlnYXRpb24gZm91bmQgY2FtcGFpZ24gY29udHJpYnV0aW9ucyBmcm9tIGtub3duICZxdW90O3VuaXRlZCBmcm9udCZxdW90OyBmaWd1cmVzIGFuZCBncm91cHMgaW4gdGhlIE5ldyBZb3JrIGFyZWEuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cubmV3c3dlZWsuY29tL2NoaW5hLWNvbW11bmlzdC1wYXJ0eS1uZXcteW9yay1wb2xpdGljYWwtaW5mbHVlbmNlLWNhbXBhaWduLWRvbmF0aW9ucy0xODI4NzMwIj48aDEgY2xhc3M9ImFyMjMtdGl0bGUiPkV4Y2x1c2l2ZTogSG93ICQxTSBGcm9tIENoaW5hLWxpbmtlZCBHcm91cHMgT2lsZWQgTmV3IFlvcmsgUG9saXRpY3M8L2gxPg&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmExNzg6NmJiODphYTU4&n3pc=true

Requested by

Protocol

Server

3.222.49.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-222-49-156.compute-1.amazonaws.com

Software

Resource Hash

1263444b34d4b24c8f97e6d937fa6f3f26df181da400856749d0842b8cc0b331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:29 GMT
x-pixel-event-id: 65418f50-0e90-4a1b-ad3f-234dd95c3016
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: a5f46a498506a624
content-length: 45
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1696003588370&aid=a-08dr&se=e30&duid=01a1b5c576a3--01hbgv203g5a3c53hsrex2e5qq&tna=v2.8.0&pu=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw%26utm_content%3D276331523%26utm_source%3Dhs_email&ext__pubcid=5198806b-c3e4-4df7-8474-1ee9243af4dd&wpn=lc-bundle&c=PHRpdGxlPkV4Y2x1c2l2ZTogSG93ICQxTSBGcm9tIENoaW5hLWxpbmtlZCBHcm91cHMgT2lsZWQgTmV3IFlvcmsgUG9saXRpY3M8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBIE5ld3N3ZWVrIGludmVzdGlnYXRpb24gZm91bmQgY2FtcGFpZ24gY29udHJpYnV0aW9ucyBmcm9tIGtub3duICZxdW90O3VuaXRlZCBmcm9udCZxdW90OyBmaWd1cmVzIGFuZCBncm91cHMgaW4gdGhlIE5ldyBZb3JrIGFyZWEuIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cubmV3c3dlZWsuY29tL2NoaW5hLWNvbW11bmlzdC1wYXJ0eS1uZXcteW9yay1wb2xpdGljYWwtaW5mbHVlbmNlLWNhbXBhaWduLWRvbmF0aW9ucy0xODI4NzMwIj48aDEgY2xhc3M9ImFyMjMtdGl0bGUiPkV4Y2x1c2l2ZTogSG93ICQxTSBGcm9tIENoaW5hLWxpbmtlZCBHcm91cHMgT2lsZWQgTmV3IFlvcmsgUG9saXRpY3M8L2gxPg&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmExNzg6NmJiODphYTU4&n3pc=true
access-control-allow-origin: https://www.newsweek.com
request-time: 0
access-control-allow-credentials: true
trace-id: 456333c72f00f8ae
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 49ms
49ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Fri, 29 Sep 2023 16:21:28 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 195ms
44ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Fri, 29 Sep 2023 16:06:28 GMT
Cache-Control: no-cache
Last-Modified: Friday, 29-Sep-2023 16:06:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
fpa-events.newsweek.com/plogger/ 43 B
257 B 470ms
112ms Image
image/gif 34.225.27.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fpa-events.newsweek.com/plogger/?rand=1696003588469&plid=0c5686a4-65ef-48a8-931d-b9ee09bb6bb8&idsite=newsweek.com&url=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw%26utm_content%3D276331523%26utm_source%3Dhs_email&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw%26utm_content%3D276331523%26utm_source%3Dhs_email&sref=&sts=1696003588464&slts=0&title=Exclusive%3A+How+%241M+From+China-linked+Groups+Oiled+New+York+Politics&date=Fri+Sep+29+2023+18%3A06%3A28+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=b7435de5-2fcd-4f94-9e6f-ac7da505a04f&u=pid%3Dcac7f5f6-d349-4246-a1b4-afc3b73ce71f
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.27.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-27-9.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Fri, 29 Sep 2023 16:06:28 GMT
Cache-Control: no-cache
Last-Modified: Friday, 29-Sep-2023 16:06:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 28ms
27ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1671057834&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw%26utm_content%3D276331523%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Exclusive%3A%20How%20%241M%20From%20China-linked%20Groups%20Oiled%20New%20York%20Politics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAAAACAAI~&jid=777521523&gjid=1069669742&cid=1826504350.1696003588&tid=UA-44450862-1&_gid=1523443867.1696003588&_slc=1&gtm=45He39r0n81TVS8NW5&cd1=Didi%20Kirsten%20Tatlow&cd2=Politics&cd3=&cd4=US&cd5=en&cd6=article&cd7=1828730&cd8=20230928&cd9=202309&cd10=newsweek.com%2Fpolitics%2Farticle&cd12=N&cd13=N&cd14=Y&cd15=Y&cd17=Law%2C%20Gov%27t%20%26%20Politics&cd18=related&cd19=web&cd20=73&cd21=8&cd22=article&cd23=web&cd24=N&cd25=China%2C%20Chinese%20Communist%20Party%2C%20New%20York%2C%20Eric%20Adams%2C%20Hillary%20Clinton%2C%20Republicans%2C%20Democrats%2C%20Elections%2C%20Voting&cd26=ndef&cd27=nonpromoted&cd30=Y&cd31=3&cd32=N&cd33=ndef&cd34=anon&cd35=3356&cd36=Other&cd37=4g&cd38=web&cd40=Exclusive&cd41=2&cd42=11&cd43=United%20States&cd44=N&cd45=N&cd46=0&cd48=n&cd50=over40&cd51=2023&cd52=9&cd53=y&cd54=n&cd55=N&cd56=y&cd57=&cd58=web&cd59=a1_5&cd60=Y&cd61=N&cd62=N&cd63=N&cd64=N&cm1=0&z=1475324123

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 83ms
27ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-44450862-1&cid=1826504350.1696003588&jid=777521523&gjid=1069669742&_gid=1523443867.1696003588&_u=YGBAgUABAAAAAGAAI~&z=1928528070

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 29 Sep 2023 16:06:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 74ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2PP6KZK9B2&gtm=45je39r0&_p=1671057834&cid=1826504350.1696003588&ul=en-us&_geo=1&_rdi=1&_s=1&sid=1696003588&sct=1&seg=0&dl=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw%26utm_content%3D276331523%26utm_source%3Dhs_email&dt=Exclusive%3A%20How%20%241M%20From%20China-linked%20Groups%20Oiled%20New%20York%20Politics&en=page_view&_fv=1&_ss=1&ep.author=Didi%20Kirsten%20Tatlow&ep.section=Politics&ep.content_source=&ep.platform=web
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2PP6KZK9B2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid_amp.js Show response
g.newsweek.com/www/js/ Frame FDD4 348 KB
110 KB 27ms
25ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0

Requested by

Host: videos.newsweek.com
URL: https://videos.newsweek.com/share/565302?autostart=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

cf80003f0aa2727921078ca25d73eeabd73e6a06d559b7a9f11f90a47d7b0847

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videos.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 22 Sep 2023 20:52:40 GMT
server: Apache
etag: "1695415960"
x-hw: 1696003588.cds226.fr8.hn,1696003588.cds151.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 112883

GET
H2 200 a0967c2b28ca71446c315148e20cf888.js Show response
g.newsweek.com/sys/js/ Frame FDD4 737 KB
218 KB 30ms
28ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/js/a0967c2b28ca71446c315148e20cf888.js?v=1695994039

Requested by

Host: videos.newsweek.com
URL: https://videos.newsweek.com/share/565302?autostart=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

6e51549d5e441a65c54ac8b326175ff67ebd26d2f91721e09065b526c0bc0ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videos.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Fri, 29 Sep 2023 13:30:42 GMT
server: Apache
etag: "1695994242"
x-hw: 1696003588.cds226.fr8.hn,1696003588.cds281.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 222919

GET
H2 200 gallagher.webp
d.newsweek.com/en/full/2280681/ Frame FDD4 27 KB
27 KB 43ms
42ms Image
image/webp 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/2280681/gallagher.webp?w=736&h=414&f=1c2446350da9c601b517d8099cb67615

Requested by

Host: videos.newsweek.com
URL: https://videos.newsweek.com/share/565302?autostart=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

7ee3756fa967ee060f179f0b8c7591dc7709b6f993f471398572660290e99973

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videos.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=86400; includeSubDomains
last-modified: Thu, 28 Sep 2023 09:05:24 GMT
server: Apache
x-cacheable: YES
etag: "1695891924"
x-hw: 1696003588.cds330.fr8.hn,1696003588.cds136.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 27994

GET
H2 200 video-iframe-integration-v0.js Show response
cdn.ampproject.org/ Frame FDD4 6 KB
3 KB 113ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/video-iframe-integration-v0.js

Requested by

Host: videos.newsweek.com
URL: https://videos.newsweek.com/share/565302?autostart=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a700b5954ac790b985c59fa0757832f3886a90aef4899a3e459b57cd57690232

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videos.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 29 Sep 2023 16:06:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2135
x-xss-protection: 0
server: sffe
etag: "6274fb6599ee85b0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 29 Sep 2023 16:06:28 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FDD4 358 KB
123 KB 81ms
29ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: videos.newsweek.com
URL: https://videos.newsweek.com/share/565302?autostart=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

735fa4096e489f911f7a495f251f61c17a69c021622c5b904b9742be95be9f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videos.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125650
x-xss-protection: 0
expires: Fri, 29 Sep 2023 16:06:28 GMT

GET
H2 200 pixel.js Show response
cdn.fqtag.com/1.27.339-ccfb11a/ 88 KB
88 KB 77ms
21ms Script
application/javascript 35.190.36.172
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.36.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 15:07:09 GMT
age: 3559
x-guploader-uploadid: ADPycdvDO-9HnuPwhrxuriH57vuf9CGr4zGqnD5t5khxrpOZU5rOcJ-_PgIScbczEPHe9vcT04raD5xNqxZJ8rdbAK8TghfgNtbz
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89647
last-modified: Wed, 27 Jan 2021 19:48:44 GMT
server: UploadServer
etag: "e0eff30579598f76147c9ea12f490d21"
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
x-goog-generation: 1611776924905378
content-language: en
content-type: application/javascript
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 89647
accept-ranges: bytes
expires: Fri, 29 Sep 2023 16:07:09 GMT

GET
DATA 200
OK truncated
/ Frame 3CAA 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0D82 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 98ms
45ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-44450862-1&cid=1826504350.1696003588&jid=777521523&_u=YGBAgUABAAAAAGAAI~&z=551815899

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 98ms
46ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-44450862-1&cid=1826504350.1696003588&jid=777521523&_u=YGBAgUABAAAAAGAAI~&z=551815899

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame FDD4 52 KB
21 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: videos.newsweek.com
URL: https://videos.newsweek.com/share/565302?autostart=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videos.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 29 Sep 2023 15:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1327
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 29 Sep 2023 17:44:21 GMT

GET
H2 200 userEvents:collect
recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/ 7 B
275 B 132ms
52ms Image
image/gif 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/userEvents:collect?key=AIzaSyC941bziWOAfKYUryv4ZGBrZgm3nYWfyzE&uri=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw%26utm_content%3D276331523%26utm_source%3Dhs_email&user_event=%7B%22eventType%22%3A%22detail-page-view%22%2C%22userInfo%22%3A%7B%22visitorId%22%3A%22GA1.1.1826504350.1696003588%22%7D%2C%22productEventDetail%22%3A%7B%22productDetails%22%3A%5B%7B%22id%22%3A%221828730%22%7D%5D%7D%7D&ets=1696003588805

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:28 GMT
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 34ms
33ms Image
text/plain 18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6972086&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1696003588807&ns_c=UTF-8&cs_cmp_nc=1&cs_fpcd=1&c7=https%3A%2F%2Fwww.newsweek.com%2Fchina-communist-party-new-york-political-influence-campaign-donations-1828730%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw%26utm_content%3D276331523%26utm_source%3Dhs_email&c8=Exclusive%3A%20How%20%241M%20From%20China-linked%20Groups%20Oiled%20New%20York%20Politics&c9=
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
via: 1.1 cf275c3404dbe6c17a831886bac6a64c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: c66NK--KrHPgO4PbbfAAapVr-70g3DPHM6iN8-go49Uv4yoZlIFBeQ==
x-cache: Miss from cloudfront

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3CAA 276 KB
90 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KW52XHYN9H

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/14579019/embed?auto=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9de26055f9bd39842ed83bbb539d0cadcca46b7b6e8daeff6773c29c41c769dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92449
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Sep 2023 16:06:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3CAA 5 KB
1 KB 79ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/14579019/embed?auto=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbd72c9f40a8903d4eb22dd875d21dcb4e604b01c9b57c5847cd9c5ee1ee6af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 14:40:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Sep 2023 16:06:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 0D82 276 KB
90 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KW52XHYN9H

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/14579378/embed?auto=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9de26055f9bd39842ed83bbb539d0cadcca46b7b6e8daeff6773c29c41c769dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92449
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Sep 2023 16:06:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0D82 5 KB
756 B 73ms
32ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/14579378/embed?auto=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbd72c9f40a8903d4eb22dd875d21dcb4e604b01c9b57c5847cd9c5ee1ee6af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 14:09:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Sep 2023 16:06:28 GMT

GET
H2 200 index.html Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 2 KB
1 KB 90ms
25ms Document
text/html 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29b7f78db08d77ff1943d06b6a5f1ebf24843b1fb8cd40da79d576101f5f0b5e

Request headers

Referer: https://www.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 380769
cache-control: must-revalidate,public,max-age=604800
content-encoding: gzip
content-type: text/html
date: Mon, 25 Sep 2023 06:20:20 GMT
etag: W/"a9695f3941d7e7d526084ac0c78593a3"
last-modified: Thu, 29 Jun 2023 14:13:47 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
x-amz-cf-id: w9E3gjSNdMtMKpxju_GQ__-HtzQ9PWDBLiA83hob4i8R5cdEVEgO4g==
x-amz-cf-pop: AMS1-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
x-amz-server-side-encryption: AES256
x-amz-version-id: mMOxPR4wccQHn7eK2ShHcsN98sN9sFyx
x-cache: Hit from cloudfront

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame FDD4 0
67 B 31ms
30ms Fetch 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=33
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://videos.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://videos.newsweek.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame FDD4 63 B
424 B 48ms
47ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=ww6qwsf&fmt=json
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: c932465e168592cf635b755c83988e681b12c1f28779565075a476550298b9e3

Request headers

Referer: https://videos.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Sep 2023 16:06:28 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://videos.newsweek.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sun, 29 Oct 2023 16:06:28 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
398 B 160ms
43ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:29 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.newsweek.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Fri, 29 Sep 2023 16:36:29 GMT

GET
H2 200 play-list Show response
d.newsweek.com/widget/ Frame FDD4 15 KB
2 KB 463ms
462ms XHR
application/json 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://d.newsweek.com/widget/play-list?nid=565302&autostart=0&t=471111&s=1695891602

Requested by

Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/a0967c2b28ca71446c315148e20cf888.js?v=1695994039

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache /

Resource Hash

ed3cb9e27ff9cfd6fdcfd2e8b594e2c7e6d7262ff80fd737caa29710abaace17

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://videos.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:29 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
x-cacheable: YES
server: Apache
last-modified: Fri, 29 Sep 2023 16:06:29 GMT
etag: "1696003589"
x-hw: 1696003589.cds281.fr8.hn,1696003589.cds329.fr8.sc,1696003589.cds329.fr8.p
content-type: application/json
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000
accept-ranges: bytes
content-length: 2144

GET
H2 200 styles.css
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 90 KB
10 KB 29ms
28ms Stylesheet
text/css 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/styles.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3e3364000ec84f9157c3a6f14bb7a9e94a94580285ab2099f3dec70813598b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 22:15:29 GMT
x-amz-version-id: AhcMLACipW38IbrhTU0KcbkNv9KuT6Cq
content-encoding: br
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
age: 323461
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:13:51 GMT
server: AmazonS3
etag: W/"4c026bf7d2ffd19085a25708e85bd46a"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
content-type: text/css
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: WR49-vB1Uc5I1vAnPCc7j1YySfrhUn84dJD8ikfG9ldkC28OOzY1mw==

GET
H2 200 openSans.css
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 28 KB
3 KB 30ms
29ms Stylesheet
text/css 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bf79e850ad807829b226d4b8ce95454fbf51391bf15f4877304e4639aebda9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: 9cjgB1VIYV7Arn9VEaHhqg1J3V2F.krs
content-encoding: gzip
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 06:19:33 GMT
x-amz-cf-pop: AMS1-P3
age: 380817
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:14:00 GMT
server: AmazonS3
etag: W/"204532610e6b33ef73b54fca795166e3"
vary: Accept-Encoding
content-type: text/css
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: mpzTjmBwmNKS7AWSAbpq6ZZ1Fn630RkiO-KUD6HAOEAAvmhn3LvGcA==

GET
H2 200 runtime.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 3 KB
2 KB 30ms
29ms Script
application/x-javascript 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1357132a872bc3c79a758f8ee6bd845da8dd085917d3948fd9ea7eb5cbc8228d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: kdcsHG.4aLxKfbJ2GRLMueIoIP15lLVx
content-encoding: br
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 06:19:07 GMT
x-amz-cf-pop: AMS1-P3
age: 380843
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:14:13 GMT
server: AmazonS3
etag: W/"a03d9881b932cb6ea8403f3d8fee84f2"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: 2LEkKukhrzRTaz-rbgk3fYLZgi5n9iHQvRx5xU4CYfwczxz5JBjJYw==

GET
H2 200 polyfills.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 33 KB
12 KB 33ms
32ms Script
application/x-javascript 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fc37ea63bfeffd825a2a6cfd9690c3d520567053cf80b7e24ad230fe3e3d7eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: gKQG6KyvRItCTgC8bBC1O1A9R4Ak07rU
content-encoding: br
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 06:19:06 GMT
x-amz-cf-pop: AMS1-P3
age: 415295
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:14:16 GMT
server: AmazonS3
etag: W/"17e967a32df4a362bac3a7a7a7786b26"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: ODl1lTVzKXp-WxVDEeoTKJEsdIuq-pyWxRXEtNzE9W9IBUp43hdklw==

GET
H2 200 vendor.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 614 KB
166 KB 37ms
37ms Script
application/x-javascript 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cdcef9697c089ce9010cd05ab8e4315bf6a9c94e152f25283e4a4162b8a671c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: VqgLY1knJBWkV3sBisChgUs13rElctew
content-encoding: br
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 06:19:06 GMT
x-amz-cf-pop: AMS1-P3
age: 392429
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:13:50 GMT
server: AmazonS3
etag: W/"8ff5a846ce4c6c3f66a1a4c23691767d"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: 8ne1seDtRKnEmZ0OGwzD462ewt62z-awvJ57GAZOIvkWpjsEpZVmqA==

GET
H2 200 main.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 41 KB
11 KB 95ms
95ms Script
application/x-javascript 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6f083792ee52f3f1f59868bd453a0d2a99d87bded892ab4277a6e709b20352f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: MLhgzwj8efMZy1TYZRoe48Zz.sN2E46t
content-encoding: br
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 06:19:06 GMT
x-amz-cf-pop: AMS1-P3
age: 502985
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:13:57 GMT
server: AmazonS3
etag: W/"eaeec185d77c9c0f9969fab08c0b59fe"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: nuqNB_eRAt5-CWRMPB8GrDcclQJVinSCeafaJwdU9miCPupfZmT3ig==

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 0D82 15 KB
15 KB 78ms
27ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 25412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 09:02:57 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 0D82 14 KB
15 KB 72ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:39:59 GMT
x-content-type-options: nosniff
age: 375990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Sep 2024 07:39:59 GMT

GET
H2 200 defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 0
6 KB 26ms
25ms Other
text/css 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: NLV2Hm3K8YaxwhTlJBCmfjbV_K7yN3rg
content-encoding: br
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 06:42:23 GMT
x-amz-cf-pop: AMS1-P3
age: 379447
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:14:02 GMT
server: AmazonS3
etag: W/"30bbf60507ab9bb9623e7718ea88cc56"
vary: Accept-Encoding
content-type: text/css
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: X3l0cwgCaUnPZvBuvuUcuwkpUMKqUtRpblhHfXCyLW3ouWRdzl-x1Q==

GET
H2 200 runtime.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 3 KB
2 KB 27ms
26ms Script
application/x-javascript 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1357132a872bc3c79a758f8ee6bd845da8dd085917d3948fd9ea7eb5cbc8228d

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: kdcsHG.4aLxKfbJ2GRLMueIoIP15lLVx
content-encoding: br
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 06:19:07 GMT
x-amz-cf-pop: AMS1-P3
age: 380843
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:14:13 GMT
server: AmazonS3
etag: W/"a03d9881b932cb6ea8403f3d8fee84f2"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: rIIibtKdtA7QDNNe5OIvi3xsTE-3gG0oIugL9ajlEZEeVNOsuLhCvA==

GET
H2 200 polyfills.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 33 KB
12 KB 27ms
27ms Script
application/x-javascript 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fc37ea63bfeffd825a2a6cfd9690c3d520567053cf80b7e24ad230fe3e3d7eb

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: gKQG6KyvRItCTgC8bBC1O1A9R4Ak07rU
content-encoding: br
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 06:19:06 GMT
x-amz-cf-pop: AMS1-P3
age: 415295
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:14:16 GMT
server: AmazonS3
etag: W/"17e967a32df4a362bac3a7a7a7786b26"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: PO8N4jMs_30ulqYfTioJ1WJxetlgSiw2SqOqTShHFUAHfrNsxQlgcg==

GET
H2 200 vendor.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 614 KB
166 KB 29ms
28ms Script
application/x-javascript 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cdcef9697c089ce9010cd05ab8e4315bf6a9c94e152f25283e4a4162b8a671c

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: VqgLY1knJBWkV3sBisChgUs13rElctew
content-encoding: br
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 06:19:06 GMT
x-amz-cf-pop: AMS1-P3
age: 392429
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:13:50 GMT
server: AmazonS3
etag: W/"8ff5a846ce4c6c3f66a1a4c23691767d"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: 5w8pWkaY36fPU0e0ZkVLxDVwIy3qvPKMVI9NOq46nrY8lucfpK6A-Q==

GET
H2 200 main.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 41 KB
11 KB 44ms
44ms Script
application/x-javascript 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6f083792ee52f3f1f59868bd453a0d2a99d87bded892ab4277a6e709b20352f

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: MLhgzwj8efMZy1TYZRoe48Zz.sN2E46t
content-encoding: br
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 06:19:06 GMT
x-amz-cf-pop: AMS1-P3
age: 502985
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:13:57 GMT
server: AmazonS3
etag: W/"eaeec185d77c9c0f9969fab08c0b59fe"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: C9fiIIxzGHWqOXeqQHA8NnRcAnoHVc3UMQbGgWbjqlmK1sYc009y-Q==

POST
H3 204 pixel Show response
fqtag.com/ 0
10 B 74ms
30ms XHR
text/plain 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fqtag.com/pixel
Requested by: Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 161.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 16:06:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 0D82 0
68 B 28ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KW52XHYN9H&gtm=45je39r0&_p=1730995601&gcs=G100&cid=2032258112.1696003589&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1696003589&sct=1&seg=0&dl=https%3A%2F%2Fflo.uri.sh%2Fvisualisation%2F14579378%2Fembed%3Fauto%3D1&dr=https%3A%2F%2Fwww.newsweek.com%2F&dt=POI%20Contributions%20By%20Candidate%20Party&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KW52XHYN9H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flo.uri.sh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3CAA 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 25412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 09:02:57 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3CAA 14 KB
14 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:39:59 GMT
x-content-type-options: nosniff
age: 375990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Sep 2024 07:39:59 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 223 KB
65 KB 40ms
38ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:29 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 17:51:49 GMT
server: Apache
etag: "37c41-60386a6319d17-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 66128
expires: Fri, 29 Sep 2023 16:21:29 GMT

POST
H/1.1 400
Bad Request cookie_sync Show response
prebid-server.rubiconproject.com/ Frame FDD4 49 B
323 B 238ms
26ms Fetch 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/cookie_sync
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e

Request headers

Referer: https://videos.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://videos.newsweek.com
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 71
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame FDD4 173 B
471 B 232ms
24ms Fetch
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 938f250c528a0870214ce4b8f509efaec35b042a152835e4b73b76a2398a97fd

Request headers

Referer: https://videos.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.130.0
Content-Type: application/json
access-control-allow-origin: https://videos.newsweek.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame FDD4 173 B
472 B 231ms
25ms Fetch
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 821badcd0d274304b65301b59b6aafd089a8e3247385f40ba6848ab9b17b2090

Request headers

Referer: https://videos.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.130.0
Content-Type: application/json
access-control-allow-origin: https://videos.newsweek.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
Expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame FDD4 0
116 B 127ms
48ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://videos.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://videos.newsweek.com
date: Fri, 29 Sep 2023 16:06:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame FDD4 19 B
530 B 173ms
112ms Fetch
application/json 3.64.105.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.16.0&referrer=https%3A%2F%2Fwww.newsweek.com&tmax=2000

Requested by

Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.64.105.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-105-94.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://videos.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:29 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
content-type: application/json; charset=utf-8
access-control-allow-origin: https://videos.newsweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 204
No Content / Show response
ads.resetsrv.com/ Frame FDD4 0
385 B 652ms
210ms Fetch
text/html 167.99.21.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.resetsrv.com/
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.21.53 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://videos.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://videos.newsweek.com
date: Fri, 29 Sep 2023 16:06:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-methods: GET, POST
content-type: text/html

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ Frame FDD4 53 B
261 B 76ms
28ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e4c6364af6258cac37a9dc3423612d073551f369b4e6be28ac7c49295ca82a83

Request headers

Referer: https://videos.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 29 Sep 2023 16:06:29 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://videos.newsweek.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame FDD4 37 B
546 B 386ms
337ms Fetch
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=422730
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7b5f4303a026c5f56c88b0d7bb7a3faa1e76ea6281fec5c2451f3f53c9e10df

Request headers

Referer: https://videos.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfhKpMy8oto1w8S9L0TuWFwOXLyZfMpc%2FfMRRyHBDoX5meruYvAjPcwR4uJinHVabvb54Qk4743Wn59cPhEiCPDcNjlmQHDtHT60fVg5hr5bTWKqYIYTN8jpK6NyhsrZjqd5SKiB"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://videos.newsweek.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80e57940ec639be8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 hb Show response
hb.undertone.com/ Frame FDD4 0
523 B 396ms
320ms Fetch 18.239.36.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=4083&domain=newsweek.com
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-57.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://videos.newsweek.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:29 GMT
via: 1.1 1b7d5366c33b2955ce3e4c9398a0f058.cloudfront.net (CloudFront)
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop: AMS58-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://videos.newsweek.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-amz-cf-id: 6MjATGdtMVPXmWrAljJT-bbCPGPHjPtQFW8UCiQhbJmvBNCpNLz9uw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ Frame 3CAA 0
17 B 28ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KW52XHYN9H&gtm=45je39r0&_p=1688096106&gcs=G100&cid=1601888526.1696003589&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1696003589&sct=1&seg=0&dl=https%3A%2F%2Fflo.uri.sh%2Fvisualisation%2F14579019%2Fembed%3Fauto%3D1&dr=https%3A%2F%2Fwww.newsweek.com%2F&dt=POI%20Contributions%20By%20Recipient%20Category&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KW52XHYN9H
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flo.uri.sh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb394478-660c-4c11-8736-a78994173ade.jpg
public.flourish.studio/uploads/1343121/ Frame 0D82 18 KB
19 KB 31ms
31ms Image
image/jpeg 13.227.219.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/1343121/fb394478-660c-4c11-8736-a78994173ade.jpg
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-126.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8cdf23a59ece5c24758a4893e553ada37d69f45fa90691eae0dd4204574e5410

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: lqpF1iE9k9.Hc2a1YNtkrjSmHa3G9JTG
date: Fri, 29 Sep 2023 05:28:59 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 42320
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 18538
last-modified: Mon, 05 Dec 2022 08:27:53 GMT
server: AmazonS3
etag: "1c3aa6b1ad71ebef50c1f041d2ae0de3"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: kTZj6cQcBOL1hRjgGx8WdxcS-ilZjUmU_A06v6D9r32PGG43rwqI0A==

GET
H2 200 fb394478-660c-4c11-8736-a78994173ade.jpg
public.flourish.studio/uploads/1343121/ Frame 3CAA 18 KB
19 KB 33ms
32ms Image
image/jpeg 13.227.219.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/1343121/fb394478-660c-4c11-8736-a78994173ade.jpg
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/14579019/embed?auto=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-126.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8cdf23a59ece5c24758a4893e553ada37d69f45fa90691eae0dd4204574e5410

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: lqpF1iE9k9.Hc2a1YNtkrjSmHa3G9JTG
date: Fri, 29 Sep 2023 05:28:59 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 42320
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 18538
last-modified: Mon, 05 Dec 2022 08:27:53 GMT
server: AmazonS3
etag: "1c3aa6b1ad71ebef50c1f041d2ae0de3"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 66gjiosgcoHFio1_eKeuJLnOWQMM1e8hxEbOje1AfbJjKiXkxi4Png==

GET
H/1.1 200
OK a-08dr Show response
i.liadm.com/s/c/ Frame D221 658 B
907 B 478ms
118ms Document
text/html 54.82.170.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-08dr?s=&cim=&ps=true&ls=true&duid=01a1b5c576a3--01hbgv203g5a3c53hsrex2e5qq&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.170.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-170-117.compute-1.amazonaws.com

Software

Resource Hash

ce8f28688a091db72f7fc9e8757f82955d06c0489051aa88f25f5554b2b61f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 456
Content-Type: text/html; charset=UTF-8
Date: Fri, 29 Sep 2023 16:06:29 GMT
Request-Time: 3
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2 200 baker
sli.newsweek.com/ 0
308 B 120ms
25ms Image
image/gif 2600:9000:2449:3600:10:c6f4:d940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sli.newsweek.com/baker?dtstmp=1696003589324
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:3600:10:c6f4:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:29 GMT
via: 1.1 974cf949b2620b8e0ad40b141c958290.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P6
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 0
x-amz-cf-id: vY0k5eNx70iByK6P3UnTDfYCl2X_FVC1vQ_PIuMMt-lWcrghSk_Kmw==

GET
H2 200 847.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 58 KB
12 KB 27ms
26ms Script
application/x-javascript 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/847.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a954e36539d8c2dc162a36c7abf05861aa3219a4e76ee46efce46c9f8d26862

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: mrmBGHcC_YIPhKQqaU31QdVZgxs23x3K
content-encoding: br
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Sun, 24 Sep 2023 14:26:35 GMT
x-amz-cf-pop: AMS1-P3
age: 437995
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:13:52 GMT
server: AmazonS3
etag: W/"af2fdb1c9909e096d9b1221d7d91d6e8"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: NFmspKvfvyJ_apWPVS54iIZPj6YWLLB2bQuVDDbAFt8lvba6oEsdnQ==

GET
H2 200 650.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 24 KB
6 KB 28ms
27ms Script
application/x-javascript 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/650.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ef0d996e14b20b4715d87ef93180ecc6f452c28123fea0bae760b4b4902d66f

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: eHPbi.2GVj21p3aZPlZDEx2aw2gaGGq1
content-encoding: gzip
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 19:06:52 GMT
x-amz-cf-pop: AMS1-P3
age: 379447
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:13:53 GMT
server: AmazonS3
etag: W/"db6a653d43eef720a6629b7ed1775a87"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
access-control-allow-origin: *
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: aobj5Nhpz2E6uwnWbaQ580yb2vCte3BraGvL0Y86P7HpQ6TQz7hpiA==

GET
H2 200 bloodyMary.css
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 32 KB
6 KB 31ms
25ms Stylesheet
text/css 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/bloodyMary.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9751c2aded7a7be8cedcf3b8d2b74d70bdf5cc1c70294c7c3050fad944e4fb01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: Ir0DvpmN7hwpFe8mke8d30.gTOmpjbIH
content-encoding: gzip
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
date: Sat, 23 Sep 2023 21:55:31 GMT
x-amz-cf-pop: AMS1-P3
age: 497459
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:14:25 GMT
server: AmazonS3
etag: W/"369950bbd1a58f086fb4fd74b7b4c230"
vary: Accept-Encoding
content-type: text/css
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: uOU8k8O_NNTqOZ1Sggx619BF8hORxw7TsbDD_RSsy8Y7N5Tu_ntZAg==

GET
H2 200 702.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 128 KB
22 KB 32ms
26ms Script
application/x-javascript 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/702.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae4a87ac8b3d09b49b1d1f3f23dea0074a03ff89680119c45fff2082130b1502

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:51:37 GMT
x-amz-version-id: j8KHUzwPaoqh5It_EqPm0iuAfamaY5ua
content-encoding: br
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
age: 544492
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
last-modified: Thu, 29 Jun 2023 14:13:48 GMT
server: AmazonS3
etag: W/"6807c6f46b1d87ed0aa1487c891a8ec5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-id: ishMO3DxFC8ND0xyj7LTz7SMRlGegoTY3ahBwc-59etpxytWWDVFdw==

GET
H2 200 open-sans-latin-400-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 16 KB
17 KB 26ms
26ms Font
application/octet-stream 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-400-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: gVdqmD2HAYwW3_UMxrswjw6GQj_e2IJh
date: Thu, 28 Sep 2023 13:38:47 GMT
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
age: 139662
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
content-length: 16740
last-modified: Thu, 29 Jun 2023 14:14:21 GMT
server: AmazonS3
etag: "e43b535855a4ae53bd5b07a6eeb3bf67"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
access-control-allow-origin: *
content-type: application/octet-stream
cache-control: must-revalidate,public,max-age=604800
accept-ranges: bytes
x-amz-cf-id: UTjxGuVTUnSVBNDwr6ILZPmlGoFrm66FBSJtaVIyYtZ8uibSe7vqCw==

GET
H2 200 manager-logo.png
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ Frame 6DB7 7 KB
8 KB 26ms
26ms Image
image/png 2600:9000:20a0:6600:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/manager-logo.png?time=1597988436991
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:6600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 058a98c46e5b15ed2c067641fe8cc79cc167a3c1aa024247d3675135a70392a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: 2ie1Ur9NR5wMAjHZDgsckdhCF6rAqE5F
date: Fri, 29 Sep 2023 07:49:05 GMT
via: 1.1 818c6aa3ba5cbb6c0be8757bc2002810.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 29845
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 7360
last-modified: Fri, 21 Aug 2020 05:40:36 GMT
server: AmazonS3
etag: "c0ece874cb8828b768781f22c83538d0"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: Zrp_X0KAI50APnyhg9UmtyfQWl4s0LyluW3DroneBYx8n4O8XRb0ag==

GET
H2 200 icon-chevron-left.svg
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 441 B
1 KB 27ms
26ms Image
image/svg+xml 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmp-consent-tool.privacymanager.io/latest/icon-chevron-left.svg
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/bloodyMary.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/bloodyMary.css
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: uyLERXNpAuIXtuqTrnIfZclDnM4VXQAi
date: Wed, 27 Sep 2023 23:16:41 GMT
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
age: 357029
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
content-length: 441
last-modified: Thu, 29 Jun 2023 14:13:58 GMT
server: AmazonS3
etag: "e2760515a843a0256b4b810489b5426b"
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: must-revalidate,public,max-age=604800
accept-ranges: bytes
x-amz-cf-id: hi9Lz_DLzUYqOcUszZY0Wd0F5WqoX9uJYVuAgjnGya9EUK7G82HXMA==

GET
H2 200 open-sans-latin-700-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 16 KB
17 KB 27ms
26ms Font
application/octet-stream 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-700-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: WDz2x1QOBeYgz.KpKpgOBD7ctzl0qsA9
date: Mon, 25 Sep 2023 07:21:35 GMT
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
age: 407153
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
content-length: 16372
last-modified: Thu, 29 Jun 2023 14:13:53 GMT
server: AmazonS3
etag: "e45478d4d6f15dafda1f25d9e0fb5fa1"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
content-type: application/octet-stream
cache-control: must-revalidate,public,max-age=604800
accept-ranges: bytes
x-amz-cf-id: x7UD_JJRTXoCyapmsqXqafVv32Ax6WrebOi9vZSGZht00VGWu2swvw==

GET
H2 200 open-sans-latin-600-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame 6DB7 16 KB
17 KB 30ms
29ms Font
application/octet-stream 18.239.94.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-600-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: 0NVwW87XJ3Innft2IGf.7zjm68sua5xr
date: Thu, 28 Sep 2023 13:38:47 GMT
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
age: 425125
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:87c45df7-0a55-4226-a0f1-d3fa666e1240
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: eba1571ca2d11de1cbb5ac1ec23a69bc
content-length: 16756
last-modified: Thu, 29 Jun 2023 14:14:23 GMT
server: AmazonS3
etag: "603c99275486a11982874425a0bc0dd1"
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 6c78d71c6a899206d311271066fc68d46bf594d91ab334399b367aeb52793739
access-control-allow-origin: *
content-type: application/octet-stream
cache-control: must-revalidate,public,max-age=604800
accept-ranges: bytes
x-amz-cf-id: 2jncDHbzDAsqgVUqQfd7ZiogSo3axsvn29kWhym9ctYAQ4tch5ILLA==

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame D221 43 B
363 B 85ms
26ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08dr?s=&cim=&ps=true&ls=true&duid=01a1b5c576a3--01hbgv203g5a3c53hsrex2e5qq&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:29 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 211195
expires: Fri, 29 Sep 2023 00:00:00 GMT

GET
H/1.1 200
OK a-08dr
i6.liadm.com/s/c/ Frame D221 0
0 457ms
111ms Image
text/html 2600:1f18:ed:550f:70e6:f7b1:bd3b:3c24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i6.liadm.com/s/c/a-08dr?duid=01a1b5c576a3--01hbgv203g5a3c53hsrex2e5qq&ls=true&monitorExternalSyncs=false&cim=&ps=true&ci=0&ppid=0&s=&euns=0&nosync=false&version=sc-v0.2.0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08dr?s=&cim=&ps=true&ls=true&duid=01a1b5c576a3--01hbgv203g5a3c53hsrex2e5qq&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:ed:550f:70e6:f7b1:bd3b:3c24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 bridge3.593.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5037 723 KB
232 KB 21ms
20ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://videos.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 147253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 237116
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 23:12:16 GMT
expires: Thu, 26 Sep 2024 23:12:16 GMT
last-modified: Wed, 27 Sep 2023 23:10:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FDD4 44 KB
17 KB 103ms
28ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videos.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 16:06:29 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 64E0 40 KB
14 KB 75ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 15:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 29 Sep 2023 16:36:14 GMT

GET resquest-1-1-1694451531.m3u8
video.newsweek.com/transcoder/480hls/2826/ Frame FDD4 0
0

GET
DATA 200
OK truncated
/ Frame FDD4 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://videos.newsweek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 resquest-1-1-1694451531.m3u8 Show response
video.newsweek.com/transcoder/480hls/2826/ Frame FDD4 313 B
640 B 98ms
42ms XHR
application/x-mpegurl 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://video.newsweek.com/transcoder/480hls/2826/resquest-1-1-1694451531.m3u8
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/a0967c2b28ca71446c315148e20cf888.js?v=1695994039
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 27dcb65edae7dc69e34b1adef667d07e9de44119a814d12cc1909ba2b03ddeda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videos.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:29 GMT
last-modified: Mon, 11 Sep 2023 16:59:04 GMT
server: AmazonS3
x-amz-request-id: K2NN0ZZ974J8PT6J
etag: "404332db64f0a9d1ebc44ab2913d8d51"
x-amz-server-side-encryption: AES256
x-hw: 1696003589.cds256.fr8.hn,1696003589.cds217.fr8.c
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: max-age=2516054
accept-ranges: bytes
content-length: 313
x-amz-id-2: nr5asGDZ9PzIDNC1NYZUHq88EkIbFyHtFZTlnZ4AlpC9O1G4vnFcq2Ujbw+iUYQS2gHM3f66DOQ=

GET
BLOB 200
OK a8384138-e867-48c4-adda-f4fdc2d84a83
https://videos.newsweek.com/ Frame FDD4 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://videos.newsweek.com/a8384138-e867-48c4-adda-f4fdc2d84a83
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a681e7b3f11fa0d42d2da2e84bf04c1cee5c0ef621ff92cc7b36347d9afe15b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length: 5063
Content-Type: application/javascript

GET
BLOB 200
OK e2bb2367-40f0-4c04-96af-65c8e597276c
https://videos.newsweek.com/ Frame FDD4 82 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://videos.newsweek.com/e2bb2367-40f0-4c04-96af-65c8e597276c
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef6940465f10d29c06dd1144b8e4313051770ac73fa189e342e66a59fbf0f088

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length: 83473
Content-Type: application/javascript

GET
BLOB 200
OK 188244d4-40af-43fb-8405-10a17d873e4f
https://videos.newsweek.com/ Frame FDD4 82 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://videos.newsweek.com/188244d4-40af-43fb-8405-10a17d873e4f
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef6940465f10d29c06dd1144b8e4313051770ac73fa189e342e66a59fbf0f088

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length: 83473
Content-Type: application/javascript

GET
H2 200 resquest-1-1-169445153100000.ts Show response
video.newsweek.com/transcoder/480hls/2826/ Frame FDD4 2 MB
2 MB 50ms
50ms XHR
video/mp2t 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://video.newsweek.com/transcoder/480hls/2826/resquest-1-1-169445153100000.ts
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/a0967c2b28ca71446c315148e20cf888.js?v=1695994039
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 74b2ffe12b6c51d65f9f50ea7698acd4a4e8a912ba4b99ef69dedb2180e6a823

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://videos.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:30 GMT
last-modified: Mon, 11 Sep 2023 16:59:04 GMT
server: AmazonS3
x-amz-request-id: CN8PSM4SF8KHX029
etag: "31783fe42a8a750bccc84e1db8a66d8b"
x-amz-server-side-encryption: AES256
x-hw: 1696003590.cds256.fr8.hn,1696003590.cds292.fr8.c
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1645752
x-amz-id-2: rw5inCM8ojCexmWr9ngr4ITcpxLBHvwmi9khaeFpg3uuiuVTv3THGIHXAzEEN444C11xFz5MjUU=

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 90ms
26ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:30 GMT
content-encoding: gzip
etag: "6ioqmyHWSWLYz5hkRjy8Uw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 06 Oct 2023 16:06:30 GMT

GET
H2 200 5e9e00b619144f0012bc03cf Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 402 KB
92 KB 121ms
29ms Script
application/javascript 18.239.50.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5e9e00b619144f0012bc03cf
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-128.ams58.r.cloudfront.net
Software: /
Resource Hash: 2ef84781371e91ab0332f2de97a4982ce24b55bd2fb0f0ccfc4092e16a955332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:02:10 GMT
content-encoding: gzip
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 260
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: zPXhCH3ly2KTi6d7fLEG4WKN4r7MA4oswyZYXV-SnJMeILC98TnLaw==

GET
H2 200 rules-p-WTV-pkjp9pc8j.js Show response
rules.quantcount.com/ 160 B
634 B 87ms
24ms Script
application/javascript 2600:9000:20ab:e600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-WTV-pkjp9pc8j.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:e600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19887a94ac2260357a39280e45b5ccbd2cb00391dd16e482c81beb3218638b0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 15:22:08 GMT
via: 1.1 9ac192ffc1203361ea1141b56df84966.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 2662
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:34:48 GMT
server: AmazonS3
etag: "60e44b5e9338ac9e628db19219509f8d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: eompmPR7NC0oDHjRLEIJT1D4Mv_crPEq6mMO-yhhM8LfyBw7BvoQ0A==

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame A0F4 2 KB
1 KB 25ms
24ms Document
text/html 18.239.50.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.50.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-50-128.ams58.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://www.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 529
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Fri, 29 Sep 2023 15:57:41 GMT
vary: accept-encoding
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
x-amz-cf-id: iz5sto64wcUvhZ-pOfHI7ugkXVoQb2yAmk3zi3ZRuAdn2HER7zXcUg==
x-amz-cf-pop: AMS58-P3
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

GET
H2 200 media.bundle.js Show response
cdn.pushnami.com/js/modules/ 24 KB
7 KB 102ms
28ms Script
application/javascript 18.238.243.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/modules/media.bundle.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-111.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 681ee55310648ed37904ea525c3a727e2e80f6966276a7d5a8f49999a2c9811c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 1fb7ef67aaeb45ceb86b21babb0ba848.cloudfront.net (CloudFront)
date: Fri, 29 Sep 2023 15:31:12 GMT
last-modified: Thu, 18 Feb 2021 18:09:49 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:497/gname:jenkins/uname:jenkins/gid:495/mode:33188/mtime:1613671787/atime:1613671787/md5:7384743788815118b002f1302cc0802f/ctime:1613671787
x-amz-cf-pop: AMS58-P1
age: 2119
etag: W/"7384743788815118b002f1302cc0802f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: CqSLevDRKdTNYMga2qUX-gipkjAc7Bfj-OLmTtVufIbWJihHVa3Dsg==

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 204ms
204ms Fetch
text/html 34.233.10.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.10.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-10-100.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
key: 5e9e00b619144f0012bc03cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 16:06:31 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 350ms
116ms Preflight 34.233.10.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.10.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-10-100.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.newsweek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Fri, 29 Sep 2023 16:06:30 GMT

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
152 B 114ms
113ms Fetch
text/html 3.222.124.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.222.124.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-124-68.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
key: 5e9e00b619144f0012bc03cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 16:06:30 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/html; charset=utf-8

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 353ms
115ms Preflight 3.222.124.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.222.124.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-124-68.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.newsweek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 29 Sep 2023 16:06:30 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 305ms
304ms Fetch
text/html 34.233.10.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.10.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-10-100.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
key: 5e9e00b619144f0012bc03cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 16:06:31 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 320ms
116ms Preflight 34.233.10.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.10.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-10-100.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.newsweek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Fri, 29 Sep 2023 16:06:30 GMT

OPTIONS
H2 200 events
api.pushnami.com/api/media/ Frame 0
0 720ms
669ms Preflight
application/json 18.239.50.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/api/media/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-128.ams58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.newsweek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: key
access-control-allow-methods: POST
access-control-allow-origin: https://www.newsweek.com
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
cache-control: no-cache
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 29 Sep 2023 16:06:31 GMT
vary: accept-encoding
via: 1.1 e1ffe469ec59bbd0f64b14eb9c83d0d4.cloudfront.net (CloudFront)
x-amz-cf-id: ViXKJokg-vbSOIIY2615tQ6557_9ytddQ53aRscQ5Lm3lmYL6ePldw==
x-amz-cf-pop: AMS58-P3
x-cache: Miss from cloudfront

POST
H2 200 events Show response
api.pushnami.com/api/media/ 16 B
399 B 403ms
402ms Fetch
application/json 18.239.50.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/api/media/events
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d275im4r3zngba/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-128.ams58.r.cloudfront.net
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.newsweek.com/
accept-language: de-DE,de;q=0.9
key: 5e9e00b619144f0012bc03cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 29 Sep 2023 16:06:31 GMT
content-encoding: gzip
via: 1.1 e1ffe469ec59bbd0f64b14eb9c83d0d4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache
access-control-allow-credentials: true
x-amz-cf-id: ZM0Y9sM_rNCJOYwmoFHzsJst0_C3OvxQiyCyK4xQmkxvkTGVJJRWSw==

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5FAA 281 B
554 B 80ms
19ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://videos.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 29 Sep 2023 16:06:32 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame 29BC 12 KB
3 KB 107ms
24ms Document
text/html 2600:9000:20b4:8e00:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:8e00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer: https://videos.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38517
content-encoding: gzip
content-type: text/html
date: Fri, 29 Sep 2023 05:24:37 GMT
etag: W/"9f69f355a69e650f4a86354e76e60d40"
last-modified: Tue, 18 Jul 2023 10:31:18 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 dd5c8f1bc8fe255b1a3166b5a036fe2c.cloudfront.net (CloudFront)
x-amz-cf-id: JhfVRH5OGe4m6rygb40w-h25a3ofJFYn37YvVioiEGtWCxxC3Xdn2w==
x-amz-cf-pop: AMS58-P4
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache: Hit from cloudfront

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 86AA 3 KB
2 KB 78ms
31ms Document
text/html 104.18.25.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://videos.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1174
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 80e579581d738fe6-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 29 Sep 2023 16:06:32 GMT
expires: Fri, 29 Sep 2023 20:06:32 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 pd Show response
ibt-d.openx.net/w/1.0/ Frame FAAD 0
176 B 91ms
33ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ibt-d.openx.net/w/1.0/pd
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://videos.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 29 Sep 2023 16:06:32 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 592B 15 KB
6 KB 123ms
42ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156850
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://videos.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=167581
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 29 Sep 2023 16:06:33 GMT
expires: Sun, 01 Oct 2023 14:39:34 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 435F 37 B
140 B 76ms
24ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/www/js/prebid_amp.js?v=8.16.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://videos.newsweek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 29 Sep 2023 16:06:32 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5FAA 35 KB
11 KB 27ms
26ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ad1a974c4743ab62ae8ea5c6f87c8ac1d7a5c2f56428a0b428bf7d709dc9ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Fri, 29 Sep 2023 16:06:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Sep 2023 14:46:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81519
Connection: keep-alive
Content-Length: 10475
Expires: Sat, 30 Sep 2023 14:45:12 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 8741
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

2 KB
919 B

41ms
37ms

Document
text/html

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3f11f388b8836ed622ef82cca53f84116b11dd7993c021ab8f47cca039c172

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80e57958ee2b9be8-FRA
content-encoding: br
content-type: text/html
date: Fri, 29 Sep 2023 16:06:33 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tg5MSVM4fbWjN6UYXbx7V6HVLEMEw1PugC6Hnz3LyEC0walSkGs0sWDaTSQsEXitYbGjZ7TXy2%2FCUIYRB%2FskF8PcDRu0IxmKIVBrxOcxKio70GLzzTMtLmxEKMxdOh4cgpi13F7TUl9kEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80e579589dcf9be8-FRA
content-length: 0
date: Fri, 29 Sep 2023 16:06:33 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88gS5BiIm6Gh5pBqwLSSmMkMb3bhQXgSFIwp7y7I3%2FN9jBuJSac1B4Mw2qJ7IL2b3UqxqNQbAMspt39vJiqXqFH7Oaabq4HVF5wQ14GiTOk0fLcYDK%2FhBHliX1sM25baa7Xugpdo6WTJHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D17A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

19ms
19ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 29 Sep 2023 16:06:33 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 29 Sep 2023 16:06:33 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 29BC 43 B
219 B 37ms
30ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58293/ Frame 29BC
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true

0
15 B

24ms
24ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
date: Fri, 29 Sep 2023 16:06:33 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.75
content-length: 360
content-language: en

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 29BC 70 B
148 B 48ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 29BC 0
239 B 107ms
22ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 29BC
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0FGOTFGNkQtNDNFRC00MjkzLUJDNzktN0UyNkM2Q0UzODEz&gdpr=-1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0FGOTFGNkQtNDNFRC00MjkzLUJDNzktN0UyNkM2Q0UzODEz&gdpr=-1&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D672838BE-16DA-42A9-A805-BB14EF095D82&us_privacy=%24%7B...
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82

0
308 B

114ms
111ms

Image
text/plain

18.239.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 18.239.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-109.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
via: 1.1 05f3f10124c24e16ce708020c976c78a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
content-length: 0
x-amz-cf-id: cJ2Ki3d7N8_Gm6RNV70QMg19ZbLGiNvZCqIVETpm4d88tqOSaD1Icw==
x-cache: Miss from cloudfront

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82
date: Fri, 29 Sep 2023 16:06:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 29BC 0
187 B 119ms
33ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 29 Sep 2023 16:06:32 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58545/ Frame 29BC 0
125 B 84ms
23ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58545/occ

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 592B 3 KB
3 KB 170ms
46ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47285988&p=156850&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f272916ff65f9c1ae95febe7d9240b8ac10088b1b86efba091d8a3af34145719

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 29 Sep 2023 16:06:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 8741 70 B
148 B 47ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8741
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRb2CVCNbVdDLnqdPB58XAAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZRb2CVCNbVdDLnqdPB58XAAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOPuvsLOeG_JiCZ3N28b23A&google_cver=1

43 B
733 B

37ms
36ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOPuvsLOeG_JiCZ3N28b23A&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CubjPwt0vE2zk9wdhbBtPVRFFqmq8JlZd2vQp%2BYPhswxaDLiVJN4b%2FoTPJFGUD3HAb5SNnulQT3H%2FvlJCijIGyZzIGFT2xcg0YFh8xvvio4qnI5NtJ87tfaAGaJBI5Z05StC9k51dRsgkg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80e5795a3ced917a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOPuvsLOeG_JiCZ3N28b23A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 8741
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRb2CVCNbVdDLnqdPB58XAAADOUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZRb2CVCNbVdDLnqdPB58XAAADOUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO9uoKj46n6W5TeL1TaV4QM&google_cver=1

43 B
733 B

54ms
53ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO9uoKj46n6W5TeL1TaV4QM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z23wxxNhJAk2hJkPsOepjhMoX6%2BpkiJ9UVuzSVX8WsGAp5z7pCUmR1rPvM%2BNzKsBk59PVxkjU%2BbRExpkaaVRVDMObkLntxwgJ0tOnR0PuOJYIlHk942xum8Ft7Q689KfFOy2idO5wsP3Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80e5795a3cee917a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO9uoKj46n6W5TeL1TaV4QM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 8741
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRb2CVCNbVdDLnqdPB58XAAADOUAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRb2CVCNbVdDLnqdPB58XAAADOUAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

155ms
154ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRb2CVCNbVdDLnqdPB58XAAADOUAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Sep 2023 16:06:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F58XYQPSGQSSWC0NS18K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Sep 2023 16:06:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6QJ01ASJHA14EH53WWSD
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRb2CVCNbVdDLnqdPB58XAAADOUAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

rum
dsum.casalemedia.com/ Frame 8741
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1696089993

43 B
330 B

56ms
44ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1696089993
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnamNdDZ6UbRwkwrgABQDFVXOAfCIT3Wynu2AnZFzPzWyd0Lo5HeKQyZsAZ9dqgwzQGf6k4%2BwhvtkRwmaxT%2FmtzaBrOkwuvQ8HGGv3GnoxRJ6i%2FNxF833mAhlF3aWsX%2BzefBHkcg"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80e5795a48079be8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1696089993
pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 8741 42 B
181 B 150ms
43ms Image
image/gif 2a05:d018:cc3:fe04:252b:25e8:bda8:4a4b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:252b:25e8:bda8:4a4b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8741
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

43 B
780 B

64ms
61ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bfHG%2F%2F9v7K93LIDMT%2FJPz5CAYsa2LzenvfCzLpux99iQGuKWZ03R5faYjdZfUABeee%2BLbbUb24bPjX4Y%2F8nvlh8Fo%2F%2Fs%2FkiNwCR4mC4IsMm40IzeemMt%2BdTCT36kFVRBRl%2FYfbkpL6W%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80e57959cc3f917a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date: Fri, 29 Sep 2023 16:06:33 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8741
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1513387752976789289&expiration=1697213203

43 B
733 B

38ms
38ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1513387752976789289&expiration=1697213203
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2feWxIIcjAo0JYak7t9Ep8MCuCpqm%2BdfmuelCMeQ3fDF3xKpoMpYPdhGowbjDMy8H2qyKWQ8qLONCc2JmzwuVBffr9ptgaUihMaJEsFb3QmzsuZ7cpnI6xj3%2BPLUhC3%2BeL%2BkA4kTHlaGA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80e5795a3cf7917a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1513387752976789289&expiration=1697213203
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 sync
usr.undertone.com/userPixel/ Frame 8741 0
309 B 187ms
109ms Image
text/plain 18.239.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZRb2CVCNbVdDLnqdPB58XAAADOUAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-109.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
via: 1.1 05f3f10124c24e16ce708020c976c78a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
content-length: 0
x-amz-cf-id: 0KUOAGdC2JmwKuOQ7VdsGROfSfDzbCMVppyevw87qV3Xl7m6EaJwKA==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D17A 35 KB
11 KB 29ms
29ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ad1a974c4743ab62ae8ea5c6f87c8ac1d7a5c2f56428a0b428bf7d709dc9ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Fri, 29 Sep 2023 16:06:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Sep 2023 14:46:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81519
Connection: keep-alive
Content-Length: 10475
Expires: Sat, 30 Sep 2023 14:45:12 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame A283 43 B
362 B 27ms
26ms Document
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156850

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 16:06:32 GMT
expires: Fri, 29 Sep 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 223059
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame B8D5
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=672838BE-16DA-42A9-A805-BB14EF095D82&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=672838BE-16DA-42A9-A805-BB14EF095D82&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

209ms
208ms

Document
image/gif

54.239.33.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=672838BE-16DA-42A9-A805-BB14EF095D82&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156850

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 29 Sep 2023 16:06:33 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: WMAXG36D3RZGQF1A4JTH

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 29 Sep 2023 16:06:33 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=672838BE-16DA-42A9-A805-BB14EF095D82&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: DS5DQNXSB06X9NKGV2J4

GET
H2

200

sync Show response
usr.undertone.com/userPixel/ Frame FCAA
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EktVBUJIVAoJSlcCHUlJVUBHUAEJTgIFQhw5_qJx
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D672838BE-16DA-42A9-A805-BB14EF095D82&us_privacy=%24%7B...
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82

0
309 B

111ms
109ms

Document
text/plain

18.239.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-109.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Fri, 29 Sep 2023 16:06:33 GMT
via: 1.1 05f3f10124c24e16ce708020c976c78a.cloudfront.net (CloudFront)
x-amz-cf-id: 6R9NC0gPim2NmUDafST6Jw5pmYUGkPKroYSnyqU0UkqM_EPIYA8T3A==
x-amz-cf-pop: AMS58-P2
x-cache: Miss from cloudfront

Redirect headers

cache-control: no-store, no-cache, private
date: Fri, 29 Sep 2023 16:06:31 GMT
location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

204

pixelSync
pixel-sync.sitescout.com/dmp/ Frame 452D
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2507687704818515354&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

0
0

36ms
36ms

Document
text/plain

98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156850
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Fri, 29 Sep 2023 16:06:33 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

Redirect headers

content-length: 104
content-type: text/html; charset=utf-8
date: Fri, 29 Sep 2023 16:06:32 GMT
location: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6676
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284279965842143379&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

0
0

36ms
36ms

Document
text/plain

98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156850
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Fri, 29 Sep 2023 16:06:33 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

Redirect headers

content-length: 104
content-type: text/html; charset=utf-8
date: Fri, 29 Sep 2023 16:06:33 GMT
location: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 592B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Zyg4vhbaQqmoBbsU7wldgg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

32ms
31ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=167581
accept-ranges: bytes
content-length: 5606
expires: Sun, 01 Oct 2023 14:39:34 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 592B 49 B
265 B 159ms
47ms Image
image/gif 52.31.175.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=672838BE-16DA-42A9-A805-BB14EF095D82&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.3.208
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 592B
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1631497706
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=672838BE-16DA-42A9-A805-BB14EF095D82

0
284 B

93ms
30ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=672838BE-16DA-42A9-A805-BB14EF095D82
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
via: 1.1 google
last-modified: Fri, 29 Sep 2023 16:06:33 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=672838BE-16DA-42A9-A805-BB14EF095D82
date: Fri, 29 Sep 2023 16:06:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame 592B
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=672838BE-16DA-42A9-A805-BB14EF095D82
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZDMzV3ZzMDJCMFRRanFRalUzajZmdUNIZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=1513387752976789289&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

114ms
114ms

Image
image/png

35.172.171.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 35.172.171.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-171-236.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Fri, 29 Sep 2023 16:06:34 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 29 Sep 2023 16:06:33 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 592B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjcyODM4QkUtMTZEQS00MkE5LUE4MDUtQkIxNEVGMDk1RDgy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D672838BE-16DA-42A9-A805-BB14EF095D82&us_privacy=%24%7B...
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82

0
307 B

274ms
272ms

Image
text/plain

18.239.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82
Protocol: H2
Server: 18.239.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-109.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
via: 1.1 05f3f10124c24e16ce708020c976c78a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
content-length: 0
x-amz-cf-id: vqazrq73MOJ3uYEgG5sA3JUinouPlv3_eJ8OAP8eGAgmm3k_mL07OA==
x-cache: Miss from cloudfront

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82
date: Fri, 29 Sep 2023 16:06:33 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 592B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMDeMfbNnt-VK8_yXCcHZFs&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D672838BE-16DA-42A9-A805-BB14EF095D82&us_privacy=%24%7B...
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82

0
308 B

113ms
111ms

Image
text/plain

18.239.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82
Protocol: H2
Server: 18.239.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-109.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
via: 1.1 05f3f10124c24e16ce708020c976c78a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
content-length: 0
x-amz-cf-id: vWTbgMRcCFJyERpDAVRJ6iy5CUAyWhVaUtDjs2TslAWh09BdZ9WVFg==
x-cache: Miss from cloudfront

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=672838BE-16DA-42A9-A805-BB14EF095D82
date: Fri, 29 Sep 2023 16:06:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pubmatic
um.simpli.fi/ Frame 592B 43 B
612 B 101ms
30ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 28 Sep 2023 16:06:33 GMT

GET
H2

204

pixelSync
pixel-sync.sitescout.com/dmp/ Frame 592B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5219754741709597558
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

0
187 B

36ms
35ms

Image
text/plain

98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol: H2
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 29 Sep 2023 16:06:33 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
date: Fri, 29 Sep 2023 16:06:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 104
content-type: text/html; charset=utf-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 592B 70 B
148 B 52ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame 592B 0
15 B 29ms
23ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=672838BE-16DA-42A9-A805-BB14EF095D82&redir=true&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 672838BE-16DA-42A9-A805-BB14EF095D82
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 592B 43 B
426 B 149ms
47ms Image
image/gif 2a05:d018:d29:3602:18d0:4fce:99a6:af2f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/672838BE-16DA-42A9-A805-BB14EF095D82?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:18d0:4fce:99a6:af2f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 5FAA 7 B
380 B 88ms
21ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame D17A 7 B
380 B 22ms
22ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 592B 0
48 B 43ms
33ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156850&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:06:33 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: video.newsweek.com
URL: https://video.newsweek.com/transcoder/480hls/2826/resquest-1-1-1694451531.m3u8

Verdicts & Comments Add Verdict or Comment

418 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 15:49:55	Name: _li_ss Value: ChMKBgjdARCRFgoJCP____8HEJsW
i6.liadm.com/s	1970-01-20 15:49:55	Name: _li_ss Value: CgA
.info.illicitedge.com/	1970-01-20 15:06:45	Name: __cf_bm Value: 5TblzS4CJlnx7tCWwdGZ8m3YNidX8MEhjvCJL_8ass0-1696003586-0-AdX5zlGGFv/PcWhvB5hl+AS73wQNx/ORLHQ5MThgFAwHloAXjiICQB1qKtMm2uq4XCPqF+KkPhcRLqxjrjC0qH0=
.info.illicitedge.com/	1969-12-31 23:59:59	Name: __cfruid Value: bdc4cdbcceea4c7a66af18efe29fac9cb6fc85ae-1696003586
www.newsweek.com/	1969-12-31 23:59:59	Name: X-UA-Info Value: country\|DE\|state\|RP\|city\|Mainz\|isp\|Keyweb AG\|ip\|217.114.215.131\|device\|desktop
.script.ac/	1970-01-20 15:06:45	Name: __cf_bm Value: dnpm_4M9QdhqRAU4J_m_N0kEC.ZbI2C1gU_Swhxva_E-1696003587-0-AXYz5l2Pqcw40MJtxKOYUZLye10jyWvtqjNrLrle1FIMheMy3dQKX46Aaxqbe3wUQFAKdu8baxMz3ykzOBdXCSA=
www.newsweek.com/	1970-01-20 15:06:45	Name: sailthru_pageviews Value: 1
www.newsweek.com/	1969-12-31 23:59:59	Name: has_js Value: 1
.newsweek.com/	1970-01-20 23:52:19	Name: _pubcid Value: 5198806b-c3e4-4df7-8474-1ee9243af4dd
.newsweek.com/	1970-01-20 23:52:19	Name: _pubcid_cst Value: zix7LPQsHA%3D%3D
.newsweek.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .newsweek.com
.newsweek.com/	1970-01-21 00:42:43	Name: _lc2_fpi Value: 01a1b5c576a3--01hbgv203g5a3c53hsrex2e5qq
.newsweek.com/	1970-01-21 00:42:43	Name: _lc2_fpi_meta Value: {%22w%22:1696003588208}
www.newsweek.com/	1970-01-21 00:28:19	Name: gdpr-auditId Value: c2ad891b5c004c3daa284df5f3d2f9b1
www.newsweek.com/	1970-01-20 15:06:45	Name: orir Value:
www.newsweek.com/	1970-01-20 15:08:09	Name: _lr_geo_location_state Value:
www.newsweek.com/	1970-01-20 15:08:09	Name: _lr_geo_location Value: DE
.newsweek.com/	1970-01-20 15:06:45	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%2520Edge%2520Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email%22%2C%22sref%22:%22%22%2C%22sts%22:1696003588464%2C%22slts%22:0}
.newsweek.com/	1970-01-21 00:36:07	Name: _parsely_visitor Value: {%22id%22:%22pid=cac7f5f6-d349-4246-a1b4-afc3b73ce71f%22%2C%22session_count%22:1%2C%22last_session_ts%22:1696003588464}
.newsweek.com/	1970-01-20 15:08:09	Name: _gid Value: GA1.2.1523443867.1696003588
.newsweek.com/	1970-01-20 15:06:43	Name: _dc_gtm_UA-44450862-1 Value: 1
.newsweek.com/	1970-01-21 00:42:43	Name: _ga_2PP6KZK9B2 Value: GS1.1.1696003588.1.0.1696003588.0.0.0
.newsweek.com/	1970-01-20 15:07:26	Name: cds1 Value: 2023-09-29
.newsweek.com/	1970-01-20 15:08:09	Name: cus1 Value: 2023-09-29
.newsweek.com/	1970-01-20 15:35:31	Name: cmx1 Value: 2023-09-29
.liadm.com/	1970-01-21 00:42:43	Name: lidid Value: 0ec0f09c-55ca-4fa3-9a30-2349656ce9bb
www.newsweek.com/	1970-01-20 15:08:09	Name: geo-location Value: {"country":"DE","region":""}
www.newsweek.com/	1970-01-20 23:52:19	Name: sailthru_content Value: 46f9003445b42ce88694fa8338a947ab
www.newsweek.com/	1970-01-20 23:52:19	Name: sailthru_visitor Value: 9755bea7-d8b3-49db-b041-3319bba70aea
.newsweek.com/	1970-01-20 15:07:26	Name: _parsely_tpa_blocked Value: {%22tpab%22:false}
videos.newsweek.com/	1970-01-20 15:06:47	Name: _lr_retry_request Value: true
videos.newsweek.com/	1970-01-20 15:49:55	Name: _lr_env_src_ats Value: false
.newsweek.com/	1970-01-21 00:42:43	Name: _ga Value: GA1.2.1826504350.1696003588
videos.newsweek.com/	1970-01-20 15:49:55	Name: TDID Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-29T16%3A06%3A28%22%7D
videos.newsweek.com/	1970-01-20 15:49:55	Name: TDID_cst Value: zix7LPQsHA%3D%3D
www.newsweek.com/	1970-01-20 15:06:43	Name: _liChk Value: 0.08766358387234163
ads.resetsrv.com/	1970-01-20 17:16:19	Name: ckbk Value: 0000011320E52E90
.ads.pubmatic.com/	1970-01-20 15:08:09	Name: KCCH Value: YES
.casalemedia.com/	1970-01-20 23:52:19	Name: CMID Value: ZRb2CVCNbVdDLnqdPB58XAAA
.casalemedia.com/	1970-01-20 17:16:19	Name: CMPS Value: 3301
.casalemedia.com/	1970-01-20 17:16:19	Name: CMPRO Value: 3301
.advertising.com/	1970-01-20 23:52:41	Name: A3 Value: d=AQABBAn2FmUCELKnfBv2PAIM0oUiGk-py90FEgEBAQFHGGUgZeAXyiMA_eMAAA&S=AQAAAr-fDwffEt_-scxQd7YZoKk
.pubmatic.com/	1970-01-20 15:08:09	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 23:52:19	Name: KADUSERCOOKIE Value: 672838BE-16DA-42A9-A805-BB14EF095D82
.pubmatic.com/	1970-01-20 17:16:19	Name: DPSync3 Value: 1697155200%3A201_245_241_235
.adform.net/	1970-01-20 15:49:55	Name: C Value: 1
.quantserve.com/	1970-01-20 17:16:19	Name: d Value: EOIBCwGIKvijAA
.quantserve.com/	1970-01-21 00:36:57	Name: mc Value: 6516f609-43197-fd942-0f6fb
.adform.net/	1970-01-20 16:33:07	Name: uid Value: 1513387752976789289
.doubleclick.net/	1970-01-21 00:28:19	Name: IDE Value: AHWqTUntnSc-gtM0frReNa75PV3fdxz0HXaCMJo1rftHiNDGTD66QE-7lb7GvmBsxRg
.undertone.com/	1970-01-20 23:52:40	Name: UID_EXT_57 Value: ZRb2CVCNbVdDLnqdPB58XAAADOUAAAIB
.weborama.fr/	1970-01-21 00:32:38	Name: AFFICHE_W Value: 818HbcPAEzvz97
.adfarm1.adition.com/	1970-01-20 17:16:19	Name: UserID1 Value: 7284279965842143379
.adnxs.com/	1970-01-20 17:16:19	Name: uuid2 Value: 2507687704818515354
.simpli.fi/	1970-01-20 23:53:45	Name: suid Value: FBC912DC27BD4D709C237938ABBA4718
.pubmatic.com/	1970-01-20 17:16:19	Name: KRTBCOOKIE_153 Value: 1923-EktVBUJIVAoJSlcCHUlJVUBHUAEJTgIFQhw5_qJx&KRTB&19420-EktVBUJIVAoJSlcCHUlJVUBHUAEJTgIFQhw5_qJx&KRTB&22979-EktVBUJIVAoJSlcCHUlJVUBHUAEJTgIFQhw5_qJx&KRTB&23403-EktVBUJIVAoJSlcCHUlJVUBHUAEJTgIFQhw5_qJx
.pubmatic.com/	1970-01-20 17:16:19	Name: KRTBCOOKIE_80 Value: 22987-CAESEMDeMfbNnt-VK8_yXCcHZFs&KRTB&23025-CAESEMDeMfbNnt-VK8_yXCcHZFs&KRTB&23386-CAESEMDeMfbNnt-VK8_yXCcHZFs
.pubmatic.com/	1970-01-20 15:49:55	Name: KRTBCOOKIE_391 Value: 22924-5219754741709597558&KRTB&23263-5219754741709597558&KRTB&23481-5219754741709597558
.pubmatic.com/	1970-01-20 17:16:19	Name: KRTBCOOKIE_57 Value: 22776-2507687704818515354&KRTB&23339-2507687704818515354
.pubmatic.com/	1970-01-20 15:49:55	Name: PugT Value: 1696003593
.pubmatic.com/	1970-01-20 15:49:55	Name: KRTBCOOKIE_1101 Value: 23040-7284279965842143379&KRTB&23369-7284279965842143379
.pubmatic.com/	1970-01-20 15:06:43	Name: ipc Value: 0^^2^0
.pubmatic.com/	1970-01-20 15:08:09	Name: pi Value: 0:3
.pubmatic.com/	1970-01-20 17:16:19	Name: chkChromeAb67Sec Value: 3
.pubmatic.com/	1970-01-20 17:16:19	Name: SyncRTB3 Value: 1698537600%3A203%7C1696550400%3A223%7C1697155200%3A54_13_8_71_21_251_56_3_220_55%7C1697241600%3A35
.pubmatic.com/	1970-01-20 15:49:55	Name: SPugT Value: 1696003593
.amazon-adsystem.com/	1970-01-21 00:42:43	Name: ad-privacy Value: 0
.undertone.com/	1970-01-20 23:52:40	Name: UID_EXT_53 Value: 672838BE-16DA-42A9-A805-BB14EF095D82
.amazon-adsystem.com/	1970-01-20 19:33:07	Name: ad-id Value: A0JpN_Ud1kT2l_GtHjwZLvs
.audrte.com/	1970-01-20 15:28:19	Name: arcki2 Value: d33Wvs02B0TQjqQjU3j6fuCHg!20220908!1696003593675!ip#217.114.215.131
.audrte.com/	1970-01-20 15:28:19	Name: arcki2_pubmatic Value: 672838BE-16DA-42A9-A805-BB14EF095D82!20220908!1696003593679
.audrte.com/	1970-01-20 15:28:19	Name: arcki2_ddp2 Value: d33Wvs02B0TQjqQjU3j6fuCHg!20220908!1696003593836
.audrte.com/	1970-01-20 15:28:19	Name: arcki2_adform Value: 1513387752976789289!20220908!1696003593988

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://cadmus.script.ac/d275im4r3zngba/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cadmus.script.ac/d275im4r3zngba/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=33 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://prebid.sv.rkdms.com/identity/?sv_domain=newsweek.com&sv_pubid=9619&ssp_ids=534404531 Message: Failed to load resource: the server responded with a status of 406 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=33 Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=bloodyMary&useSystemFonts=false&cmpType=tcf Message: A preload for 'https://cmp-consent-tool.privacymanager.io/latest/runtime.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=bloodyMary&useSystemFonts=false&cmpType=tcf Message: A preload for 'https://cmp-consent-tool.privacymanager.io/latest/polyfills.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=bloodyMary&useSystemFonts=false&cmpType=tcf Message: A preload for 'https://cmp-consent-tool.privacymanager.io/latest/vendor.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=bloodyMary&useSystemFonts=false&cmpType=tcf Message: A preload for 'https://cmp-consent-tool.privacymanager.io/latest/main.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network	error	URL: https://prebid-server.rubiconproject.com/cookie_sync Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
other	warning	URL: https://videos.newsweek.com/share/565302?autostart=0 Message: A preload for 'https://d.newsweek.com/en/full/2280681/gallagher.webp?w=736&h=414&f=1c2446350da9c601b517d8099cb67615' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	error	URL: https://www.newsweek.com/china-communist-party-new-york-political-influence-campaign-donations-1828730?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-9H3S0VuRQThTexWbWpBPSds76jrjdPEqFHe3BzGj5-MFHp_3YK4rfFxRbVqEP6wNMAX6R1ny6Jl_6ugijksESyhMtIlw&utm_content=276331523&utm_source=hs_email Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
javascript	warning	URL: https://cmp-consent-tool.privacymanager.io/latest/#/notice?theme=bloodyMary&useSystemFonts=false&cmpType=tcf Message: The resource https://cmp-consent-tool.privacymanager.io/latest/vendor.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://cmp-consent-tool.privacymanager.io/latest/#/notice?theme=bloodyMary&useSystemFonts=false&cmpType=tcf Message: The resource https://cmp-consent-tool.privacymanager.io/latest/main.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://cmp-consent-tool.privacymanager.io/latest/#/notice?theme=bloodyMary&useSystemFonts=false&cmpType=tcf Message: The resource https://cmp-consent-tool.privacymanager.io/latest/polyfills.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://cmp-consent-tool.privacymanager.io/latest/#/notice?theme=bloodyMary&useSystemFonts=false&cmpType=tcf Message: The resource https://cmp-consent-tool.privacymanager.io/latest/runtime.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://videos.newsweek.com/share/565302?autostart=0 Message: The resource https://d.newsweek.com/en/full/2280681/gallagher.webp?w=736&h=414&f=1c2446350da9c601b517d8099cb67615 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=672838BE-16DA-42A9-A805-BB14EF095D82&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aax-eu.amazon-adsystem.com
ads.pubmatic.com
ads.resetsrv.com
ak.sail-horizon.com
api.pushnami.com
api.rlcdn.com
api.sail-personalize.com
ats-wrapper.privacymanager.io
b-code.liadm.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
casale-match.dotomi.com
cdn.ampproject.org
cdn.fqtag.com
cdn.pushnami.com
cdn.undertone.com
cm.g.doubleclick.net
cmp-consent-tool.privacymanager.io
cms.quantserve.com
config.aps.amazon-adsystem.com
cr.frontend.weborama.fr
d.adroll.com
d.newsweek.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
f35b59fc-90c6-428e-a9e4-494353d0f0e1.edge.permutive.app
flo.uri.sh
fonts.googleapis.com
fonts.gstatic.com
fpa-cdn.newsweek.com
fpa-events.newsweek.com
fqtag.com
g.newsweek.com
gc.newsweek.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
i.liadm.com
i6.liadm.com
ib.adnxs.com
ibt-d.openx.net
id.a-mx.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
info.illicitedge.com
js-sec.indexww.com
lexicon.33across.com
match.adsrvr.org
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.sv.rkdms.com
proc.ad.cpe.dotomi.com
psp.pushnami.com
pub.doubleverify.com
public.flourish.studio
pxsrv.net
query.fqtag.com
recommendationengine.googleapis.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sli.newsweek.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
stats.newsweek.com
sync.adotmob.com
sync.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
trc.pushnami.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
video.newsweek.com
videos.newsweek.com
vtrk.doubleverify.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.newsweek.com
video.newsweek.com
104.18.25.18
104.18.26.193
104.18.27.193
108.156.60.58
13.227.219.126
13.248.245.213
142.250.186.130
15.197.193.217
151.139.128.10
167.99.21.53
178.250.1.9
18.238.243.111
18.238.243.82
18.239.18.45
18.239.36.109
18.239.36.57
18.239.50.128
18.239.69.131
18.239.83.118
18.239.83.119
18.239.83.98
18.239.94.119
184.30.211.26
184.30.22.30
185.64.189.112
185.64.190.78
185.64.190.79
185.64.191.210
198.47.127.20
198.47.127.205
2001:4860:4802:32::36
23.35.236.201
23.56.202.187
2600:1901:0:8344::
2600:1f18:730:b120:ec5e:651e:a0cc:77a3
2600:1f18:ed:550f:70e6:f7b1:bd3b:3c24
2600:9000:2090:9e00:8:8845:1500:93a1
2600:9000:20a0:6600:11:2a6a:9480:93a1
2600:9000:20ab:e600:6:44e3:f8c0:93a1
2600:9000:20b4:8e00:1f:2473:9080:93a1
2600:9000:20c3:9400:16:f82a:8600:93a1
2600:9000:2449:3600:10:c6f4:d940:93a1
2606:2c40::c73c:67e4
2606:4700:4400::6812:2aef
2606:4700:4400::ac40:90d6
2606:4700:4400::ac40:9111
2606:4700:4400::ac40:9256
2606:4700::6812:1791
2606:4700::6812:a7e0
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2002
2a00:1450:4001:803::2006
2a00:1450:4001:806::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9b
2a02:2638:d::d
2a02:fa8:8806:12::1460
2a02:fa8:8806:13::1370
2a05:d018:cc3:fe04:252b:25e8:bda8:4a4b
2a05:d018:d29:3602:18d0:4fce:99a6:af2f
2a06:98c1:3121::3
3.222.124.68
3.222.49.156
3.64.105.94
3.75.62.37
34.111.129.221
34.111.131.239
34.120.133.55
34.225.27.9
34.233.10.100
34.95.69.49
35.172.171.236
35.186.195.222
35.186.253.211
35.190.36.172
35.190.72.161
35.204.158.49
35.244.159.8
37.157.6.237
37.252.171.149
45.137.176.88
52.205.227.48
52.31.175.73
52.46.130.91
54.163.238.217
54.239.33.158
54.82.170.117
63.34.81.234
69.173.144.137
69.173.144.138
69.173.144.165
85.114.159.118
98.98.134.241
99.83.154.140
99.83.219.100
046c53d668825a7ea3b58a5f6a66c36fa96a0013691f17fd58ed3bd9fc7e0763
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058a98c46e5b15ed2c067641fe8cc79cc167a3c1aa024247d3675135a70392a9
06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07ad1a974c4743ab62ae8ea5c6f87c8ac1d7a5c2f56428a0b428bf7d709dc9ea
0c65f52cd578be952e12c44a2300581ebd0e457c27d9f8a91c0168539e2df4ef
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b
0e8968dd711bd151575e58f6251e4c82f36658fce33aceea48257d7038940fcf
1263444b34d4b24c8f97e6d937fa6f3f26df181da400856749d0842b8cc0b331
1357132a872bc3c79a758f8ee6bd845da8dd085917d3948fd9ea7eb5cbc8228d
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
19887a94ac2260357a39280e45b5ccbd2cb00391dd16e482c81beb3218638b0f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fc37ea63bfeffd825a2a6cfd9690c3d520567053cf80b7e24ad230fe3e3d7eb
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
26e173d46b50b2a8c8d380a69bb31615c1e4398ea30ebbb70ffa4132d9210cdb
27dcb65edae7dc69e34b1adef667d07e9de44119a814d12cc1909ba2b03ddeda
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2852b6d90407ab97ba05c07b9fe86f98ae8348c07e41f43578df1f71c9d0da5b
29b7f78db08d77ff1943d06b6a5f1ebf24843b1fb8cd40da79d576101f5f0b5e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b3f11f388b8836ed622ef82cca53f84116b11dd7993c021ab8f47cca039c172
2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48
2ef0d996e14b20b4715d87ef93180ecc6f452c28123fea0bae760b4b4902d66f
2ef84781371e91ab0332f2de97a4982ce24b55bd2fb0f0ccfc4092e16a955332
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035
3745e2aec03f7cbf1fd5588a8abc421733c57b87c50dbe9edc358f4495ef5d2c
3782023c21d509cfa5875b43f66922be7aacb09e0572a5714252363006956eff
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3d0c340910af98d7950c7cbcc751d776526381202e46d7050d8acc7ec3333b85
3d2f1224eafb6a9035c3b847f46493f285e48fd81b5e6e34f157a24d36e6230e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b0a7bb064129b8e4cbee21c4af10820488cec23ab7f2b5d90a170198035f2a
4cdcef9697c089ce9010cd05ab8e4315bf6a9c94e152f25283e4a4162b8a671c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
518841db695f2284b31a21152fce366c48ceb946bff927e44c961924f4bf81d3
54f41257aafb6a6d9a39fd692d7d696b46747871568e0025e3362d7974bc1e36
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
5f67ee310c4ef7f8a218add2bdc6f18bf316d239b07a3d4b62c9c33e13b65e04
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63191055d5aa5d78954138c232f3874189570389c0994e58d7152ca7133c9f1f
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
663e7a7ff116be91e78826f6ded95eb96e4f25f278895e8074854684eef0b439
6749b7217fb8c8fb1c099466d9c2ed1e6c64e3526e20be1377d8b0469cf7e124
681ee55310648ed37904ea525c3a727e2e80f6966276a7d5a8f49999a2c9811c
6a954e36539d8c2dc162a36c7abf05861aa3219a4e76ee46efce46c9f8d26862
6bdec229eed0828ed72159419659e753626704fbb15321788e2f6be0cad1bf56
6c767d7126ec71e3cbc2f834c4bc9cddba77a62cb3c29a711c3e26bcdb0651f9
6cf37ac3911a6525d9594180a9a71744979d8ef399c91f6a2df81b32c58b21da
6e1e819cd967eaa1fddca1a6736e8d492f584812dd07f6daed0ec398a7d8107e
6e51549d5e441a65c54ac8b326175ff67ebd26d2f91721e09065b526c0bc0ee4
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72293ed147ea7bab4fe14ba0afca55f2fadb477d3a1ecefa397f36fd2b5f5647
735fa4096e489f911f7a495f251f61c17a69c021622c5b904b9742be95be9f90
7400a35ae835dcd70e251075bbc749f934f7b7c3e949e4c80707f8b7b10cc11b
74b2ffe12b6c51d65f9f50ea7698acd4a4e8a912ba4b99ef69dedb2180e6a823
75a101a7c3214c232948e4251501543cb799110b868d79c0d5e820add0de292d
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7afe8f4f0ed4731290d1d60c72ff3799fdbd1e470e480b96958d118469564635
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bf79e850ad807829b226d4b8ce95454fbf51391bf15f4877304e4639aebda9c
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7cf97c9209764a66bd302ae849790a2cf6b9b008d6eca1e4ef0b3e285d922bdb
7ee3756fa967ee060f179f0b8c7591dc7709b6f993f471398572660290e99973
7fc0afc079ef9487d71d822f4e06b7dc0dbf0563210958381f107673f8556aab
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
821badcd0d274304b65301b59b6aafd089a8e3247385f40ba6848ab9b17b2090
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
895af39f3eef3eeb1cc33ab556291014f811b089d1a1c2915b8fcf6b61ef336a
8a681e7b3f11fa0d42d2da2e84bf04c1cee5c0ef621ff92cc7b36347d9afe15b
8cdf23a59ece5c24758a4893e553ada37d69f45fa90691eae0dd4204574e5410
8ce476dde9b9b92f126791e81d5cbae559136c63f4d6bed6247c772fac4f2fb9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e25eab19abdd2c4f70c40c3b57c3c654771ff74374fe79658e2ec80ee01075a
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
938f250c528a0870214ce4b8f509efaec35b042a152835e4b73b76a2398a97fd
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
953e842eed2fddf0b2965e54069c501d4a5ef3ba6e1e806f5c71a414ce9329ff
9751c2aded7a7be8cedcf3b8d2b74d70bdf5cc1c70294c7c3050fad944e4fb01
98cd841cc4c1b7ce06841f9753edd0194569cd4807db58fbb4b59e45a658b6ea
995da27ba7f46489860e5cc10407228c43d5afe4bdee767ef5197de6ab40aa81
9b7116fcbfb51f6c5e64cc49ecac7096cc1085dc419728e8f5d1821cc23050e7
9c3eb4fb6c5b1447a14d2401ef4cb5467fe085b0dd1b259350ac3f3914b1dad2
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a
9de26055f9bd39842ed83bbb539d0cadcca46b7b6e8daeff6773c29c41c769dc
a0006523de48f55fcc9ba3033a00b971eca83c0393217fcacaa0bf60be40d9cf
a700b5954ac790b985c59fa0757832f3886a90aef4899a3e459b57cd57690232
aa17366e04180aef2dbdbcf00c2c0e4f5df7784de2ee6d1cc6f1e20c0714346f
ac14c791cd3f93147861337f1e5afe7aea4d06046d31132937fe5071b977786b
ae4a87ac8b3d09b49b1d1f3f23dea0074a03ff89680119c45fff2082130b1502
aebf010cf3503db862eb22610bc84f1d2f0b174bac152f1e654e73fe9ead91ee
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b37282820be5f58196fdf35b9b27bff1e15cbccd576bbb5333521e3229f06037
b6717a799c2d9ca1870f33d998ec4c655dee7ef80974168a4fa937919a2a89aa
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b
b89c1b190cb7edcbe5357a9876d19b8066f5bfdc7863352441fc1d78582acb3d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a9c1dec1a24dd650f7b3b74a5c8ab1f6b68b653deef124accbde1c8a24abf0
c2e5a6fd9b7945c633d8de3df04da2154f67cc1a82274b16fe595984e8c8a235
c5731df9cb85bb777fe8589795bf6fd7da11bc4057e68bab4b69a20d32c172eb
c61eb1590bfcc266b488a4b4ba12f5ab75a72faf91d34f9e4ac4c37e212aa6d4
c7555b43a01159abd10fccb227258d5d6d271f58040a078ba5f12bd9943c8618
c932465e168592cf635b755c83988e681b12c1f28779565075a476550298b9e3
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbd72c9f40a8903d4eb22dd875d21dcb4e604b01c9b57c5847cd9c5ee1ee6af9
cc9d9b6725b3c0f5438b9daa1cebe0d4d6df447144f9ca782b55e3a3e84236b1
ce061d4f82a8144bf91b19b8e48633d241f936fd00afaf2b470a21717c1bd892
ce8f28688a091db72f7fc9e8757f82955d06c0489051aa88f25f5554b2b61f0a
ceea53e44ec565f4238f76684d3c16fe2c0806d7d0208678105d6f64320b8e56
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf80003f0aa2727921078ca25d73eeabd73e6a06d559b7a9f11f90a47d7b0847
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
d226c571a533aacbc049438f3c632e2233335330e2af7e593834e362518c01bf
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d56f05596fc462f8ccd83627f96400dec572df7a21a7c25b43351a941eb68e65
d65830a977d509eea74379eec45272c4eef7e32fb55150d9b86cf199a2f542be
d6f6958cafc1ce8137b98916ad77ecdadbfbb7a3e1c4b5e42844761c88969f61
dbda4174773e066475dd7d9aa90f172bdfd1fd3aee99790161bc5d178aad2573
dd8a72bddea56b664e8cd6c3e7503bb45da1cd228dfedd2ac14ac836d2ed7fe2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e26ac49f5471a6ee543ded47b2e2525912132ac877f3c5589b5a9252d4b65289
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c6364af6258cac37a9dc3423612d073551f369b4e6be28ac7c49295ca82a83
e4cf1c133b96419d7116640c9850740280ad5aed7e54b9749f7bb3211d6be4f7
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
e7b5f4303a026c5f56c88b0d7bb7a3faa1e76ea6281fec5c2451f3f53c9e10df
e8404ddfde874af663654f2786296ca6328f35711996cb76ae15b86611af3a17
e9031f418f14bed68af4f0f6a17a6f8cce44c41f41b8edb2fe386038e57f07d7
ec4542eb50bc747d25076b6bf41c5d80b139e6ed8b68ddd5f47ede10c3666120
ed3cb9e27ff9cfd6fdcfd2e8b594e2c7e6d7262ff80fd737caa29710abaace17
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6940465f10d29c06dd1144b8e4313051770ac73fa189e342e66a59fbf0f088
f272916ff65f9c1ae95febe7d9240b8ac10088b1b86efba091d8a3af34145719
f353642b9b7c2a0ce7b9664de3a95a4877b46103bbc061eb683cdb1701208c23
f3e3364000ec84f9157c3a6f14bb7a9e94a94580285ab2099f3dec70813598b4
f5bd1ec0b44d29f4faeacad2a327eb92a4ebce46809e3138501b364c0fe0e904
f6a1c2a83a1913c8b2f1c5531f60d93bba3534509f5e8bb887f965398a0db240
f6f083792ee52f3f1f59868bd453a0d2a99d87bded892ab4277a6e709b20352f
f8ed7b2f7cb7c629badba2956c108c1568d2cf8ffad78b6ea018e79c798e9825
fa8255324ae6ffbf1a7a80482bf0d8019668ce3689c5623478e18d6330cd0fdb

www.newsweek.com Open in urlscan Pro 99.83.219.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

238 Requests

90 %HTTPS

36 %IPv6

58 Domains

114 Subdomains

91 IPs

10 Countries

5618 kBTransfer

14149 kBSize

73 Cookies

18 Outgoing links

Page URL History

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newsweek.com Open in urlscan Pro
99.83.219.100 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

90 %
HTTPS

36 %
IPv6

58
Domains

114
Subdomains

91
IPs

10
Countries

5618 kB
Transfer

14149 kB
Size

73
Cookies

238 HTTP transactions
4 data transactions