www.newsweek.com Open in urlscan Pro
99.83.219.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwLV1-WJV7CgLSgW4pZR0k6j2vbyW3zKxpS60d1bxW...
Effective URL:
https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=9...
Submission: On March 06 via api (March 6th 2021, 12:43:29 pm UTC) from DE

Summary HTTP 196 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 74 IPs in 12 countries across 71 domains to perform 196 HTTP transactions. The main IP is 99.83.219.100, located in United States and belongs to AMAZON-02, US. The main domain is www.newsweek.com.
TLS certificate: Issued by Amazon on July 19th 2020. Valid for: a year.

This is the only time www.newsweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	99.83.219.100 99.83.219.100	16509 (AMAZON-02) (AMAZON-02)
37	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20d... 2600:9000:20d7:9200:8:bd4:5580:21	16509 (AMAZON-02) (AMAZON-02)
1	35.244.220.155 35.244.220.155	15169 (GOOGLE) (GOOGLE)
9 15	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	2600:9000:206... 2600:9000:206f:d400:11:2a6a:9480:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	65.9.24.128 65.9.24.128	16509 (AMAZON-02) (AMAZON-02)
1	35.186.195.222 35.186.195.222	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:c800:c:b42a:3740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20d... 2600:9000:20d7:9a00:16:f82a:8600:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20d... 2600:9000:20d7:3600:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1 3	104.108.64.33 104.108.64.33	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:858	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2013	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	34.227.189.155 34.227.189.155	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	13.225.80.120 13.225.80.120	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
2	65.9.58.8 65.9.58.8	16509 (AMAZON-02) (AMAZON-02)
1	52.23.3.189 52.23.3.189	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 13	52.95.118.60 52.95.118.60	16509 (AMAZON-02) (AMAZON-02)
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 18	34.250.193.151 34.250.193.151	16509 (AMAZON-02) (AMAZON-02)
2 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.108.50.124 104.108.50.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	88.214.206.247 88.214.206.247	46636 (NATCOWEB) (NATCOWEB)
2 6	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
5 5	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	54.93.43.1 54.93.43.1	16509 (AMAZON-02) (AMAZON-02)
3	65.9.187.106 65.9.187.106	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2 2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
5 5	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
3 7	52.51.224.103 52.51.224.103	16509 (AMAZON-02) (AMAZON-02)
6 6	35.156.245.144 35.156.245.144	16509 (AMAZON-02) (AMAZON-02)
2 2	88.212.252.2 88.212.252.2	7979 (SERVERS-COM) (SERVERS-COM)
3 4	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	52.6.106.191 52.6.106.191	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	3.222.149.159 3.222.149.159	14618 (AMAZON-AES) (AMAZON-AES)
1	150.136.156.92 150.136.156.92	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3 3	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2 2	185.29.133.199 185.29.133.199	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
3	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	124.146.215.49 124.146.215.49	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	54.194.13.58 54.194.13.58	16509 (AMAZON-02) (AMAZON-02)
4	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	3.127.129.22 3.127.129.22	16509 (AMAZON-02) (AMAZON-02)
2 2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	52.46.130.13 52.46.130.13	16509 (AMAZON-02) (AMAZON-02)
1 1	3.91.110.183 3.91.110.183	14618 (AMAZON-AES) (AMAZON-AES)
1 2	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.164 213.155.156.164	1299 (TELIANET ...) (TELIANET Telia Carrier)
3	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.187.27 65.9.187.27	16509 (AMAZON-02) (AMAZON-02)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.112.176 151.101.112.176	54113 (FASTLY) (FASTLY)
2	54.166.112.225 54.166.112.225	14618 (AMAZON-AES) (AMAZON-AES)
1	34.214.36.192 34.214.36.192	16509 (AMAZON-02) (AMAZON-02)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	35.190.36.172 35.190.36.172	15169 (GOOGLE) (GOOGLE)
196	74

2 199.60.103.254 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.219.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4fb2973ac9c49f88.awsglobalaccelerator.com

www.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

g.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gc.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:9200:8:bd4:5580:21 (United States)

ASN16509 (AMAZON-02, US)

d275im4r3zngba.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.220.155 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 155.220.244.35.bc.googleusercontent.com

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.226 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:d400:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.24.128 (Orlando, United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.195.222 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 222.195.186.35.bc.googleusercontent.com

query.fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:c800:c:b42a:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:9a00:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:3600:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.64.33 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:858 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

geo.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

recommendationengine.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.227.189.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-189-155.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.80.120 (United States)

ASN16509 (AMAZON-02, US)

api-location-prd.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.58.8 (United States)

ASN16509 (AMAZON-02, US)

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.23.3.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

stats.newsweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.95.118.60 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.250.193.151 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.247 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.15 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

amazon-tam-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.43.1 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.187.106 (United States)

ASN16509 (AMAZON-02, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

uploads.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.251 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.51.224.103 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.156.245.144 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.252.2 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.159 (United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.106.191 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom) 2 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.149.159 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.151 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.133.199 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.49 (Frankfurt am Main, Germany) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.49 (Setagaya-ku, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.13.58 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.129.22 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.126.47 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.91.110.183 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.173.220 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.164 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.187.27 (United States)

ASN16509 (AMAZON-02, US)

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.166.112.225 (United States)

ASN14618 (AMAZON-AES, US)

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.214.36.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)

fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7c9dcc426b4a05d939c203b2a6f27036.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.36.172 (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	newsweek.com www.newsweek.com g.newsweek.com d.newsweek.com gc.newsweek.com video.newsweek.com Failed stats.newsweek.com	631 KB
18	gumgum.com 1 redirects rtb.gumgum.com	5 KB
17	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com s.amazon-adsystem.com	41 KB
17	doubleclick.net 9 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	122 KB
11	rubiconproject.com 4 redirects eus.rubiconproject.com token.rubiconproject.com pixel-eu.rubiconproject.com pixel.rubiconproject.com	16 KB
10	pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com aud.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	32 KB
8	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	9 KB
8	googlesyndication.com pagead2.googlesyndication.com 7c9dcc426b4a05d939c203b2a6f27036.safeframe.googlesyndication.com tpc.googlesyndication.com	37 KB
7	adsrvr.org 3 redirects match.adsrvr.org data.adsrvr.org	2 KB
6	bidswitch.net 6 redirects x.bidswitch.net	2 KB
6	lijit.com 1 redirects ap.lijit.com ce.lijit.com	6 KB
6	openx.net 2 redirects u.openx.net us-u.openx.net eu-u.openx.net	2 KB
6	pelcro.com js.pelcro.com www.pelcro.com api-location-prd.pelcro.com uploads.pelcro.com	189 KB
6	privacymanager.io gdpr-wrapper.privacymanager.io gdpr.privacymanager.io geo.privacymanager.io	65 KB
5	adform.net 5 redirects c1.adform.net	2 KB
5	adnxs.com 5 redirects ib.adnxs.com secure.adnxs.com	5 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com	3 KB
4	stripe.com js.stripe.com m.stripe.com	60 KB
4	google-analytics.com www.google-analytics.com	20 KB
3	pushnami.com api.pushnami.com trc.pushnami.com	88 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	716 B
3	outbrain.com 2 redirects sync.outbrain.com	980 B
3	google.com www.google.com adservice.google.com	931 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	fqtag.com query.fqtag.com fqtag.com cdn.fqtag.com	91 KB
3	rlcdn.com ats.rlcdn.com geo.rlcdn.com id.rlcdn.com	60 KB
3	googleapis.com imasdk.googleapis.com recommendationengine.googleapis.com	302 KB
2	facebook.com www.facebook.com	308 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	facebook.net connect.facebook.net	107 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	992 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	972 B
2	tapad.com 2 redirects pixel.tapad.com	983 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	bidr.io 2 redirects match.prod.bidr.io	1011 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	699 B
2	rfihub.com 2 redirects p.rfihub.com	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	quantserve.com 2 redirects pixel.quantserve.com	909 B
2	3lift.com 2 redirects eb2.3lift.com	744 B
2	emxdgt.com cs.emxdgt.com	59 B
2	clean.gg i.clean.gg	104 B
2	google.de www.google.de	195 B
2	chartbeat.net ping.chartbeat.net	337 B
2	bugsnag.com sessions.bugsnag.com	140 B
2	silobreaker.com 1 redirects info.silobreaker.com	3 KB
1	google.ch adservice.google.ch	799 B
1	stripe.network m.stripe.network	13 KB
1	simpli.fi um.simpli.fi	609 B
1	zeotap.com mwzeom.zeotap.com	596 B
1	criteo.com dis.criteo.com	304 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	385 B
1	exelator.com 1 redirects loadm.exelator.com	616 B
1	socdm.com 1 redirects tg.socdm.com	835 B
1	contextweb.com 1 redirects bh.contextweb.com	658 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	585 B
1	zemanta.com 1 redirects b1sync.zemanta.com	281 B
1	technoratimedia.com sync.technoratimedia.com	294 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	610 B
1	dotomi.com amazon-tam-match.dotomi.com
1	admanmedia.com 1 redirects cs.admanmedia.com	409 B
1	2mdn.net s0.2mdn.net	17 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	googletagmanager.com www.googletagmanager.com	57 KB
1	cloudfront.net d275im4r3zngba.cloudfront.net	37 KB
196	71

	Domain	Requested by
19	g.newsweek.com	www.newsweek.com
18	rtb.gumgum.com	1 redirects aax-eu.amazon-adsystem.com rtb.gumgum.com ads.pubmatic.com
16	d.newsweek.com	www.newsweek.com g.newsweek.com
13	aax-eu.amazon-adsystem.com	1 redirects d275im4r3zngba.cloudfront.net aax-eu.amazon-adsystem.com u.openx.net rtb.gumgum.com ap.lijit.com ssum-sec.casalemedia.com
12	cm.g.doubleclick.net	9 redirects u.openx.net rtb.gumgum.com aax-eu.amazon-adsystem.com
6	x.bidswitch.net	6 redirects
6	match.adsrvr.org	3 redirects u.openx.net ssum-sec.casalemedia.com aax-eu.amazon-adsystem.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	c1.adform.net	5 redirects
4	pixel.rubiconproject.com	aax-eu.amazon-adsystem.com
4	token.rubiconproject.com	3 redirects aax-eu.amazon-adsystem.com
4	ce.lijit.com	ap.lijit.com
4	ib.adnxs.com	4 redirects
4	pagead2.googlesyndication.com	srcdoc securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.newsweek.com d275im4r3zngba.cloudfront.net www.google-analytics.com
3	tpc.googlesyndication.com	d275im4r3zngba.cloudfront.net
3	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
3	ads.pubmatic.com	rtb.gumgum.com ads.pubmatic.com
3	sync-tm.everesttech.net	3 redirects
3	sync.outbrain.com	2 redirects rtb.gumgum.com
3	us-u.openx.net	1 redirects u.openx.net
3	js.stripe.com	d275im4r3zngba.cloudfront.net js.stripe.com
3	ssum-sec.casalemedia.com	1 redirects aax-eu.amazon-adsystem.com ssum-sec.casalemedia.com
3	sb.scorecardresearch.com	1 redirects www.newsweek.com d275im4r3zngba.cloudfront.net
3	c.amazon-adsystem.com	www.newsweek.com c.amazon-adsystem.com
3	gdpr-wrapper.privacymanager.io	www.newsweek.com js.pelcro.com
3	securepubads.g.doubleclick.net	www.newsweek.com securepubads.g.doubleclick.net
2	trc.pushnami.com	js.pelcro.com
2	www.facebook.com
2	sync.search.spotxchange.com	1 redirects
2	connect.facebook.net	d275im4r3zngba.cloudfront.net
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	pixel.tapad.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	p.rfihub.com	2 redirects
2	sync.mathtag.com	2 redirects
2	sync.1rx.io	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	pixel.quantserve.com	2 redirects
2	eb2.3lift.com	2 redirects
2	ap.lijit.com	1 redirects aax-eu.amazon-adsystem.com
2	u.openx.net	1 redirects aax-eu.amazon-adsystem.com
2	ups.analytics.yahoo.com	2 redirects
2	eus.rubiconproject.com	aax-eu.amazon-adsystem.com eus.rubiconproject.com
2	cs.emxdgt.com	aax-eu.amazon-adsystem.com rtb.gumgum.com
2	geo.privacymanager.io	js.pelcro.com
2	i.clean.gg	d275im4r3zngba.cloudfront.net
2	api-location-prd.pelcro.com	js.pelcro.com
2	www.google.de	www.newsweek.com
2	www.google.com	www.newsweek.com
2	ping.chartbeat.net	www.newsweek.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	sessions.bugsnag.com	js.pelcro.com
2	js.pelcro.com	www.newsweek.com d275im4r3zngba.cloudfront.net
2	imasdk.googleapis.com	www.newsweek.com imasdk.googleapis.com
2	info.silobreaker.com	1 redirects
1	cdn.fqtag.com	d275im4r3zngba.cloudfront.net
1	7c9dcc426b4a05d939c203b2a6f27036.safeframe.googlesyndication.com	d275im4r3zngba.cloudfront.net
1	adservice.google.com	d275im4r3zngba.cloudfront.net
1	adservice.google.ch	d275im4r3zngba.cloudfront.net
1	fqtag.com	d275im4r3zngba.cloudfront.net
1	m.stripe.com	m.stripe.network
1	m.stripe.network	js.stripe.com
1	api.pushnami.com	d275im4r3zngba.cloudfront.net
1	simage4.pubmatic.com	ads.pubmatic.com
1	ads.yahoo.com	aax-eu.amazon-adsystem.com
1	id.rlcdn.com	aax-eu.amazon-adsystem.com
1	simage2.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	pixel-eu.rubiconproject.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	s.amazon-adsystem.com	ssum-sec.casalemedia.com
1	data.adsrvr.org	ap.lijit.com
1	loadm.exelator.com	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	tg.socdm.com	1 redirects
1	bh.contextweb.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	sync.technoratimedia.com	rtb.gumgum.com
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	secure.adnxs.com	1 redirects
1	eu-u.openx.net	u.openx.net
1	uploads.pelcro.com	www.newsweek.com
1	amazon-tam-match.dotomi.com	aax-eu.amazon-adsystem.com
1	cs.admanmedia.com	1 redirects
1	stats.newsweek.com	d275im4r3zngba.cloudfront.net
1	video.newsweek.com	www.newsweek.com g.newsweek.com
1	recommendationengine.googleapis.com	www.newsweek.com
1	s0.2mdn.net	imasdk.googleapis.com
1	geo.rlcdn.com	js.pelcro.com
1	gc.newsweek.com	www.newsweek.com
1	www.pelcro.com	js.pelcro.com
1	static.chartbeat.com	info.silobreaker.com
1	gdpr.privacymanager.io	gdpr-wrapper.privacymanager.io
1	query.fqtag.com	www.newsweek.com
1	www.googletagmanager.com	www.newsweek.com
1	ats.rlcdn.com	www.newsweek.com
1	d275im4r3zngba.cloudfront.net	www.newsweek.com
1	www.newsweek.com	info.silobreaker.com
196	112

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.pinterest.com
reddit.com
flipboard.com
www.instagram.com
www.newsweekjapan.jp
www.newsweekpakistan.com
www.newsweek.pl
newsweek.ro

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
*.newsweek.com Amazon	`2020-07-19` - `2021-08-19`	a year	crt.sh
g.newsweek.com R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
d.newsweek.com R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
ats.rlcdn.com GTS CA 1D2	`2021-01-12` - `2021-04-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.privacymanager.io Amazon	`2020-10-24` - `2021-11-23`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.fqtag.com R3	`2021-01-29` - `2021-04-29`	3 months	crt.sh
*.pelcro.com Amazon	`2021-01-13` - `2022-02-10`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
pelcro.com Sectigo RSA Extended Validation Secure Server CA	`2020-02-25` - `2022-02-18`	2 years	crt.sh
gc.newsweek.com R3	`2021-01-16` - `2021-04-16`	3 months	crt.sh
geo.rlcdn.com GTS CA 1D2	`2021-02-23` - `2021-05-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
i.clean.gg GTS CA 1D2	`2021-02-18` - `2021-05-19`	3 months	crt.sh
video.newsweek.com R3	`2021-01-10` - `2021-04-10`	3 months	crt.sh
newsweek.com Amazon	`2020-12-29` - `2022-01-27`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-01-19` - `2021-05-04`	3 months	crt.sh
uploads.pelcro.com R3	`2021-01-31` - `2021-05-01`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.semasio.net Sectigo ECC Domain Validation Secure Server CA	`2020-03-09` - `2021-03-27`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-28` - `2021-04-13`	a month	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.pushnami.com Amazon	`2020-05-16` - `2021-06-16`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-20` - `2021-05-04`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh

This page contains 33 frames:

Primary Page: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
Frame ID: 30027779BFB7F495E29CC75C73E881B5
Requests: 100 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: C8168490DE78280A6641EE3D0FF76820
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B2464F95A51D0BDECE3CC1DF0A035C06
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&dcc=t
Frame ID: 1D68AF186F307E848B6F668F75682D4E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 7C0C4FBE37EC58B56551A98E3DFC1D87
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: BA420392F4DE938C7B3C2AEE4F435C09
Requests: 13 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Frame ID: 7BF916911601CBD8166272EE9765DE53
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 01ED3BFC0E929EAC1526FAAE9BCB2A4C
Requests: 12 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-PCdvXFl1l2Nc179TI1XSimM.rn3zA78-&
Frame ID: ED2F0F3B62BB7B68BAE9825A572FBFA0
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Frame ID: 6866CBB902E930EAB95B1C183342EC10
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 718D98763B728D535879524D1952C796
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=4589742734178689060&ex=districtm
Frame ID: 033EDFEB022E1804898CBB8FB3E52BC1
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 38FFECD56A0BCA9C56AFBF44F5F49BE2
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=8282508017950710579&ex=appnexus.com
Frame ID: 8EE340C80997F634F061D6CEC33752E5
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 294A5A90B6911344B998852A0B88D4B1
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=10801851931928103450
Frame ID: 31BA6E83CFE9D217A016812A5F145E25
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=36576043-78dc-4600-94e6-3e739ba2f49b&gdpr=&gdpr_consent=
Frame ID: D394AC9D2FE15082B5C6BDB8C129532A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YEN43AAAAF2b0CrK&gdpr=&gdpr_consent=&_test=YEN43AAAAF2b0CrK
Frame ID: 380231A7E5E20463F4CDF73AF1462EA3
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NmVmNDk0My0wNzM0LTRlNWQtYjhhNS0zODUzYTczNTczMTE=&gdpr=&gdpr_consent=
Frame ID: 4DF0663ECBE77DC71865E5BAC0ADA840
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 9300C5B839C2FB8BF29B6E9FC03CF990
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=d0c2b0a5-10cf-424f-952e-1476f578c35c&t=1617626588
Frame ID: F24B62223468ED0F76551951A9345F1F
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 61C94C653605C979F7009C2B67E9C7A9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YEN43cCo8YAAAHoPMnYAAAAA
Frame ID: 62DAB8BC0AA66F5D1C44990BE510EC9E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871878968079502160
Frame ID: B03D9D0EA751CDD13E4DDDCDB74DEC2F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=S2nbV07LlYrAwk9XWh3U&pi=gumgum&tc=1
Frame ID: 8ABCC448CE557F29D3562B0386458379
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 71562DD1AB4E3555BB25522056D9ED73
Requests: 11 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C62FDCF697C540E65EA90E2CF7ED7371
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1045490487372136254
Frame ID: F1C857FF1B116D0EEE22E4A1106B8BB0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8
Frame ID: 5F3D1DFA5650CF790C9D3FFF81FE97A4
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-8dc667e22429e9795dce1a8237a76325.html
Frame ID: CFAF4481622BDA77905D35C3CCC6C641
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: BA79697EE5BFA9B24E3136544F295234
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 47CCBD884091D6B4D1A593A3E38341B3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 2E4B250195B2A1CC7C30DFB1D2F5FE2A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwLV1-WJV7CgLSgW4pZR0k... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwL... HTTP 307
https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-s... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

196
Requests

98 %
HTTPS

29 %
IPv6

71
Domains

112
Subdomains

74
IPs

12
Countries

2029 kB
Transfer

6299 kB
Size

55
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Mitt+Romney+pushes+back+on+giving+some+states+COVID+relief%2C+%22It+doesn%27t+make+any+sense%22+https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.newsweek.com%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087&title=Mitt+Romney+pushes+back+on+giving+some+states+COVID+relief%2C+%22It+doesn%27t+make+any+sense%22
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087&media=https://d.newsweek.com/en/full/1750474/mitt-romney.jpg&description=Mitt%20Romney%20pushes%20back%20on%20giving%20some%20states%20COVID%20relief,%20%22It%20doesn%27t%20make%20any%20sense%22
Title: Share on Pinterest

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087&title=Mitt%20Romney%20pushes%20back%20on%20giving%20some%20states%20COVID%20relief,
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://flipboard.com/
Title: Share on Flipboard

Search URL Search Domain Scan URL

URL: https://twitter.com/hashtag/COVID19?src=hashtag_click
Title: #COVID19

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Newsweek

Search URL Search Domain Scan URL

URL: https://twitter.com/Newsweek

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newsweek/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/newsweek

Search URL Search Domain Scan URL

URL: https://www.newsweekjapan.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.newsweekpakistan.com/
Title: Pakistan

Search URL Search Domain Scan URL

URL: https://www.newsweek.pl/
Title: Polska

Search URL Search Domain Scan URL

URL: https://newsweek.ro/
Title: România

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwLV1-WJV7CgLSgW4pZR0k6j2vbyW3zKxpS60d1bxW8wms8H69m0ZRW6NW5Md3GbhWdN8BxZ70jr0m1W66ttw78bNStTMSBQD-FfSW7W3Y_NKb2mck7wN7FQDCgVgv5GW3YcT9K6pF02ZW8Rmfrt12JNwYVQpK-16xCJhlW2hF1018j6JKlW89Mvhc5B_D0TW3MQ1Mf6Jvr_xW9m1xJT7QFG__W93xnFx1_VdgJW1wCTL13TJbgnW8X-vF65hpPhyW1gkg_m3rK6YXW2gx-xD7Vj3Y2W1yr3CH6rYgB_VTCFfh6CTGwHW1GCkKh7zZq-7W7dlZDq3h923nW3qsZqb2G8zbqW8tHC059lYvjNN4mbdH7jMmBR3lgX1 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwLV1-WJV7CgLSgW4pZR0k6j2vbyW3zKxpS60d1bxW8wms8H69m0ZRW6NW5Md3GbhWdN8BxZ70jr0m1W66ttw78bNStTMSBQD-FfSW7W3Y_NKb2mck7wN7FQDCgVgv5GW3YcT9K6pF02ZW8Rmfrt12JNwYVQpK-16xCJhlW2hF1018j6JKlW89Mvhc5B_D0TW3MQ1Mf6Jvr_xW9m1xJT7QFG__W93xnFx1_VdgJW1wCTL13TJbgnW8X-vF65hpPhyW1gkg_m3rK6YXW2gx-xD7Vj3Y2W1yr3CH6rYgB_VTCFfh6CTGwHW1GCkKh7zZq-7W7dlZDq3h923nW3qsZqb2G8zbqW8tHC059lYvjNN4mbdH7jMmBR3lgX1?_ud=5e930e46-f465-4097-86e3-b761fbc987e6&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1615034586450&ns_c=UTF-8&c8=Mitt%20Romney%20Pushes%20Back%20on%20Giving%20Some%20States%20COVID%20Relief%2C%20%27It%20Doesn%27t%20Make%20Any%20Sense%27&c7=https%3A%2F%2Fwww.newsweek.com%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1615034586450&ns_c=UTF-8&c8=Mitt%20Romney%20Pushes%20Back%20on%20Giving%20Some%20States%20COVID%20Relief%2C%20%27It%20Doesn%27t%20Make%20Any%20Sense%27&c7=https%3A%2F%2Fwww.newsweek.com%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw&c9=&cs_ak_ss=1

Request Chain 80

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&dcc=t

Request Chain 85

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1

Request Chain 87

https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-PCdvXFl1l2Nc179TI1XSimM.rn3zA78-&

Request Chain 88

https://cs.admanmedia.com/sync/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dacuity.com%26id%3D%24UID HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451

Request Chain 89

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Request Chain 90

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=4589742734178689060&ex=districtm

Request Chain 92

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=8282508017950710579&ex=appnexus.com

Request Chain 93

https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1

Request Chain 94

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=10801851931928103450

Request Chain 99

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=PIHDrD2Jk_wngJP8bIfarDOJwawn08GpOYRDdn0f

Request Chain 100

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1080325640336079090

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmM4MWI1NGEtZjI5ZS02Y2VlLTdjNTgtZTVlZWNhNGY3Njkx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmM4MWI1NGEtZjI5ZS02Y2VlLTdjNTgtZTVlZWNhNGY3Njkx&google_tc=

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPj1oaNjFcYHtjY8lY1stY&google_cver=1

Request Chain 106

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=4589742734178689060

Request Chain 107

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_76ef4943-0734-4e5d-b8a5-3853a7357311&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_76ef4943-0734-4e5d-b8a5-3853a7357311&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=0c67fd88-b7a1-5141-ac2b-0ba1cc68737c&ssp=gumgum2&expires=30&user_group=1 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=0d987996-a689-47e3-94d1-d3f86dd95b26

Request Chain 108

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%286X2uoO9zdFF6rNDOgwocUtf0soFVIa9qp-Stm4Egb7FnmFzVlSN0YsC8XPdAGgrS%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%286X2uoO9zdFF6rNDOgwocUtf0soFVIa9qp-Stm4Egb7FnmFzVlSN0YsC8XPdAGgrS%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_76ef4943-0734-4e5d-b8a5-3853a7357311&obuid=ENC(6X2uoO9zdFF6rNDOgwocUtf0soFVIa9qp-Stm4Egb7FnmFzVlSN0YsC8XPdAGgrS) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 109

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=b7d3c2f0-13fc-0a1c-0ec3-afbac8fdb9b7

Request Chain 110

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-58e82823-0729-4ae2-42fa-12c32938b433$ip$185.156.175.107

Request Chain 111

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-MiJPRfR1lxAQtRQDSYQjsM9i.XR7bgx3To3Y

Request Chain 112

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=81143660-7e79-11eb-a11f-13a09c0bd326

Request Chain 114

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_76ef4943-0734-4e5d-b8a5-3853a7357311&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=

Request Chain 115

https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3951994863 HTTP 302
https://sync.1rx.io/usersync/tradedesk/d0c2b0a5-10cf-424f-952e-1476f578c35c HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7dc11a77-aabb-43ec-a6bc-74b564cb256d-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-7dc11a77-aabb-43ec-a6bc-74b564cb256d-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-7dc11a77-aabb-43ec-a6bc-74b564cb256d-003

Request Chain 116

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=XqJTTnzh7VZ2&ev=1&pid=558355

Request Chain 118

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=36576043-78dc-4600-94e6-3e739ba2f49b&gdpr=&gdpr_consent=

Request Chain 119

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YEN43AAAAF2b0CrK HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YEN43AAAAF2b0CrK&gdpr=&gdpr_consent=&_test=YEN43AAAAF2b0CrK

Request Chain 122

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=d0c2b0a5-10cf-424f-952e-1476f578c35c&t=1617626588

Request Chain 124

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YEN43cCo8YAAAHoPMnYAAAAA

Request Chain 125

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1871878968079502160

Request Chain 126

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=S2nbV07LlYrAwk9XWh3U&pi=gumgum&tc=1

Request Chain 128

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ce.lijit.com/merge?pid=85&3pid=AACdE07AhvIAAEcRlr-KpQ

Request Chain 129

https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_user_id=0d987996-a689-47e3-94d1-d3f86dd95b26 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_user_id=0d987996-a689-47e3-94d1-d3f86dd95b26 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=9fc9ad6f-6c64-49ca-b52f-5690f758cb3f&ssp=fmx HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=0d987996-a689-47e3-94d1-d3f86dd95b26

Request Chain 130

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348&gdpr=0&gdpr_consent=

Request Chain 132

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=1871878968079502162

Request Chain 134

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEN43MibGwzG-GaWDM3rvAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPdYBRkTOzwGrsiou-YV8xM&google_cver=1

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEN43MibGwzG_GaWDM3rvAAABHMAAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDPb3nWCvBM1DmoZFuPxocw&google_cver=1

Request Chain 137

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=05ed6b6f-6880-4db5-a7d9-58fc9a6447eb&expiration=1646570591

Request Chain 138

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YEN43MibGwzG-GaWDM3rvAAA%261139 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YEN43MibGwzG-GaWDM3rvAAA%261139

Request Chain 139

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8042456573044256371&expiration=1616244188

Request Chain 140

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=clI0b3NaZD9pU2Q_IlQtb31aNm9pADZqd1dDczZj

Request Chain 148

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KLXPW878-16-7MQS&ex=d-rubiconproject.com&status=ok

Request Chain 150

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1045490487372136254

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L6yVocSHTYmiCqECj23j2A%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 154

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 155

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&addseg=31

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkZBQzk1QTEtQzQ4Ny00RDg5LUEyMEEtQTEwMjhGNkRFM0Q4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPk-EHhaEUDT8W_8-AyhQ_k&google_cver=1

Request Chain 159

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8042456573044256371

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmzojnEdLgrS5NYKmW4uU0&google_cver=1

Request Chain 162

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=36576043-78dc-4600-94e6-3e739ba2f49b

Request Chain 164

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YEN43AAAAF2b0CrK

Request Chain 165

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/-moa0ha2U4yE9ZKJfBy0Msn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2181450660253429624

Request Chain 166

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLXPW878-16-7MQS&sigv=1&esig=2~c14c2dea48b2b729ea304663654360f86413d9f8

Request Chain 167

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGM4ZDc2NGM2YmY1MDNiMDg2MjU2MDFiMGIzNDQ0NDE1ZjlkN2UxYQ

Request Chain 173

https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5 HTTP 302
https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=833b3c24-7e79-11eb-8b1e-1348667f2506

196 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwLV1-WJV7CgLSgW4pZR0k6j2vbyW3zKxpS60d1bxW8wms8H69m0ZRW6NW5Md3GbhWdN8BxZ70jr0m1W66ttw78bNStTMSBQD-FfSW7W3Y_NKb2mck7wN7FQDCgVgv5GW3YcT9K6pF02ZW8Rmfrt12... Show response
info.silobreaker.com/e2t/tc/ 9 KB
3 KB 74ms
73ms Document
text/html 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwLV1-WJV7CgLSgW4pZR0k6j2vbyW3zKxpS60d1bxW8wms8H69m0ZRW6NW5Md3GbhWdN8BxZ70jr0m1W66ttw78bNStTMSBQD-FfSW7W3Y_NKb2mck7wN7FQDCgVgv5GW3YcT9K6pF02ZW8Rmfrt12JNwYVQpK-16xCJhlW2hF1018j6JKlW89Mvhc5B_D0TW3MQ1Mf6Jvr_xW9m1xJT7QFG__W93xnFx1_VdgJW1wCTL13TJbgnW8X-vF65hpPhyW1gkg_m3rK6YXW2gx-xD7Vj3Y2W1yr3CH6rYgB_VTCFfh6CTGwHW1GCkKh7zZq-7W7dlZDq3h923nW3qsZqb2G8zbqW8tHC059lYvjNN4mbdH7jMmBR3lgX1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdaf85fe81d43fc3660c06d3ab5e45746aedb293cf66a79134e907a9d6c5a346

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwLV1-WJV7CgLSgW4pZR0k6j2vbyW3zKxpS60d1bxW8wms8H69m0ZRW6NW5Md3GbhWdN8BxZ70jr0m1W66ttw78bNStTMSBQD-FfSW7W3Y_NKb2mck7wN7FQDCgVgv5GW3YcT9K6pF02ZW8Rmfrt12JNwYVQpK-16xCJhlW2hF1018j6JKlW89Mvhc5B_D0TW3MQ1Mf6Jvr_xW9m1xJT7QFG__W93xnFx1_VdgJW1wCTL13TJbgnW8X-vF65hpPhyW1gkg_m3rK6YXW2gx-xD7Vj3Y2W1yr3CH6rYgB_VTCFfh6CTGwHW1GCkKh7zZq-7W7dlZDq3h923nW3qsZqb2G8zbqW8tHC059lYvjNN4mbdH7jMmBR3lgX1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:05 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=dc0ce6aa4846fa23807cde5f20c92620b1615034585; expires=Mon, 05-Apr-21 12:43:05 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=fdce588bd91162ff79c1c146099be58f941c55f4-1615034585; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 62bbaaef7af12355-ZRH
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 08a92929ab0000235522398000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IiePWHGVe7xlp42Qb4nsz96mLPFJEzKfhi0GLEtb%2B%2BuwLbPdM1i2wDIZyWlmp9RHTaExsdTL%2FbU3xLy07la6pn6mZ1wJGr4DShkG4Wl0erFaV%2FkOVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087 Show response
www.newsweek.com/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwLV1-WJV7CgLSgW4pZR0k6j2vbyW3zKxpS60d1bxW8wms8H69m0ZRW6NW5Md3GbhWdN8BxZ70jr0m1W66ttw78bNStTMSB...
https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgW...

220 KB
50 KB

360ms
127ms

Document
text/html

99.83.219.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwLV1-WJV7CgLSgW4pZR0k6j2vbyW3zKxpS60d1bxW8wms8H69m0ZRW6NW5Md3GbhWdN8BxZ70jr0m1W66ttw78bNStTMSBQD-FfSW7W3Y_NKb2mck7wN7FQDCgVgv5GW3YcT9K6pF02ZW8Rmfrt12JNwYVQpK-16xCJhlW2hF1018j6JKlW89Mvhc5B_D0TW3MQ1Mf6Jvr_xW9m1xJT7QFG__W93xnFx1_VdgJW1wCTL13TJbgnW8X-vF65hpPhyW1gkg_m3rK6YXW2gx-xD7Vj3Y2W1yr3CH6rYgB_VTCFfh6CTGwHW1GCkKh7zZq-7W7dlZDq3h923nW3qsZqb2G8zbqW8tHC059lYvjNN4mbdH7jMmBR3lgX1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a4fb2973ac9c49f88.awsglobalaccelerator.com

Software

Resource Hash

86119508451510c4b9db24c9fba4d808f20e39b73ab16942717700a2316947d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.newsweek.com
:scheme: https
:path: /mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwLV1-WJV7CgLSgW4pZR0k6j2vbyW3zKxpS60d1bxW8wms8H69m0ZRW6NW5Md3GbhWdN8BxZ70jr0m1W66ttw78bNStTMSBQD-FfSW7W3Y_NKb2mck7wN7FQDCgVgv5GW3YcT9K6pF02ZW8Rmfrt12JNwYVQpK-16xCJhlW2hF1018j6JKlW89Mvhc5B_D0TW3MQ1Mf6Jvr_xW9m1xJT7QFG__W93xnFx1_VdgJW1wCTL13TJbgnW8X-vF65hpPhyW1gkg_m3rK6YXW2gx-xD7Vj3Y2W1yr3CH6rYgB_VTCFfh6CTGwHW1GCkKh7zZq-7W7dlZDq3h923nW3qsZqb2G8zbqW8tHC059lYvjNN4mbdH7jMmBR3lgX1

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-type: text/html; charset=UTF-8
content-length: 50337
cache-control: public, max-age=3600
vary: Accept-Encoding
content-encoding: gzip
x-b: V6.3-1 web1
age: 94
x-cache: hit cached
x-cache-hits: 12
x-forwarded-for: 185.156.175.107
x-ua-device: desktop
set-cookie: X-UA-Info=country|CH|state|ZH|city|Zurich|latitude|47.394000|longitude|8.445000|isp|M247 Ltd|ip|185.156.175.107|device|desktop|time|1615034586; path=/;
x-debug
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400; includeSubDomains
accept-ranges: bytes

Redirect headers

date: Sat, 06 Mar 2021 12:43:05 GMT
location: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
cf-ray: 62bbaaeffbf52355-ZRH
link: <https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 08a92929fd000023557a83b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cnBzsiS53sbE94sf1kazEJyqI1q9lPBF4YzTsuG9TlMBKCxKuye2xCPxCQlzwivmFtq3sdYh%2FTbKACmMuThhe9ofRkXuALwGFZOha2hJxK2uTjnEKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare

GET
H2 200 robotocondensed-bold-webfont.woff2
g.newsweek.com/www/fonts/ 20 KB
20 KB 107ms
37ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/fonts/robotocondensed-bold-webfont.woff2

Requested by

Host: www.newsweek.com
URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Origin: https://www.newsweek.com
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 09:49:34 GMT
server: Apache
etag: "1613382574"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds138.fr8.hn,1615034586.cds126.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 20051

GET
H2 200 robotocondensed-regular-webfont.woff2
g.newsweek.com/www/fonts/ 20 KB
20 KB 107ms
38ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/fonts/robotocondensed-regular-webfont.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Origin: https://www.newsweek.com
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Wed, 23 Dec 2020 07:21:09 GMT
server: Apache
etag: "1608708069"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds138.fr8.hn,1615034586.cds252.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 20051

GET
H2 200 Genericons.woff2
g.newsweek.com/www/fonts/ 10 KB
11 KB 138ms
69ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/fonts/Genericons.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

ceea53e44ec565f4238f76684d3c16fe2c0806d7d0208678105d6f64320b8e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Origin: https://www.newsweek.com
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Sat, 20 Feb 2021 06:57:34 GMT
server: Apache
etag: "1613804254"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds138.fr8.hn,1615034586.cds254.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 10711

GET
H2 200 btf.css
g.newsweek.com/sys/css/ 4 KB
1 KB 98ms
35ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/btf.css?v=1614873392

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

5b191c0b8cd4fe9d3fa6a2c5fda524c9cb392f0ab959e924d7d9786b04953503

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 15:56:35 GMT
server: Apache
etag: "1614873395"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds272.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 1244

GET
H2 200 btf_article.css
g.newsweek.com/sys/css/ 37 KB
8 KB 101ms
38ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/btf_article.css?v=1614873392

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

074786a3de88278cafa18f3d3ed636d7fb9b84c18ec821d5bbe7684bfe2fe3d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 15:56:35 GMT
server: Apache
etag: "1614873395"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds280.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 7742

GET
H2 200 editor.css
g.newsweek.com/sys/css/ 22 KB
5 KB 123ms
60ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/editor.css?v=1614873392

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

bce4bf08bdc9a63708fd9a343ce3f3a7b2af8b2e4ad2f7606c4ab7021605fa4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 15:56:35 GMT
server: Apache
etag: "1614873395"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds226.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 4992

GET
H2 200 more_slideshows_inline.css
g.newsweek.com/sys/css/ 788 B
507 B 122ms
59ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/more_slideshows_inline.css?v=1614873392

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

fc6686761d3664feb55c6717335a43fcc4f9546505e3c1fd2d5c8bdb807b3b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 15:56:35 GMT
server: Apache
etag: "1614873395"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds250.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 412

GET
H2 200 in_text_slideshows_inline.css
g.newsweek.com/sys/css/ 1 KB
527 B 122ms
60ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/in_text_slideshows_inline.css?v=1614873392

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

c829f9d67ab7851c5ce62820191525d4581aa26bc0a18f6cba0b5af2c7912dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 15:56:35 GMT
server: Apache
etag: "1614873395"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds214.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 431

GET
H2 200 f975cb2dee59c2867351daea194bffe3.css
g.newsweek.com/sys/css/ 61 KB
14 KB 100ms
38ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/css/f975cb2dee59c2867351daea194bffe3.css?v=1614873392

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

e5e8c4fe82b17fc138e3e284baa752e44fefc0764e5fd4c25e84bc438cc70894

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 15:56:35 GMT
server: Apache
etag: "1614873395"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds161.fr8.c
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 14523

GET
H2 200 07bba1a9c30c8f01d28d980808d6b064.js Show response
g.newsweek.com/sys/js/ 552 KB
154 KB 178ms
117ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/js/07bba1a9c30c8f01d28d980808d6b064.js?v=1614873392

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

f10879aaa1ec1d5db23ce2a79e0cbf134606c54933f81677a5b9c9150488bd4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 15:56:35 GMT
server: Apache
etag: "1614873395"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds232.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 157072

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 327 KB
113 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115081
x-xss-protection: 0
expires: Sat, 06 Mar 2021 12:43:06 GMT

GET
H2 200 stimulus.webp
d.newsweek.com/en/full/1750219/ 91 KB
91 KB 121ms
39ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1750219/stimulus.webp?w=790&h=444&q=75&f=b627b237a50b42b88f84a1236fc8ae19

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

783a62f3eb9e69c9d4321076a2f2cdf29a482df8edabdca3282ed6fd72628204

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
last-modified: Fri, 05 Mar 2021 16:24:10 GMT
server: Apache
x-cacheable: YES
etag: "1614961450"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds157.fr8.hn,1615034586.cds149.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 92740

GET
H2 200 518ec47cf8245d54b92ff59a32c5dd83.js Show response
g.newsweek.com/sys/js/ 138 KB
43 KB 167ms
105ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/js/518ec47cf8245d54b92ff59a32c5dd83.js?v=1614873392

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

3ff627e749e7a39cfaed11234bddb20a699d7a6c839e26ddf04ef21a2a2d8133

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 15:56:35 GMT
server: Apache
etag: "1614873395"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds229.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 43875

GET
H2 200 script.js Show response
d275im4r3zngba.cloudfront.net/ 110 KB
37 KB 109ms
49ms Script
application/javascript 2600:9000:20d7:9200:8:bd4:5580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d275im4r3zngba.cloudfront.net/script.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:9200:8:bd4:5580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 027cdd160b8cd7846376309f6a3f089087d4da7d1fe894dbfb41a7ca682420df

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 16:23:33 GMT
server: AmazonS3
x-amz-cf-pop: ZAG50-C1
etag: W/"29a74dafc784a65c2d82f355f88118a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6fdf2ccc380f11286f9756c9578f26c6.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: YTHaPtCivqqRq0-dyPbPvihx2SJRk6lFi-nm8KLWLcQ0Yo6JPitWpA==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 182 KB
60 KB 78ms
22ms Script
application/javascript 35.244.220.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.220.155 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 155.220.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5e8e5fe8bda51e143511122e4296e652c905e0e7445cad6e3b79365eafaa7f0d

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 23:03:23 GMT
content-encoding: gzip
age: 135583
x-guploader-uploadid: ABg5-UxfjOpzFTTiqJMngUx0NHiiw-1gSsalGg9rGrWaxu0JKsAcOf2u5sLkddmynpXclXK7Ddu6DGlLWTSZmJJ-FEk
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 60625
last-modified: Fri, 22 Jan 2021 08:44:43 GMT
server: UploadServer
etag: "cd29a4c3533e427f1b5c357933c3c1ec"
x-goog-hash: crc32c=NT+O6A==, md5=zSmkw1M+Qn8bXDV5M8PB7A==
x-goog-generation: 1611305083757651
cache-control: no-transform
x-goog-stored-content-length: 60625
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Mar 2022 23:03:23 GMT

GET
H2 200 prebid.js Show response
g.newsweek.com/www/js/ 429 KB
135 KB 99ms
61ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/www/js/prebid.js?v=4.28.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

94b2fd1bbb2e106afbec3d5c27e7f3083ca9e4dc94efd79d53a3fb62ada26234

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 04:30:00 GMT
server: Apache
etag: "1614227400"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds276.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 137951

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 57 KB
20 KB 41ms
36ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

0f07a672eb10bd2d82f8edcc8002949707f86ebdd39c230a28e7e59aa2d15f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "803 / 20 of 1000 / last-modified: 1614985848"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19727
x-xss-protection: 0
expires: Sat, 06 Mar 2021 12:43:06 GMT

GET
H2 200 gdpr-liveramp.js Show response
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ 19 KB
7 KB 30ms
7ms Script
text/javascript 2600:9000:206f:d400:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/gdpr-liveramp.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d400:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df02d0528c82b30c35f6650bf806090e43216e075a6404afb46c60dcc9ccc38c

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 05 Mar 2021 17:06:49 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 14:39:27 GMT
server: AmazonS3
age: 70578
etag: W/"3244245ccb4b317c129dcde0ac787f0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 7q5CTLdYLMxsm4JV5KEULrR1uQxNwbUM
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
content-disposition: attachment; filename="gdpr-liveramp.js"
x-amz-cf-pop: FRA56-C1
content-type: text/javascript
x-amz-cf-id: S8O688lhsiUGk8LL8zsrkO6gk6lqfqhCQWGk4585HmKaeC7ZVUWyGw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
57 KB 27ms
24ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TVS8NW5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2971bdd780546ddee609798b86a19dbb9ba613149f4d66f6b58c289558657faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57748
x-xss-protection: 0
last-modified: Sat, 06 Mar 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Mar 2021 12:43:06 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 162ms
55ms Script
application/javascript 65.9.24.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:35:15 GMT
content-encoding: gzip
server: Server
age: 471
etag: d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 eea0826c9064fc2d08f21b43b4a26011.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id: CHDhsuLciPWfIwLSurXy5mukOfBkecy0jEH_HiuedMk58APxh67K0A==

GET
H2 200 b Show response
query.fqtag.com/ 82 B
163 B 91ms
38ms Script
text/plain 35.186.195.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.fqtag.com/b?org=YQwTNw4Muk9XFo4QH9JJ&sk=Wxsob0fAt4ZFyMO18SqG&callback=fq_callback&p=www.newsweek.com_article&a=article&cmp=none&cb=1615034586168&url=none&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.222 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 222.195.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
via: 1.1 google
alt-svc: clear
content-length: 82

GET
H2 200 83694e4b1e95c0ef591612ee7fe04d07.js Show response
g.newsweek.com/sys/js/ 68 KB
18 KB 115ms
113ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://g.newsweek.com/sys/js/83694e4b1e95c0ef591612ee7fe04d07.js?v=1614873392

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

08f02dc6c4a3a464ac5b5f8940ab6e3336af212ed448e27c5f4414394150bac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 15:56:35 GMT
server: Apache
etag: "1614873395"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 18591

GET
H2 200 main.min.js Show response
js.pelcro.com/sdk/ 254 KB
66 KB 63ms
18ms Script
text/javascript 2600:9000:21f3:c800:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/sdk/main.min.js
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c800:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a72c001fcf73fc087a7dffd420f3d3e714546d4c093df0afc174d876e1c9368b

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 05:53:14 GMT
content-encoding: br
last-modified: Fri, 05 Mar 2021 05:42:46 GMT
server: AmazonS3
age: 24592
etag: "c274c4ec617e711a2194e14199cd22c3"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 66739
x-amz-cf-id: SHKoFcWej0R2n4BrunkqNxarJZEr6OwhEYJVb3QSO-6t7gm8wYHAdQ==

GET
H2 200 icon-search-glass.svg
g.newsweek.com/www/images/ 485 B
413 B 112ms
111ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/icon-search-glass.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

62650fd33dce4209d2585176f5f4fcee4fb5abdeba5f3140bec1dd5f9abe043a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 09:49:41 GMT
server: Apache
etag: "1613382581"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds145.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 293

GET
H2 200 flipboard_srrw.png
g.newsweek.com/img/home/ 877 B
1015 B 75ms
75ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/img/home/flipboard_srrw.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

e4cf1c133b96419d7116640c9850740280ad5aed7e54b9749f7bb3211d6be4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Wed, 25 Nov 2020 22:44:35 GMT
server: Apache
etag: "1606344275"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds266.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 900

GET
H2 200 mitt-romney.webp
d.newsweek.com/en/full/1750474/ 22 KB
22 KB 39ms
35ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1750474/mitt-romney.webp?w=790&f=f3c8106ef2cdb44009eaed1e53e4e420

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

f750334a4025cb690ec9149313637a5ea4388fcd4cea6aab38e835a3d2e64ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
last-modified: Fri, 05 Mar 2021 16:58:37 GMT
server: Apache
x-cacheable: YES
etag: "1614963517"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds157.fr8.hn,1615034586.cds158.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 22166

GET
H2 200 gdpr.bundle.js Show response
gdpr.privacymanager.io/1/ 166 KB
49 KB 80ms
27ms Script
application/x-javascript 2600:9000:20d7:9a00:16:f82a:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Requested by: Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/gdpr-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:9a00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f656841e63e8747685f67c75cf450afa2e4845f1de8e0fccd60b81bdd58611c9

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4YY2.63R.jGS0TuyMc9gs10PJ1C9x9zX
content-encoding: gzip
etag: W/"56c9634c5eff023ace0371a0ce26ce6c"
last-modified: Fri, 29 Jan 2021 13:32:13 GMT
server: AmazonS3
age: 2065
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 f1f7e88380a0546160e4e023c7c1d332.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
date: Sat, 06 Mar 2021 12:08:41 GMT
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: GaRDPVwu5XnM1YRAMBPFOtx813KOrhp-o0-sQm7dTp3Y_AzZa9NL6A==

GET
H2 200 opinion-headshot-bg.png
g.newsweek.com/www/images/ 5 KB
5 KB 34ms
33ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/opinion-headshot-bg.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

d73c80c747e2ebaa8fce065cb77d293449cc8ca02591327c5a95d924c1948364

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 09:49:41 GMT
server: Apache
etag: "1613382581"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds097.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 4876

GET
H2 200 logo-n1.svg
g.newsweek.com/www/images/ 409 B
402 B 34ms
33ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/logo-n1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 09:49:29 GMT
server: Apache
etag: "1613382569"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds154.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 294

GET
H2 200 free-sign-up.svg
g.newsweek.com/www/images/ 3 KB
1 KB 36ms
35ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/free-sign-up.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 03:56:01 GMT
server: Apache
etag: "1614743761"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds135.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 1332

GET
H2 200 pamela-denise-long.webp
d.newsweek.com/en/full/1740820/ 2 KB
2 KB 36ms
35ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1740820/pamela-denise-long.webp?w=63&h=63&f=eac72aa41e88d2d55da146be5ab21143

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

eff953b0f5adfb07abb28b08ec662fd620ce9fae2b8edf8dea330a29c8437c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
last-modified: Tue, 23 Feb 2021 18:10:01 GMT
server: Apache
x-cacheable: YES
etag: "1614103801"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds157.fr8.hn,1615034586.cds207.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 1952

GET
H2 200 monica-osborne.webp
d.newsweek.com/en/full/1740808/ 2 KB
2 KB 38ms
37ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1740808/monica-osborne.webp?w=63&h=63&f=5a5f19448c9c478e5d8af322777ef1ef

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

43784358edc19f685416d0a394f4e3c5727c56d8b9523a83d85edc78fb825b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
last-modified: Tue, 23 Feb 2021 18:10:01 GMT
server: Apache
x-cacheable: YES
etag: "1614103801"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds157.fr8.hn,1615034586.cds156.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 1968

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVS8NW5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2430
date: Sat, 06 Mar 2021 12:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 06 Mar 2021 14:02:36 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 89ms
31ms Script
application/x-javascript 2600:9000:20d7:3600:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwLV1-WJV7CgLSgW4pZR0k6j2vbyW3zKxpS60d1bxW8wms8H69m0ZRW6NW5Md3GbhWdN8BxZ70jr0m1W66ttw78bNStTMSBQD-FfSW7W3Y_NKb2mck7wN7FQDCgVgv5GW3YcT9K6pF02ZW8Rmfrt12JNwYVQpK-16xCJhlW2hF1018j6JKlW89Mvhc5B_D0TW3MQ1Mf6Jvr_xW9m1xJT7QFG__W93xnFx1_VdgJW1wCTL13TJbgnW8X-vF65hpPhyW1gkg_m3rK6YXW2gx-xD7Vj3Y2W1yr3CH6rYgB_VTCFfh6CTGwHW1GCkKh7zZq-7W7dlZDq3h923nW3qsZqb2G8zbqW8tHC059lYvjNN4mbdH7jMmBR3lgX1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:3600:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 18:14:57 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 02:03:13 GMT
server: nginx
age: 66489
etag: W/"60121b61-8e23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 9db8c72ec08059d1364d1dd74e1dc958.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: l58RwbwsHkm5vlOacyq0eXUco-40oTZIs54q-NegchvyoEjrCu576A==
expires: Sat, 06 Mar 2021 18:14:57 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1615034586450&ns_c=UTF-8&c8=Mitt%20Romney%20Pushes%20Back%20on%20Giving%20Some%20States%20COVID%20Relief%2C%20%27It%20Doesn%27t%20Make%20Any...
https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1615034586450&ns_c=UTF-8&c8=Mitt%20Romney%20Pushes%20Back%20on%20Giving%20Some%20States%20COVID%20Relief%2C%20%27It%20Doesn%27t%20Make%20An...

0
528 B

36ms
36ms

Image
text/plain

104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1615034586450&ns_c=UTF-8&c8=Mitt%20Romney%20Pushes%20Back%20on%20Giving%20Some%20States%20COVID%20Relief%2C%20%27It%20Doesn%27t%20Make%20Any%20Sense%27&c7=https%3A%2F%2Fwww.newsweek.com%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw&c9=&cs_ak_ss=1
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:06 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1615034586450&ns_c=UTF-8&c8=Mitt%20Romney%20Pushes%20Back%20on%20Giving%20Some%20States%20COVID%20Relief%2C%20%27It%20Doesn%27t%20Make%20Any%20Sense%27&c7=https%3A%2F%2Fwww.newsweek.com%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:06 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 161ms
142ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://www.newsweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Sat, 06 Mar 2021 12:43:06 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 142ms
142ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.newsweek.com/
Bugsnag-Sent-At: 2021-03-06T12:43:06.505Z
Bugsnag-Api-Key: 6a718baeb7a9a3b44b6047423cea023a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 06 Mar 2021 12:43:06 GMT
via: 1.1 google
bugsnag-session-uuid: 393d2fa0-7e2e-40c3-9315-347323b9ec67
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 check.svg
g.newsweek.com/www/images/ 171 B
266 B 34ms
34ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.newsweek.com/www/images/check.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

aa12b6968b55d509378d47dc26722bd22f3b62a5d85d11685817da0275601693

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Sun, 12 Jul 2020 13:32:30 GMT
server: Apache
etag: "1594560750"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds143.fr8.hn,1615034586.cds233.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 158

GET
H2 200 home-opinion Show response
d.newsweek.com/json/ 17 KB
2 KB 96ms
34ms XHR
application/json 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d.newsweek.com/json/home-opinion?time=1615032927&te=1614873392

Requested by

Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/518ec47cf8245d54b92ff59a32c5dd83.js?v=1614873392

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

9e1dfe8b0e471b7023c77f0880ded11f5c149ad4b5e248de55c4067f3692916e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Sat, 06 Mar 2021 12:17:52 GMT
server: Apache
x-cacheable: YES
etag: "1615033072"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds157.fr8.hn,1615034586.cds272.fr8.c
content-type: application/json
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, public, max-age=29030400, public
accept-ranges: bytes
content-length: 2115

GET
H2 200 play-list Show response
d.newsweek.com/widget/ 9 KB
2 KB 63ms
37ms XHR
application/json 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d.newsweek.com/widget/play-list?nid=518291&items=4&v=11614873392

Requested by

Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/518ec47cf8245d54b92ff59a32c5dd83.js?v=1614873392

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

aa7a6c04f84f89de8386b554018ef614a1390e5c3f9a3d90b6419c56dc412a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 16:08:24 GMT
server: Apache
x-cacheable: YES
etag: "1614960504"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds157.fr8.hn,1615034586.cds097.fr8.c
content-type: application/json
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 1715

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 161ms
51ms XHR
application/javascript 65.9.24.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 01:32:47 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 40220
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sat, 06 Mar 2021 01:32:40 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
via: 1.1 168a24ef858eb187119582fbc6ac0718.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZAG50-C1
content-type: application/javascript
x-amz-cf-id: fMO4y_pqsPJR1hs470vLmSQMZb-SpnpFNGUtrT-O9aTLCb5bwSU6vQ==

GET
BLOB 200
OK 4d7b5e32-42bd-48ce-a2a0-b6d51edc9577
https://www.newsweek.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsweek.com/4d7b5e32-42bd-48ce-a2a0-b6d51edc9577
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-44450862-1&cid=1657243943.1615034587&jid=713852335&gjid=1445093636&_gid=158023725.1615034587&_u=YGBAgUABAAAAAE~&z=1890806807

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 06 Mar 2021 12:43:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 7ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=2122599977&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsweek.com%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw&ul=en-us&de=UTF-8&dt=Mitt%20Romney%20Pushes%20Back%20on%20Giving%20Some%20States%20COVID%20Relief%2C%20%27It%20Doesn%27t%20Make%20Any%20Sense%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUAB~&jid=713852335&gjid=1445093636&cid=1657243943.1615034587&tid=UA-44450862-1&_gid=158023725.1615034587&gtm=2wg2o0TVS8NW5&cd1=Katherine%20Fung&cd2=News&cd3=&cd4=US&cd5=en&cd6=article&cd7=1574087&cd8=20210305&cd9=202103&cd10=newsweek.com%2Fnews%2Farticle&cd12=N&cd13=N&cd14=Y&cd15=Y&cd17=News&cd18=related&cd19=web&cd20=18&cd21=7&cd22=article&cd23=web&cd24=N&cd25=State%2C%20Coronavirus%2C%20Stimulus%20Package%2C%20Mitt%20Romney%2C%20Funding%2C%20Senate&cd26=ndef&cd27=nonpromoted&cd28=NW%20Magazine&cd30=Y&cd31=3&cd32=N&cd33=ndef&cd34=anon&cd35=646&cd36=Direct&cd37=4g&cd38=web&z=1983910759

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:19:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69839
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 site Show response
www.pelcro.com/api/v1/sdk/ 13 KB
3 KB 59ms
20ms XHR
application/json 2606:4700:10::6816:858
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=1028&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b3fd54c22ab6b249fee63c213b856e010687600a69eee3c4792b3553b7371c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 988
content-type: application/json
content-length: 2376
cf-request-id: 08a9292e8a0000d6d5cd35b000000001
x-ua-compatible: IE=edge
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PATCH,PUT,DELETE,OPTIONS
content-language: en
access-control-allow-origin: *
cache-control: no-cache, private, max-age=0
accept-ranges: bytes
cf-ray: 62bbaaf74af8d6d5-FRA
access-control-allow-headers: Authorization, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, X-PINGOTHER, Access-Control-Request-Method, Access-Control-Request-Headers, Cache-Control, X-Pelcro-Sdk-Version

GET
H2 200 counter.js Show response
gc.newsweek.com/front/js/ 2 KB
1 KB 99ms
33ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://gc.newsweek.com/front/js/counter.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

fd90c74a256c879ce6d6774b6f837c13a0fc31a122dcc3352ab63f76191cbc11

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
last-modified: Sat, 10 Oct 2020 16:30:42 GMT
server: Apache
etag: "1602347442"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds161.fr8.hn,1615034586.cds145.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=25920000
accept-ranges: bytes
content-length: 873

GET
H2 200 / Show response
geo.rlcdn.com/ 119 B
343 B 146ms
124ms Fetch
application/json 2a00:1450:4001:828::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.rlcdn.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: f6f4b4586d702093c9cc07e981206978d58633f46da7c721f46513d4dcc71b11

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
etag: W/"77-cXC7RsophzXiswRXM3nplIMkqBo"
server: Google Frontend
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 44bc70adc4a8588fc75a8f7c1b95ab87
cache-control: private
content-length: 129

GET
H3-Q050 200 pubads_impl_2021030201.js Show response
securepubads.g.doubleclick.net/gpt/ 282 KB
100 KB 80ms
44ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 09:37:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101677
x-xss-protection: 0
expires: Sat, 06 Mar 2021 12:43:06 GMT

GET
H3-Q050 200 bridge3.445.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame C816 577 KB
189 KB 29ms
14ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.445.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsweek.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193133
date: Tue, 02 Mar 2021 18:36:26 GMT
expires: Wed, 02 Mar 2022 18:36:26 GMT
last-modified: Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 324400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 39ms
13ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sat, 06 Mar 2021 12:43:06 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin: https://www.newsweek.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 cat-woods.webp
d.newsweek.com/en/full/1736093/ 2 KB
2 KB 44ms
40ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1736093/cat-woods.webp?w=63&h=63&f=713b942bf4051169224f05ee6c29ae57

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

256614d7ebb2c118ce5110d89efff453f6dd98860f5d8293210c65f828804d0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
last-modified: Wed, 17 Feb 2021 13:13:11 GMT
server: Apache
x-cacheable: YES
etag: "1613567591"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds157.fr8.hn,1615034587.cds137.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 1990

GET
H2 200 jay-jordan.webp
d.newsweek.com/en/full/1749847/ 2 KB
2 KB 44ms
40ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1749847/jay-jordan.webp?w=63&h=63&f=d19b47875a9b95454dc9048f15fbd0ea

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

438c618b527721df1100a08498c18d75f02970d3c95600faba94b24d42dfc053

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
last-modified: Fri, 05 Mar 2021 13:31:47 GMT
server: Apache
x-cacheable: YES
etag: "1614951107"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds157.fr8.hn,1615034587.cds065.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 2012

GET
H2 200 jonathan-d-gelber.webp
d.newsweek.com/en/full/1749805/ 2 KB
2 KB 49ms
46ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1749805/jonathan-d-gelber.webp?w=63&h=63&f=6b4a6c5ff3ffaa8f7debbb2ca03b42b2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

e92e4796c42fdbae294f105642d304011e44c6c6ee2d67786f1e77585e2c99bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
last-modified: Fri, 05 Mar 2021 13:31:47 GMT
server: Apache
x-cacheable: YES
etag: "1614951107"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034586.cds157.fr8.hn,1615034587.cds124.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 2010

GET
H2 200 depetris-new.webp
d.newsweek.com/en/full/1671583/ 2 KB
2 KB 49ms
46ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1671583/depetris-new.webp?w=63&h=63&f=6f134a6e9d2cd376c8ae9fd558a630d6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

4d2e28ae6a54f406031e363b154ea0fcb41e5e19f53137d142d4c0461a976115

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
last-modified: Wed, 18 Nov 2020 04:20:57 GMT
server: Apache
x-cacheable: YES
etag: "1605673257"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034587.cds157.fr8.hn,1615034587.cds004.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 2052

GET
H2 200 josh-hammer.webp
d.newsweek.com/en/full/1646800/ 2 KB
2 KB 51ms
48ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1646800/josh-hammer.webp?w=63&h=63&f=cd14b8675c99d70b0e9c9d28906c5d29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

5d998b8247e9380e64a822d26af8a738bc76edf381626cb64e45c4358f7825fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
last-modified: Tue, 06 Oct 2020 21:40:22 GMT
server: Apache
x-cacheable: YES
etag: "1602020422"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034587.cds157.fr8.hn,1615034587.cds130.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 2088

GET
H2 200 cyrus-hadavi.webp
d.newsweek.com/en/full/1749646/ 2 KB
2 KB 52ms
49ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1749646/cyrus-hadavi.webp?w=63&h=63&f=33611ac2915482a700a4d129a5bb97ee

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

6dac64d464bf2838e256feeb0fa1077f32fe0361bd667aa08b4b10ccab27f829

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
last-modified: Fri, 05 Mar 2021 12:43:25 GMT
server: Apache
x-cacheable: YES
etag: "1614948205"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034587.cds157.fr8.hn,1615034587.cds156.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 1946

GET
H2 200 charlie-kirk.webp
d.newsweek.com/en/full/1506965/ 2 KB
2 KB 56ms
54ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1506965/charlie-kirk.webp?w=63&h=63&f=dadcbab6cd325ee70d1bfe4df5a01410

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

c599b673c60bb8d4af55bc745c284f3193a30c46c6be989d4c94bb66e81d62cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
last-modified: Wed, 03 Mar 2021 06:27:39 GMT
server: Apache
x-cacheable: YES
etag: "1614752859"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034587.cds157.fr8.hn,1615034587.cds053.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 2066

GET
H2 200 roff-new.webp
d.newsweek.com/en/full/1528785/ 2 KB
2 KB 57ms
55ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1528785/roff-new.webp?w=63&h=63&f=4dc2ef8dad149bbca161552d8b875591

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

c21caf36058aed3bedb9471a30f438a571170c032caa717ebb9b96d8fa42fc00

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
last-modified: Fri, 05 Mar 2021 11:42:22 GMT
server: Apache
x-cacheable: YES
etag: "1614944542"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034587.cds157.fr8.hn,1615034587.cds228.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 2048

GET
H2 200 gary-walton.webp
d.newsweek.com/en/full/1749705/ 2 KB
2 KB 56ms
54ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1749705/gary-walton.webp?w=63&h=63&f=d4eff89699dee61f645cb5589579388f

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

12f9eecbe160d74b7dd4d55455b9df683b84f780dc9ce5b6c220daad55ad813f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
last-modified: Thu, 04 Mar 2021 21:41:16 GMT
server: Apache
x-cacheable: YES
etag: "1614894076"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034587.cds157.fr8.hn,1615034587.cds258.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 2060

GET
H2 200 anthony-ruggiero.webp
d.newsweek.com/en/full/1749894/ 2 KB
2 KB 57ms
56ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.newsweek.com/en/full/1749894/anthony-ruggiero.webp?w=63&h=63&f=1eaff368f8086127272162d8b52eab03

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Apache /

Resource Hash

85f51701a5cc105ee8f8c7e50f1dbf329ad65de52c52a689b3892df377bf4b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
last-modified: Thu, 04 Mar 2021 21:41:16 GMT
server: Apache
x-cacheable: YES
etag: "1614894076"
strict-transport-security: max-age=86400; includeSubDomains
x-hw: 1615034587.cds157.fr8.hn,1615034587.cds013.fr8.c
content-type: image/webp
access-control-allow-origin: *
x-cahce: HIT
cache-control: max-age=25920000, max-age=29030400, public
accept-ranges: bytes
content-length: 2106

GET
H2 200 userEvents:collect
recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/ 7 B
372 B 79ms
52ms Image
image/gif 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/userEvents:collect?key=AIzaSyC941bziWOAfKYUryv4ZGBrZgm3nYWfyzE&uri=https%3A%2F%2Fwww.newsweek.com%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw&user_event=%7B%22eventType%22%3A%22detail-page-view%22%2C%22userInfo%22%3A%7B%22visitorId%22%3A%22GA1.2.1657243943.1615034587%22%7D%2C%22productEventDetail%22%3A%7B%22productDetails%22%3A%5B%7B%22id%22%3A%221574087%22%7D%5D%7D%7D&ets=1615034586988

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:07 GMT
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
vary: Origin, X-Origin, Referer
content-length: 7
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 374ms
123ms Image
image/gif 34.227.189.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsweek.com&p=%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087&u=Bdzv9DBHgBv-DJf63p&d=newsweek.com&g=65968&g0=News&g1=Katherine%20Fung&n=1&f=00001&c=0&x=0&m=0&y=7743&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1458&t=BMpGqhCcCsnxC5w0jICgsCq6C3N8M3&V=122&i=Mitt%20Romney%20Pushes%20Back%20on%20Giving%20Some%20States%20COVID%20Relief%2C%20%27It%20Doesn%27t%20Make%20Any%20Sense%27&tz=-60&_acct=anon&sn=1&sv=DSLmQvBKsJNuBcf1EED--7_ZC8HiDT&sd=1&im=067b0ef0&_
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.189.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-189-155.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
290 B 16ms
15ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-44450862-1&cid=1657243943.1615034587&jid=713852335&_u=YGBAgUABAAAAAE~&z=1709709190

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-44450862-1&cid=1657243943.1615034587&jid=713852335&_u=YGBAgUABAAAAAE~&z=1709709190

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
api-location-prd.pelcro.com/ Frame 0
0 474ms
368ms Preflight
application/json 13.225.80.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-location-prd.pelcro.com/
Protocol: H2
Server: 13.225.80.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Origin: https://www.newsweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sat, 06 Mar 2021 12:43:07 GMT
x-amzn-requestid: 6e9ce7fc-978a-450d-85eb-daa6192897d7
access-control-allow-origin: *
allow: GET
access-control-allow-headers: Authorization, Cache-Control, X-Pelcro-Sdk-Version
x-amz-apigw-id: bw_STH5nIAMF_Qg=
access-control-allow-methods: GET
x-cache: Miss from cloudfront
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 2D-6NCCqjhCwv3sSulIJycYBh4lSVQn8uhGtNvZNGZU756lOtMgaCg==

GET
H2 200 / Show response
api-location-prd.pelcro.com/ 350 B
742 B 408ms
408ms XHR
application/json 13.225.80.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-location-prd.pelcro.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b67cf9e1ec148e234cf3ca80eb4e08be44dcabbbb3a899a5ad119083c59e8214

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.newsweek.com/
X-Pelcro-Sdk-Version: 2.4.28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: f9171eed-922a-49e5-9bc2-5881af849405
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-604378db-65e94e1621b9f23a59141d14;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: bw_SXGaqoAMFrag=
content-length: 350
x-amz-cf-id: cy_R3-7ECJ1NlB4toN6FDYscsldShMpcMfGKNc9FgwLeeIKny85BHg==

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 164ms
116ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newsweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Sat, 06 Mar 2021 12:43:07 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 117ms
117ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

OPTIONS
H2 200 vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ Frame 0
0 21ms
7ms Preflight 2600:9000:206f:d400:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Protocol: H2
Server: 2600:9000:206f:d400:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.newsweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Fri, 05 Mar 2021 17:06:52 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: I2qTjy1ORNavHNdJXDtpPD3rVMD9QEjHi-LCpqE_Xu6vORT_BvRStw==
age: 70576

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 131ms
61ms Preflight
application/json 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.newsweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sat, 06 Mar 2021 12:43:07 GMT
x-amzn-requestid: 9057f8f0-4d32-48fa-9553-6e635ba90e08
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: bw_SREHJjoEFQuw=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2 FRA56-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ESEhjlP4flLq0ASdacNjPsNVDEWV03TnoBv2fMs5GEzB9KiWVr2G-w==

GET
H2 200 vendor-list.json Show response
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ 49 KB
9 KB 6ms
6ms Fetch
application/json 2600:9000:206f:d400:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:d400:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 639f2f9d2daba6f9181b54d90db300bdd67e0cf94d724658bd9cb28aca3d8437

Request headers

Accept: application/json
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-amz-version-id: ND27aquNS54HNY1hnKFnXEyNjhOHmWhH
content-encoding: gzip
etag: W/"eaa0efac30d29be42038a2b64717318f"
age: 1273
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 05 Mar 2021 17:06:09 GMT
server: AmazonS3
date: Sat, 06 Mar 2021 12:21:54 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: EMH9YMro6An1zBVB1jWPlZn6Bk04lUiSwNNbe1otz3F6eU7ggnsiIA==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
602 B 31ms
30ms Fetch
application/json 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab

Request headers

Accept: application/json
Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Mar 2021 04:24:40 GMT
via: 1.1 c1fa4f08ddf9c5144bf29ba0fe671431.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
age: 29907
x-amzn-requestid: b8476762-0fea-4fa4-904e-990868eb1925
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-60430408-1abe05397ebc2dec6aeaf12e;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: HAM50-C3, FRA56-C1
x-amz-apigw-id: bv2RYFMiDoEF9Og=
content-length: 30
x-amz-cf-id: s45WLm-9lf8wSZRGWDq9FbmY0oUKJsY4wOwmjn5HrQ280BpBeOI_wA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET third-stimulus-bill-timeline-1614953978.m3u8
video.newsweek.com/transcoder/480hls/2591/ 0
0

GET
H2 200 third-stimulus-bill-timeline-1614953978.m3u8 Show response
video.newsweek.com/transcoder/480hls/2591/ 712 B
1010 B 70ms
37ms XHR
application/x-mpegurl 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://video.newsweek.com/transcoder/480hls/2591/third-stimulus-bill-timeline-1614953978.m3u8
Requested by: Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/07bba1a9c30c8f01d28d980808d6b064.js?v=1614873392
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d514e10555efe3a73d7a590c001690a3cc589671419d353cddd2bff36a5f1c5

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
last-modified: Fri, 05 Mar 2021 14:19:56 GMT
server: AmazonS3
x-amz-request-id: J0JP3NYSZ4TA46KM
etag: "370bc917c46f172b1faa88d24bc72a2e"
x-hw: 1615034587.cds163.fr8.hn,1615034587.cds238.fr8.c
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: max-age=2552592
accept-ranges: bytes
content-length: 712
x-amz-id-2: JuQnqR1rSadf3C+fo1LvFldxN1U+rSDC0VSU3VzYHjTvIYdpr0IJDHI2+x5Iqucay38+6rG6D+w=

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 173 B
541 B 246ms
246ms XHR
text/javascript 65.9.24.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw&pid=m4dJMowd1TsJ6&cb=0&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right1%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22id%22%3A%22Newsweek_VideoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%2C%22cmpTimeout%22%3A500%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 7fab7dcc2651c595525637d39ed16f5119a1edd615722fc15846145a952c80cd

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: ZAG50-C1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.newsweek.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 163
via: 1.1 eea0826c9064fc2d08f21b43b4a26011.cloudfront.net (CloudFront)
x-amz-cf-id: 7sF-_gH4fyp0Ir6vXzWRknGWLoR9S6WYTOkv0vnDfXepj9MMvdWRQg==

GET
BLOB 200
OK 0375950f-17f6-48b7-bbf2-523c63a4e10a
https://www.newsweek.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsweek.com/0375950f-17f6-48b7-bbf2-523c63a4e10a
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 485d1e9597d74b48109f11c4bde59393d4a232d99a31a3c6989d5e56ff9a5fbf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 5299
Content-Type: application/javascript

GET
H2 200 article Show response
stats.newsweek.com/counter/ 14 B
476 B 411ms
126ms Script
text/html 52.23.3.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.newsweek.com/counter/article?ack=sys_callback&site_id=7&c_what=article&a_id=1574087&r_id=33219&c_id=104&c_url=&referer=&device=desktop&a_editor=1&c_country=CH&xz=5&c_uque=1&c_ruque=1&c_visits=1

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.3.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Apache /

Resource Hash

2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=25920000
strict-transport-security: max-age=86400; includeSubDomains
content-length: 34

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B246 36 KB
13 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 423
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Sat, 06 Mar 2021 13:36:04 GMT

GET
H/1.1

200
OK

Cookie set iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 1D68
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&dcc=t

295 B
965 B

211ms
210ms

Document
text/html

52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&dcc=t
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 84839a96bec1d8321255ccf47d6d93b67581f38021041b7969bf6e45259d9e73

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newsweek.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7Q10GP2RkwZvkJe_1DzTJI|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsweek.com/

Response headers

Server: Server
Date: Sat, 06 Mar 2021 12:43:07 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 228
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A7Q10GP2RkwZvkJe_1DzTJI; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 12:43:07 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 12:43:07 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sat, 06 Mar 2021 12:43:07 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&dcc=t
Set-Cookie: ad-id=A7Q10GP2RkwZvkJe_1DzTJI|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 12:43:07 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H/1.1 200
OK pr Show response
aax-eu.amazon-adsystem.com/s/v3/ Frame 7C0C 3 KB
1 KB 52ms
51ms Document
text/html 52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 8a12e7858a98183f16ea6175164bc67348bc23e3e1aa7b8c2c030fc3e1015652

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7Q10GP2RkwZvkJe_1DzTJI; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&dcc=t

Response headers

Server: Server
Date: Sat, 06 Mar 2021 12:43:07 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 696
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

GET
H2 200 main.min.js Show response
js.pelcro.com/ui/plugin/newsweek/ 694 KB
112 KB 18ms
18ms Script
text/javascript 2600:9000:21f3:c800:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/ui/plugin/newsweek/main.min.js
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c800:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8304c4370f3c0694fadf3af1b943722fb21e278e8a30639d8d5a3f9ad1009d62

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 06:15:37 GMT
content-encoding: br
last-modified: Fri, 05 Mar 2021 06:15:25 GMT
server: AmazonS3
age: 23255
etag: "6b6eac342923d463ecdc8d25c3c7c434"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 114545
x-amz-cf-id: C2fjXeJNvmP4J--E2tYkuSiCDUrO-k6EfwT6w8Q7fNG6t7jUX41MVQ==

GET
H2 204 um
cs.emxdgt.com/ Frame 7C0C 0
59 B 175ms
41ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:07 GMT
content-length: 0
content-type: text/html

GET
H2 200 amzns2s Show response
rtb.gumgum.com/usync/ Frame BA42 3 KB
1 KB 164ms
53ms Document
text/html 34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 78d696005212095afc1b473d1d8de01ab3c3617cdf3bfbe368a4ff701b736527

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_76ef4943-0734-4e5d-b8a5-3853a7357311; Domain=.gumgum.com; Expires=Sun, 06-Mar-2022 12:43:08 GMT; Path=/; Secure; SameSite=None
etag: W/"043cb5acd411932987d31f67e63e06b7a"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 7BF9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1

2 KB
3 KB

53ms
53ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4baa3c22eeab1d4a7b92a64bbfe188845048c1147c7dfb056a9b41e02fa3a840

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YEN43MibGwzG-GaWDM3rvAAA; CMPS=3202
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|241|230|8|221|111|81
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1589
Expires: Sat, 06 Mar 2021 12:43:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:08 GMT
Connection: keep-alive
Set-Cookie: CMID=YEN43MibGwzG-GaWDM3rvAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 06 Mar 2022 12:43:08 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Jun 2021 12:43:08 GMT CMPRO=1139;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Jun 2021 12:43:08 GMT CMRUM3=27604378dc0b40&51604378dc05a0&dd604378dc27600&08604378dc05a00&2d604378dc05a0&6f604378dc05a0&f1604378dc05a00&e6604378dc27600;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 06 Mar 2022 12:43:08 GMT CMST=YEN43GBDeNwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 07 Mar 2021 12:43:08 GMT

Redirect headers

Server: Apache
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 06 Mar 2021 12:43:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:08 GMT
Connection: keep-alive
Set-Cookie: CMID=YEN43MibGwzG-GaWDM3rvAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 06 Mar 2022 12:43:08 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Jun 2021 12:43:08 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 01ED 291 B
559 B 123ms
44ms Document
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Sat, 06 Mar 2021 12:43:08 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame ED2F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-PCdvXFl1l2Nc179TI1XSimM.rn3zA78-&

43 B
344 B

104ms
59ms

Document
image/gif

52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-PCdvXFl1l2Nc179TI1XSimM.rn3zA78-&
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7Q10GP2RkwZvkJe_1DzTJI; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sat, 06 Mar 2021 12:43:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

Date: Sat, 06 Mar 2021 12:43:08 GMT
Content-Length: 0
Strict-Transport-Security: max-age=31536000
Set-Cookie: IDSYNC=18y4~1wuc;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Mon, 07-Mar-2022 12:43:08 GMT;Secure;SameSite=None A3=d=AQABBNx4Q2ACEKsJNABNFnoyEVrBuz9l6uUFEgEBAQHKRGBNYAAAAAAA_SMAAA&S=AQAAAk519OllhBFQ0i4uUI_Fxjg; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=ebqj57tg46u6s&b=3&s=0k; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-PCdvXFl1l2Nc179TI1XSimM.rn3zA78-&
Age: 0
Connection: keep-alive
Server: ATS/7.1.2.128

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 6866
Redirect Chain

https://cs.admanmedia.com/sync/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dacuity.com%26id%3D%24UID
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451

43 B
344 B

52ms
52ms

Document
image/gif

52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7Q10GP2RkwZvkJe_1DzTJI; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sat, 06 Mar 2021 12:43:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

Server: nginx
Date: Sat, 06 Mar 2021 12:43:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: admtr=0c71ed9c9c68ee4f9bd9c101ca551552239b6451; path=/; domain=.admanmedia.com; expires=Sun, 06 Mar 2022 12:43:08 GMT; max-age=31536000 ;SameSite=None; Secure
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame 718D
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...

628 B
725 B

44ms
41ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: dc705c50693086fc8943a6215ac2b2db10eb84f106747d4e4dc21d54c3bc0ff9

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=934259d9-926e-0dbd-336e-77bf648a8b0c|1615034588
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=934259d9-926e-0dbd-336e-77bf648a8b0c|1615034588; Version=1; Expires=Sun, 06-Mar-2022 12:43:08 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1615034588|gen0vNiygu; Version=1; Expires=Sun, 21-Mar-2021 12:43:08 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.202.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: text/html
content-length: 392
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=934259d9-926e-0dbd-336e-77bf648a8b0c|1615034588; Version=1; Expires=Sun, 06-Mar-2022 12:43:08 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.202.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date: Sat, 06 Mar 2021 12:43:08 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 033E
Redirect Chain

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
https://aax-eu.amazon-adsystem.com/s/ecm3?id=4589742734178689060&ex=districtm

43 B
344 B

134ms
53ms

Document
image/gif

52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=4589742734178689060&ex=districtm
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7Q10GP2RkwZvkJe_1DzTJI; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sat, 06 Mar 2021 12:43:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

Server: nginx/1.17.9
Date: Sat, 06 Mar 2021 12:43:08 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=4589742734178689060&ex=districtm
AN-X-Request-Uuid: 47d87c99-6b82-4b05-b5cc-e332b391af9f
Set-Cookie: uuid2=4589742734178689060; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 04-Jun-2021 12:43:08 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.137:80

GET
H2 204 current
amazon-tam-match.dotomi.com/match/bounce/ Frame 38FF 0
0 99ms
64ms Document
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: amazon-tam-match.dotomi.com
:scheme: https
:path: /match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 06 Mar 2021 12:43:08 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 8EE3
Redirect Chain

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://aax-eu.amazon-adsystem.com/s/ecm3?id=8282508017950710579&ex=appnexus.com

43 B
344 B

122ms
58ms

Document
image/gif

52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=8282508017950710579&ex=appnexus.com
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7Q10GP2RkwZvkJe_1DzTJI; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sat, 06 Mar 2021 12:43:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

Server: nginx/1.17.9
Date: Sat, 06 Mar 2021 12:43:08 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=8282508017950710579&ex=appnexus.com
AN-X-Request-Uuid: 091233b7-9979-4b54-9b53-464d35f6e28c
Set-Cookie: uuid2=8282508017950710579; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 04-Jun-2021 12:43:08 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.56:80

GET
H/1.1

200
OK

Cookie set amazon Show response
ap.lijit.com/beacon/ Frame 294A
Redirect Chain

https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1

1 KB
1 KB

37ms
37ms

Document
text/html

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: bde8b59fb988c3e52c85233240060f51c64af363751d2f7f278ec4828cc55d81

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=1ea86026c3f4e92577f8f2c6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sat, 06 Mar 2021 12:43:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJyrVjI0U7IyNDM0MzIxMbSw0FGyMEXlG0HkTQ3Mzc1BfEMDNHlziLyZsaWxhUUtAJqzEGQ%3D;Path=/;Domain=.lijit.com;Expires=Sun, 06-Mar-2022 12:43:08 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=1ea86026c3f4e92577f8f2c6;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap6ams1

Redirect headers

Server: nginx
Date: Sat, 06 Mar 2021 12:43:08 GMT
Content-Length: 0
Set-Cookie: ljt_reader=1ea86026c3f4e92577f8f2c6;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap6ams1

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 31BA
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=10801851931928103450

43 B
344 B

148ms
54ms

Document
image/gif

52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=10801851931928103450
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7Q10GP2RkwZvkJe_1DzTJI; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sat, 06 Mar 2021 12:43:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

date: Sat, 06 Mar 2021 12:43:08 GMT
content-length: 0
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=10801851931928103450
set-cookie: tluid=10801851931928103450; Max-Age=7776000; Expires=Fri, 04 Jun 2021 12:43:08 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 / Show response
js.stripe.com/v3/ 214 KB
57 KB 307ms
90ms Script
application/javascript 65.9.187.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.187.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f0f33ff8c7fbc1303a7c42cf242835af1c23357962a57ec6bec6cf8e7671cee9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:42:03 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 66
via: 1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: BYZK1EWMXTSR5QSX
x-amz-id-2: gyDwKlmA3fQP2kfH7+TvQDdr/xehMdPC2P9Zg7C4TyAFgvEZyaktW1mHst68C9Dz1fO60uZEskM=
last-modified: Fri, 05 Mar 2021 21:06:14 GMT
server: AmazonS3
etag: W/"ac7e82b6764769afb27bb9a2c7a5fec2"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: ZAG50-C1
timing-allow-origin: *
x-amz-cf-id: SBHPqMTW6RJ7U_Paa3MoNue3MNt_f5FkK6pxAVsVQ4BYSYbC2ZzMSA==

GET
H3-Q050 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
817 B 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1560
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
expires: Sat, 06 Mar 2021 13:17:08 GMT

GET
H2 200 1028-1590365569.png
uploads.pelcro.com/images/site/logo/ 7 KB
8 KB 53ms
9ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.pelcro.com/images/site/logo/1028-1590365569.png
Requested by: Host: www.newsweek.com
URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 26afa415e1221eefb1b5aeac203c50935a2fb77ad77589f509d90202cc617c6d

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:08 GMT
last-modified: Mon, 25 May 2020 00:12:51 GMT
server: keycdn-engine
x-amz-request-id: C9FE89E4BFB325DA
x-edge-location: defr
etag: "4c7eb5b8728731b18c9f2043dd25b97b"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://pelcro-uploads.s3-website-us-east-1.amazonaws.com/images/site/logo/1028-1590365569.png>; rel="canonical"
content-length: 7383
x-amz-id-2: ecYmbrhPDewz8PunEQi1hEzn/S2fpJIL07HiEr9DWlrleP0pA+2NZFcbUwIufBhoPlV4H8n+4W4=
expires: Sat, 13 Mar 2021 12:43:08 GMT

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 718D 43 B
344 B 54ms
54ms Image
image/gif 52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=18381afd-2743-89b0-a9b6-3dc0689e7311
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:08 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 718D
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=PIHDrD2Jk_wngJP8bIfarDOJwawn08GpOYRDdn0f

43 B
106 B

37ms
37ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=PIHDrD2Jk_wngJP8bIfarDOJwawn08GpOYRDdn0f
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=PIHDrD2Jk_wngJP8bIfarDOJwawn08GpOYRDdn0f
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 718D
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1080325640336079090

43 B
106 B

38ms
36ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1080325640336079090
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1080325640336079090
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 718D 70 B
264 B 346ms
191ms Image
image/gif 52.51.224.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=40ee6680-3be9-324a-69b8-bf5700adb8f1&gdpr=0
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.224.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 718D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmM4MWI1NGEtZjI5ZS02Y2VlLTdjNTgtZTVlZWNhNGY3Njkx
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmM4MWI1NGEtZjI5ZS02Y2VlLTdjNTgtZTVlZWNhNGY3Njkx&google_tc=

170 B
201 B

47ms
47ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmM4MWI1NGEtZjI5ZS02Y2VlLTdjNTgtZTVlZWNhNGY3Njkx&google_tc=

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmM4MWI1NGEtZjI5ZS02Y2VlLTdjNTgtZTVlZWNhNGY3Njkx&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 718D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPj1oaNjFcYHtjY8lY1stY&google_cver=1

43 B
106 B

68ms
36ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPj1oaNjFcYHtjY8lY1stY&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPj1oaNjFcYHtjY8lY1stY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 01ED 31 KB
10 KB 58ms
57ms Script
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 12:43:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12461
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9309
Expires: Sat, 06 Mar 2021 16:10:49 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
127 B 16ms
16ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=2122599977&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.newsweek.com%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw&ul=en-us&de=UTF-8&dt=Mitt%20Romney%20Pushes%20Back%20on%20Giving%20Some%20States%20COVID%20Relief%2C%20%27It%20Doesn%27t%20Make%20Any%20Sense%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=article_meter&ea=meter_visible&el=5%20articles%20remaining&_u=aGDAAUIRAAAAAG~&jid=505172908&gjid=133034600&cid=1657243943.1615034587&tid=UA-44450862-1&_gid=158023725.1615034587&_r=1&gtm=2wg2o0TVS8NW5&cd1=Katherine%20Fung&cd2=News&cd3=&cd4=US&cd5=en&cd6=article&cd7=1574087&cd8=20210305&cd9=202103&cd10=newsweek.com%2Fnews%2Farticle&cd12=N&cd13=N&cd14=Y&cd15=Y&cd17=News&cd18=related&cd19=web&cd20=18&cd21=7&cd22=article&cd23=web&cd24=N&cd25=State%2C%20Coronavirus%2C%20Stimulus%20Package%2C%20Mitt%20Romney%2C%20Funding%2C%20Senate&cd26=ndef&cd27=nonpromoted&cd28=NW%20Magazine&cd30=Y&cd31=3&cd32=N&cd33=ndef&cd34=anon&cd35=646&cd36=Direct&cd37=4g&cd38=web&z=217272990

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame BA42
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=4589742734178689060

35 B
237 B

59ms
59ms

Image
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=4589742734178689060
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:08 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.86:80
AN-X-Request-Uuid: 12e91670-7343-4625-ab6a-6750e8278810
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=4589742734178689060
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame BA42
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_76ef4943-0734-4e5d-b8a5-3853a7357311&gdpr=&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_76ef4943-0734-4e5d-b8a5-3853a7357311&gdpr=&gdpr_consent=&us_privacy=
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=0c67fd88-b7a1-5141-ac2b-0ba1cc68737c&ssp=gumgum2&expires=30&user_group=1
https://rtb.gumgum.com/usersync?b=bsw&i=0d987996-a689-47e3-94d1-d3f86dd95b26

35 B
237 B

59ms
58ms

Image
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=0d987996-a689-47e3-94d1-d3f86dd95b26
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:10 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: //rtb.gumgum.com/usersync?b=bsw&i=0d987996-a689-47e3-94d1-d3f86dd95b26
date: Sat, 06 Mar 2021 12:43:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

syncPartner
sync.outbrain.com/ Frame BA42
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%286X2uoO9zdFF6rNDOgwocUtf0soFVIa9qp-Stm4Egb7FnmFzVlSN0YsC8XPdAGgrS%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_76ef4943-0734-4e5d-b8a5-3853a7357311&obuid=ENC(6X2uoO9zdFF6rNDOgwocUtf0soFVIa9qp-Stm4Egb7FnmFzVlSN0YsC8XPdAGgrS)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

112ms
112ms

Image
text/plain

70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 12:43:09 GMT
Cache-Control: no-cache
X-TraceId: 49ed45d1ffffcef7ada87890400832e0
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Sat, 06 Mar 2021 12:43:09 GMT
X-TraceId: f7459668f30e44388337d37d17c504c7
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame BA42
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=b7d3c2f0-13fc-0a1c-0ec3-afbac8fdb9b7

35 B
237 B

59ms
58ms

Image
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=b7d3c2f0-13fc-0a1c-0ec3-afbac8fdb9b7
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sat, 06 Mar 2021 12:43:08 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=b7d3c2f0-13fc-0a1c-0ec3-afbac8fdb9b7
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame BA42
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-58e82823-0729-4ae2-42fa-12c32938b433$ip$185.156.175.107

35 B
237 B

59ms
59ms

Image
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-58e82823-0729-4ae2-42fa-12c32938b433$ip$185.156.175.107
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-58e82823-0729-4ae2-42fa-12c32938b433$ip$185.156.175.107
Date: Sat, 06 Mar 2021 12:43:08 GMT
Connection: keep-alive
Content-Length: 124
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame BA42
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-MiJPRfR1lxAQtRQDSYQjsM9i.XR7bgx3To3Y

35 B
237 B

60ms
58ms

Image
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-MiJPRfR1lxAQtRQDSYQjsM9i.XR7bgx3To3Y
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sat, 06 Mar 2021 12:43:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-MiJPRfR1lxAQtRQDSYQjsM9i.XR7bgx3To3Y
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame BA42
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
https://rtb.gumgum.com/usersync?b=vnt&i=81143660-7e79-11eb-a11f-13a09c0bd326

35 B
237 B

60ms
60ms

Image
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=81143660-7e79-11eb-a11f-13a09c0bd326
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=81143660-7e79-11eb-a11f-13a09c0bd326
Date: Sat, 06 Mar 2021 12:43:07 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 81143661-7e79-11eb-a11f-13a09c0bd326

GET
H2 204 services
sync.technoratimedia.com/ Frame BA42 0
294 B 365ms
118ms Image
text/plain 150.136.156.92
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:08 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 995721587
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true

GET
H2

200

usersync
rtb.gumgum.com/ Frame BA42
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_76ef4943-0734-4e5d-b8a5-3853a7357311&gdpr=&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=

35 B
237 B

55ms
55ms

Image
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 67
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame BA42
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3951994863
https://sync.1rx.io/usersync/tradedesk/d0c2b0a5-10cf-424f-952e-1476f578c35c
https://sync.targeting.unrulymedia.com/csync/RX-7dc11a77-aabb-43ec-a6bc-74b564cb256d-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-7dc11a77-aabb-43ec-a6bc-74b564cb256d-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-7dc11a77-aabb-43ec-a6bc-74b564cb256d-003

35 B
237 B

59ms
59ms

Image
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-7dc11a77-aabb-43ec-a6bc-74b564cb256d-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Date: Sat, 06 Mar 2021 12:43:08 GMT
Server: Tengine
ETag: RX7dc11a77aabb43eca6bc74b564cb256d003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-7dc11a77-aabb-43ec-a6bc-74b564cb256d-003
Connection: keep-alive
Content-Type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame BA42
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=XqJTTnzh7VZ2&ev=1&pid=558355

35 B
237 B

60ms
59ms

Image
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=XqJTTnzh7VZ2&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=XqJTTnzh7VZ2&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-568ff9c7d-fdx8b
expires: -1

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame BA42 43 B
344 B 55ms
55ms Image
image/gif 52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_76ef4943-0734-4e5d-b8a5-3853a7357311
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:08 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame D394
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=36576043-78dc-4600-94e6-3e739ba2f49b&gdpr=&gdpr_consent=

35 B
237 B

59ms
59ms

Document
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=36576043-78dc-4600-94e6-3e739ba2f49b&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=36576043-78dc-4600-94e6-3e739ba2f49b&gdpr=&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_76ef4943-0734-4e5d-b8a5-3853a7357311
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sat, 06 Mar 2021 12:43:11 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
set-cookie: uuid=36576043-78dc-4600-94e6-3e739ba2f49b; domain=.mathtag.com; path=/; expires=Sun, 03-Apr-2022 12:43:08 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=36576043-78dc-4600-94e6-3e739ba2f49b&gdpr=&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 3518 2f03077 master zrh-pixel-x25
Expires: Sat, 06 Mar 2021 12:43:10 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 3802
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YEN43AAAAF2b0CrK
https://rtb.gumgum.com/usersync?b=atm&i=YEN43AAAAF2b0CrK&gdpr=&gdpr_consent=&_test=YEN43AAAAF2b0CrK

35 B
237 B

60ms
60ms

Document
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YEN43AAAAF2b0CrK&gdpr=&gdpr_consent=&_test=YEN43AAAAF2b0CrK
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YEN43AAAAF2b0CrK&gdpr=&gdpr_consent=&_test=YEN43AAAAF2b0CrK
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_76ef4943-0734-4e5d-b8a5-3853a7357311
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YEN43AAAAF2b0CrK&gdpr=&gdpr_consent=&_test=YEN43AAAAF2b0CrK
accept-ranges: bytes
date: Sat, 06 Mar 2021 12:43:08 GMT
via: 1.1 varnish
x-served-by: cache-fra19122-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1615034589.693047,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-Q050 200 pixel Show response
cm.g.doubleclick.net/ Frame 4DF0 170 B
190 B 49ms
38ms Document
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NmVmNDk0My0wNzM0LTRlNWQtYjhhNS0zODUzYTczNTczMTE=&gdpr=&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV83NmVmNDk0My0wNzM0LTRlNWQtYjhhNS0zODUzYTczNTczMTE=&gdpr=&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk5pXymnVy0drtwljOXuqgKS7wrAz3phowm1CNuiP55RjMlT9lWWFad45FwSxs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Sat, 06 Mar 2021 12:43:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9300 8 KB
3 KB 152ms
38ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=25854
Expires: Sat, 06 Mar 2021 19:54:02 GMT
Date: Sat, 06 Mar 2021 12:43:08 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame F24B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=d0c2b0a5-10cf-424f-952e-1476f578c35c&t=1617626588

35 B
237 B

59ms
58ms

Document
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=d0c2b0a5-10cf-424f-952e-1476f578c35c&t=1617626588
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=d0c2b0a5-10cf-424f-952e-1476f578c35c&t=1617626588
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_76ef4943-0734-4e5d-b8a5-3853a7357311
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=d0c2b0a5-10cf-424f-952e-1476f578c35c&t=1617626588
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=d0c2b0a5-10cf-424f-952e-1476f578c35c; domain=.adsrvr.org; expires=Sun, 06-Mar-2022 12:43:08 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwiO8bGChKqwORAFOAE.; domain=.adsrvr.org; expires=Sun, 06-Mar-2022 12:43:08 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 61C9 0
0 68ms
28ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Sat, 06 Mar 2021 12:43:07 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 62DA
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YEN43cCo8YAAAHoPMnYAAAAA

35 B
237 B

59ms
59ms

Document
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YEN43cCo8YAAAHoPMnYAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YEN43cCo8YAAAHoPMnYAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_76ef4943-0734-4e5d-b8a5-3853a7357311
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 06 Mar 2021 12:43:10 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Sat, 06 Mar 2021 12:43:09 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YEN43cCo8YAAAHoPMnYAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie: SOC=YEN43cCo8YAAAHoPMnYAAAAA; path=/; expires=Mon, 6-Mar-23 12:43:09 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time: 18
X-SO-HostName: a-ad40057.dc2p.scaleout.jp
X-SO-LB-Hostname: m-tgng28.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":39,"gdpr":false,"ipv4":"185.156.175.107","key":"YEN43cCo8YAAAHoPMnYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40057"}
X-SO-Key: YEN43cCo8YAAAHoPMnYAAAAA
X-SO-IP: 185.156.175.107
X-SO-Cluster-ID: 39
X-SO-Upstream-ID: a-ad40057

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame B03D
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1871878968079502160

35 B
237 B

61ms
60ms

Document
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1871878968079502160
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1871878968079502160
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_76ef4943-0734-4e5d-b8a5-3853a7357311
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNrQwByILSzMLA3NLUwMjQzMDIT5D3fziIPNEt3zTZKf0HCleQzNDUwNjE1MLCxMjIwDTlyAnNAAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 31 Mar 2022 12:43:08 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwByILSzMLA3NLUwMjQzMDIT5D3fziIPNEt3zTZKf0HACN6aJ-JQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmhqYGxiamFhYmQEAF_OjksQAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 31 Mar 2022 12:43:08 GMT; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1871878968079502160
Content-Length: 0
Server: Jetty(9.0.6.v20130930)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 8ABC
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=S2nbV07LlYrAwk9XWh3U&pi=gumgum&tc=1

35 B
237 B

58ms
58ms

Document
image/gif

34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=S2nbV07LlYrAwk9XWh3U&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=S2nbV07LlYrAwk9XWh3U&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_76ef4943-0734-4e5d-b8a5-3853a7357311
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sat, 06 Mar 2021 12:43:08 GMT Sat, 06 Mar 2021 12:43:08 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=S2nbV07LlYrAwk9XWh3U&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 294A 43 B
344 B 110ms
56ms Image
image/gif 52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=1ea86026c3f4e92577f8f2c6&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:08 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 294A
Redirect Chain

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
https://ce.lijit.com/merge?pid=85&3pid=AACdE07AhvIAAEcRlr-KpQ

43 B
1 KB

56ms
39ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=85&3pid=AACdE07AhvIAAEcRlr-KpQ
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:11 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=85&3pid=AACdE07AhvIAAEcRlr-KpQ
Date: Sat, 06 Mar 2021 12:43:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 294A
Redirect Chain

https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_user_id=0d987996-a689-47e3-94d1-d3f86dd95b26
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_user_id=0d987996-a689-47e3-94d1-d3f86dd95b26
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=9fc9ad6f-6c64-49ca-b52f-5690f758cb3f&ssp=fmx
https://ce.lijit.com/merge?pid=26&3pid=0d987996-a689-47e3-94d1-d3f86dd95b26

43 B
1 KB

38ms
38ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=26&3pid=0d987996-a689-47e3-94d1-d3f86dd95b26
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:11 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: //ce.lijit.com/merge?pid=26&3pid=0d987996-a689-47e3-94d1-d3f86dd95b26
date: Sat, 06 Mar 2021 12:43:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 294A
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D269745...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
https://ce.lijit.com/merge?pid=16&3pid=26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348&gdpr=0&gdpr_consent=

43 B
1 KB

48ms
47ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:09 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sat, 06 Mar 2021 12:43:09 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://ce.lijit.com/merge?pid=16&3pid=26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348&gdpr=0&gdpr_consent=
alt-svc: clear
content-length: 0

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame 294A 70 B
264 B 96ms
51ms Image
image/gif 52.51.224.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.224.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 294A
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=1871878968079502162

43 B
857 B

117ms
39ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=1871878968079502162
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:08 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=1871878968079502162
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 7BF9 70 B
264 B 87ms
51ms Image
image/gif 52.51.224.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YEN43MibGwzG-GaWDM3rvAAA&cm_dsp_id=70
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.224.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7BF9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEN43MibGwzG-GaWDM3rvAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPdYBRkTOzwGrsiou-YV8xM&google_cver=1

43 B
1003 B

139ms
59ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPdYBRkTOzwGrsiou-YV8xM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 06 Mar 2021 12:43:09 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPdYBRkTOzwGrsiou-YV8xM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 7BF9 43 B
720 B 1432ms
126ms Image
image/gif 52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEN43MibGwzG_GaWDM3rvAAABHMAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:09 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 7BF9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEN43MibGwzG_GaWDM3rvAAABHMAAAIB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDPb3nWCvBM1DmoZFuPxocw&google_cver=1

43 B
315 B

42ms
42ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDPb3nWCvBM1DmoZFuPxocw&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 06 Mar 2021 12:43:08 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDPb3nWCvBM1DmoZFuPxocw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7BF9
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=05ed6b6f-6880-4db5-a7d9-58fc9a6447eb&expiration=1646570591

43 B
1 KB

46ms
45ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=05ed6b6f-6880-4db5-a7d9-58fc9a6447eb&expiration=1646570591
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 06 Mar 2021 12:43:11 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=05ed6b6f-6880-4db5-a7d9-58fc9a6447eb&expiration=1646570591
date: Sat, 06 Mar 2021 12:43:11 GMT
server: Kestrel
content-length: 0

GET
H2

200

tpid=YEN43MibGwzG-GaWDM3rvAAA%261139
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 7BF9
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YEN43MibGwzG-GaWDM3rvAAA%261139
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YEN43MibGwzG-GaWDM3rvAAA%261139

49 B
707 B

69ms
69ms

Image
image/gif

54.171.173.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YEN43MibGwzG-GaWDM3rvAAA%261139
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:11 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.8.106
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:11 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YEN43MibGwzG-GaWDM3rvAAA%261139
cache-control: no-cache
x-server: 10.45.15.109
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7BF9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8042456573044256371&expiration=1616244188

43 B
1 KB

1382ms
55ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8042456573044256371&expiration=1616244188
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 06 Mar 2021 12:43:09 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8042456573044256371&expiration=1616244188
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7BF9
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=clI0b3NaZD9pU2Q_IlQtb31aNm9pADZqd1dDczZj

43 B
1 KB

1412ms
269ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=clI0b3NaZD9pU2Q_IlQtb31aNm9pADZqd1dDczZj
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 06 Mar 2021 12:43:09 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=clI0b3NaZD9pU2Q_IlQtb31aNm9pADZqd1dDczZj
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7BF9 43 B
344 B 107ms
53ms Image
image/gif 52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YEN43MibGwzG_GaWDM3rvAAABHMAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:08 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
425 B 65ms
13ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-44450862-1&cid=1657243943.1615034587&jid=505172908&gjid=133034600&_gid=158023725.1615034587&_u=aGDAAUIRAAAAAG~&z=1547989899

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: text/plain
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
88 B 16ms
15ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-44450862-1&cid=1657243943.1615034587&jid=505172908&_u=aGDAAUIRAAAAAG~&z=1880713076

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
88 B 31ms
30ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-44450862-1&cid=1657243943.1615034587&jid=505172908&_u=aGDAAUIRAAAAAG~&z=1880713076

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7156 37 KB
14 KB 43ms
42ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=40026
Expires: Sat, 06 Mar 2021 23:50:14 GMT
Date: Sat, 06 Mar 2021 12:43:08 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7156 2 KB
3 KB 388ms
34ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=78194211&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 871fb3e4aa1bc00900629682ab6619bdb97f906b9fac03308a1e165a2266c309

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 12:34:43 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 01ED 284 B
932 B 116ms
30ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 01ED
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KLXPW878-16-7MQS&ex=d-rubiconproject.com&status=ok

43 B
344 B

67ms
67ms

Image
image/gif

52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=KLXPW878-16-7MQS&ex=d-rubiconproject.com&status=ok
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:08 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=KLXPW878-16-7MQS&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame C62F 43 B
304 B 373ms
42ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=78194211&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sat, 06 Mar 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1211
date: Sat, 06 Mar 2021 12:43:08 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame F1C8
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1045490487372136254

42 B
769 B

35ms
35ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1045490487372136254
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=78194211&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=2:2; KADUSERCOOKIE=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8; chkChromeAb67Sec=1; DPSync3=1616198400%3A201_227_226_221; SyncRTB3=1616198400%3A56_161_220_21_13%7C1616284800%3A35; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEPk-EHhaEUDT8W_8-AyhQ_k&KRTB&22987-CAESEPk-EHhaEUDT8W_8-AyhQ_k&KRTB&23025-CAESEPk-EHhaEUDT8W_8-AyhQ_k; PugT=1615034589
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 06 Mar 2021 12:34:38 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-1045490487372136254; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 05-Apr-2021 12:34:38 GMT; path=/ PugT=1615034078; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 05-Apr-2021 12:34:38 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 04-Jun-2021 12:34:38 GMT; path=/
X-lat: amspug017:0:386
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1045490487372136254
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync Show response
rtb.gumgum.com/ Frame 5F3D 35 B
237 B 61ms
59ms Document
image/gif 34.250.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=pbm&i=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.193.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-193-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=pbm&i=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_76ef4943-0734-4e5d-b8a5-3853a7357311
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 06 Mar 2021 12:43:08 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7156
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L6yVocSHTYmiCqECj23j2A%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

39ms
38ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 12:43:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=25854
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Sat, 06 Mar 2021 19:54:02 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 7156 95 B
596 B 51ms
32ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 62bbab047fc61f3d-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08a92936d000001f3da11d7000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 7156
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

49ms
49ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:10 GMT
frontend-id: 13
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:10 GMT
frontend-id: 8
location: /pubmatic/1/info2?sType=sync&sExtCookieId=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 7156
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&addseg=31

7 B
147 B

115ms
37ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&addseg=31
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 12:43:10 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Sat, 06 Mar 2021 12:43:10 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2FAC95A1-C487-4D89-A20A-A1028F6DE3D8&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 7156
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkZBQzk1QTEtQzQ4Ny00RDg5LUEyMEEtQTEwMjhGNkRFM0Q4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

389ms
34ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 12:34:37 GMT
X-lat: amspug008:0:357
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 7156
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPk-EHhaEUDT8W_8-AyhQ_k&google_cver=1

42 B
855 B

424ms
34ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPk-EHhaEUDT8W_8-AyhQ_k&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 12:43:09 GMT
X-lat: amspug006:0:260
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPk-EHhaEUDT8W_8-AyhQ_k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 7156 43 B
609 B 1390ms
37ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 05 Mar 2021 12:43:10 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 7156
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8042456573044256371

42 B
974 B

3195ms
42ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8042456573044256371
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sat, 06 Mar 2021 12:43:10 GMT
X-lat: Pug23042:0:245
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8042456573044256371
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 01ED 0
66 B 1105ms
36ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:10 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 01ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmzojnEdLgrS5NYKmW4uU0&google_cver=1

42 B
689 B

57ms
42ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmzojnEdLgrS5NYKmW4uU0&google_cver=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmzojnEdLgrS5NYKmW4uU0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 01ED
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=36576043-78dc-4600-94e6-3e739ba2f49b

42 B
689 B

87ms
31ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=36576043-78dc-4600-94e6-3e739ba2f49b
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

Date: Sat, 06 Mar 2021 12:43:12 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=36576043-78dc-4600-94e6-3e739ba2f49b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 06 Mar 2021 12:43:11 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 01ED 70 B
264 B 54ms
53ms Image
image/gif 52.51.224.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.224.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 01ED
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YEN43AAAAF2b0CrK

42 B
689 B

33ms
32ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YEN43AAAAF2b0CrK
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:08 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615034589.941231,VS0,VE0
x-served-by: cache-fra19122-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YEN43AAAAF2b0CrK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 01ED
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/-moa0ha2U4yE9ZKJfBy0Msn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2181450660253429624

42 B
689 B

90ms
34ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2181450660253429624
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

date: Sat, 06 Mar 2021 12:43:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2181450660253429624
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 01ED
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLXPW878-16-7MQS&sigv=1&esig=2~c14c2dea48b2b729ea304663654360f86413d9f8

0
291 B

8ms
7ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLXPW878-16-7MQS&sigv=1&esig=2~c14c2dea48b2b729ea304663654360f86413d9f8

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:08 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLXPW878-16-7MQS&sigv=1&esig=2~c14c2dea48b2b729ea304663654360f86413d9f8
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 01ED
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGM4ZDc2NGM2YmY1MDNiMDg2MjU2MDFiMGIzNDQ0NDE1ZjlkN2UxYQ

170 B
213 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGM4ZDc2NGM2YmY1MDNiMDg2MjU2MDFiMGIzNDQ0NDE1ZjlkN2UxYQ

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-emx_n-vmg_n-acuityads_ox-db5_dm_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGM4ZDc2NGM2YmY1MDNiMDg2MjU2MDFiMGIzNDQ0NDE1ZjlkN2UxYQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 7156 0
418 B 141ms
35ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 12:34:39 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/7922264/ 0
400 B 266ms
266ms Script
application/x-javascript 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/7922264/cs.js
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 12:43:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Tue, 09 Mar 2021 12:43:12 GMT

GET
H2 200 m-outer-8dc667e22429e9795dce1a8237a76325.html Show response
js.stripe.com/v3/ Frame CFAF 215 B
952 B 76ms
76ms Document
text/html 65.9.187.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-8dc667e22429e9795dce1a8237a76325.html

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.187.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

720d8b5230522b836bd94ee27f388976a2da5f18b4c9a6474cd5f047f8380751

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-8dc667e22429e9795dce1a8237a76325.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsweek.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: Q0aWlDwai/odPybbNJloFfaGhIpt4f+EGl7mcU+pXVVDnBPsUjW6GfFM8lsKUBt078Umf3J/g4E=
x-amz-request-id: 6VA3REG7PE1B833D
last-modified: Wed, 03 Mar 2021 22:21:03 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Sat, 06 Mar 2021 12:38:51 GMT
cache-control: public, max-age=300
etag: "8dc667e22429e9795dce1a8237a76325"
x-cache: Hit from cloudfront
via: 1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: QlLYcWrn8yNs1WJTBZDUkp0QDhub9B8_GOHjT0lgVDd0MCLANr3mkQ==
age: 263

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
22 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eecdf607f41793e61a58937f215d9b1192888fc67ba525b041b05f2b3ab9685f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 22450
x-fb-rlafr: 0
pragma: public
x-fb-debug: Jeg8Aaq4AuJwJZRqEpocQKKnNGarJVHOdchSBlh1Dc3fEtvvj2pcT7qPJqCUya/IvA5+L5O46tWWaB1jnuLXdg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 06 Mar 2021 12:43:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5e9e00b619144f0012bc03cf Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 363 KB
88 KB 162ms
70ms Script
application/javascript 65.9.187.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5e9e00b619144f0012bc03cf
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.187.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6095bf9cddd76165fe68b17f0a2a42fe8244151240192c37e91ddf571907db69

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:38:30 GMT
via: 1.1 7fbfed9453edeb4b5dca9173a3f5f8dd.cloudfront.net (CloudFront)
age: 282
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: ZAG50-C1
content-encoding: gzip
x-amz-cf-id: 43p9S7NCILH8eNsFpkGQd8tHjhVrP9YQbjaHN6ZhLN6cBpvZxzaRuQ==

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5
https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=833b3c24-7e79-11eb-8b1e-1348667f2506

0
587 B

41ms
40ms

Image
text/plain

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=833b3c24-7e79-11eb-8b1e-1348667f2506
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Sat, 06 Mar 2021 12:43:12 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 8
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Sat, 06 Mar 2021 12:43:12 GMT
Server: nginx
Location: /partner?source=82839&sync_limit=5&__user_check__=1&sync_id=833b3c24-7e79-11eb-8b1e-1348667f2506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 141
Connection: keep-alive
Content-Length: 0

GET
H2 200 496391994180701 Show response
connect.facebook.net/signals/config/ 355 KB
85 KB 54ms
54ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/496391994180701?v=2.9.5&r=c2

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f75744c2809b8499e960e417586de8c99371da88449f9fb79e0d5a944128ae94

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 3glTEfCB3uFLNjFb48py4w09ZksxtVvpKR8S63//jkI6MoPe0CiIfxUxfkTsxhsGM+z3/WadS9e081FYWiW38A==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 06 Mar 2021 12:43:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 m-outer-ab393e3979b66b4140895f56a37b902d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CFAF 1 KB
1 KB 78ms
78ms Script
application/javascript 65.9.187.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-ab393e3979b66b4140895f56a37b902d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-8dc667e22429e9795dce1a8237a76325.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.187.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-8dc667e22429e9795dce1a8237a76325.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:40:07 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 186
via: 1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 5ZJG78FHY20NCNKH
x-amz-id-2: 16ky8f9R5qTXgAzMZPPr6dF7lUvOjLFoSDK5mY6sEyfw8wkAQWXgQBrpjC6oi/1fMspAENxTpOE=
last-modified: Wed, 03 Mar 2021 22:21:01 GMT
server: AmazonS3
etag: W/"356a16407e7a019ffdf35f454b7438a9"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: ZAG50-C1
timing-allow-origin: *
x-amz-cf-id: KqZaspT0EZAU7ZLNMQld51Bu-H2IoX0do0vbu6UpCT8qvL1q1i_JrQ==

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=496391994180701&ev=PageView&dl=https%3A%2F%2Fwww.newsweek.com%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw&rl=&if=false&ts=1615034592286&sw=1600&sh=1200&v=2.9.5&r=c2&ec=0&o=30&fbp=fb.1.1615034592285.918160646&it=1615034592134&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 06 Mar 2021 12:43:12 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame BA79 33 KB
13 KB 93ms
31ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-ab393e3979b66b4140895f56a37b902d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

server: nginx
content-type: text/html; charset=utf-8
last-modified: Fri, 04 Dec 2020 19:17:49 GMT
etag: W/"5fca8b5d-84a0"
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=300
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 06 Mar 2021 12:43:12 GMT
age: 214
x-served-by: cache-sea4478-SEA, cache-hhn4077-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 512
x-timer: S1615034592.377797,VS0,VE0
vary: Accept-Encoding
content-length: 12226

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 371ms
125ms Preflight 54.166.112.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Server: 54.166.112.225 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://www.newsweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 06 Mar 2021 12:43:12 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 131ms
130ms Fetch
text/html 54.166.112.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.112.225 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.newsweek.com/
key: 5e9e00b619144f0012bc03cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 06 Mar 2021 12:43:12 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

POST
H2 200 6 Show response
m.stripe.com/ Frame BA79 156 B
518 B 608ms
203ms XHR
text/plain 34.214.36.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.36.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d13723b246f9cdd4c7d83b512439539fa76131ca05e45f19086957572a57f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 06 Mar 2021 12:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 47CC 0
50 B 6ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 11816
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.newsweek.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0uVbBnQ1r7nmL6mS4..BgQ3jg...1.0.BgQ3jg.
Upgrade-Insecure-Requests: 1
Origin: https://www.newsweek.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsweek.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.newsweek.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Sat, 06 Mar 2021 12:43:12 GMT

GET
H2 200 implement-r.js Show response
fqtag.com/tag/ 2 KB
2 KB 158ms
36ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fqtag.com/tag/implement-r.js?org=YQwTNw4Muk9XFo4QH9JJ&p=www.newsweek.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

2bf8a4995f4236978a6ca8e7e0c5d3b0fb73f17f37487bf747190a0a82901feb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:14 GMT
via: 1.1 google
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1996
x-xss-protection: 0
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
799 B 133ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.newsweek.com

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 12:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 133ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newsweek.com

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 12:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
499 B 173ms
172ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1647485511838493&correlator=242240737633037&output=ldjh&impl=fifs&eid=31060010%2C31060321&vrg=2021030201&ptt=17&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&sc=1&sfv=1-0-37&ecs=20210306&iu_parts=43459271%2Cnewsweek%2Ctop%2Cright1%2Coop1%2Coop2%2Coop3&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x250%2C300x250%2C1x1%2C1x1%2C1x1&ists=7&prev_scp=pos%3Dtop%26amznbid%3D2%26amznp%3D2%7Cpos%3Dright1%26amznbid%3D2%26amznp%3D2%7Cpos%3Doop1%7Cpos%3Doop2%7Cpos%3Doop3&eri=1&cust_params=amp%3DN%26cat%3Dnwus-news%26sitecat%3Dnwus-news%26fq_refresh%3Dfalse%26fq_refresh_int%3D0%26article_id%3D1574087%26topics%3DState%252CCoronavirus%252CStimulus%2520Package%252CMitt%2520Romney%252CFunding%252CSenate%26content%3DIAB12%26video%3DY%26video_type%3Drelated%26layout%3Dweb%26paragraphs%3D18%26total_ads%3D0%26page_type%3Darticle%26adunit%3Dnewsweek.com%252Fnews%252Farticle%26focus%3DY%26refresh%3DN%26w1200%3DY%26referrer%3Ddirect%26ts%3Dnonpromoted%26trsource%3DDirect%26brtype%3Dweb%26abt%3D1%26NoPassFQ%3DY%26adexclusion%3D%257Cnw%257C%2520NoPassFQ%26excl_cat%3D%257Cnw%257C%2520NoPassFQ&cookie_enabled=1&bc=31&abxe=1&lmt=1615034594&dt=1615034594209&dlt=1615034586135&idt=1149&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C1060%2C0%2C0%2C0&adys=161%2C441%2C7547%2C7547%2C7547&adks=2154452299%2C77810098%2C1914041524%2C1813964283%2C85176522&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newsweek.com%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1180x270%7C300x270%7C1600x0%7C1600x0%7C1600x0&msz=970x270%7C300x250%7C1600x0%7C1600x0%7C1600x0&ga_vid=1657243943.1615034587&ga_sid=1615034594&ga_hid=2122599977&ga_fc=false&fws=4%2C516%2C4%2C4%2C4&ohw=1180%2C300%2C1600%2C1600%2C1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

81fb3730563fe351158067310d2d5d0daebe0acbd2b278f0b7808cd61ef48d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newsweek.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7c9dcc426b4a05d939c203b2a6f27036.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 62ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7c9dcc426b4a05d939c203b2a6f27036.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 29ms
6ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pixel.js Show response
cdn.fqtag.com/1.27.339-ccfb11a/ 88 KB
88 KB 101ms
25ms Script
application/javascript 35.190.36.172
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by: Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:43:31 GMT
age: 3583
x-guploader-uploadid: ABg5-UxzhOTRMYktTE6XsRJAY_GCygGyyw37_DpVo2cNZLIIfmkl6unC5BYUE69QwNOBHdlqhZ4eTITIxEg92fO_zvJyqc6Yaw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89647
last-modified: Wed, 27 Jan 2021 19:48:44 GMT
server: UploadServer
etag: "e0eff30579598f76147c9ea12f490d21"
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
content-language: en
x-goog-generation: 1611776924905378
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 89647
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 06 Mar 2021 12:43:31 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 41ms
26ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2fe90a407b16736a30d6c80ff3fd41cbd4fb6a66e1a835cafa30d58e6ca92af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 12:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6528
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 12:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 06 Mar 2021 12:43:14 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 2E4B 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newsweek.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 06 Mar 2021 12:39:58 GMT
expires: Sun, 06 Mar 2022 12:39:58 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 196
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E4B 14 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 63319
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Sat, 05 Mar 2022 19:07:55 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 41ms
40ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030201&jk=1647485511838493&bg=!jo2ljc7NAAWsVXnBrDsAKQB2-Dxa9RSxuk7sVO9SmQGnFbU7CukzQhEOOi7sZzjN9PsmB_KV_0LMAgAAAI5SAAAAEWgBBwoA4-N3HthhzZtn8x1immX3s0z7TfbzG1rmF9qkelviwWTOeZ4Gj4dAcmgCRmZlhc0MLKwxoyZhGCcKD7CUrNwcizHrKswDgsmIEshdABgHhOPCfiFKTOLG_lRbcRu45r_5D7sMDgATQq88Bzjx0Wk_IH_mAYnjDDaJWxGSi5j8vSbb5ccC2LA3g2XzF4BQqygrgxV0xcJJkeprRNncyoS4it-0joN3pIoAuXQ79fAFN5_TA5kg1eIt9HASRhthCowI3csqvtA4e90IYHV7fsqQTZ8lmE0d_E9VbKaSypFsbjDbHXgxmQI48e69omMNVwdxq-xpIcXSGHW_JEarC-xkukAoL-fou_xJG-vdXE-uue4Cu1y8HPrsmdCVBwTjsr9ql2t4erySvvJAT2RqAPGbJIBLyOK6Y-fb1HKT-z_VKJX7Ni4yJxbuIbknbznSOiP-meypgjEudHhBk2EI7IXk7sICAINnLLTjpnJmmLWO0M0Rb8UOviHM7vNQD-IG99fM-T83sVTyJg0x59XEPvCTYxU_OEAbgXu8u__57qlQCpaYHfS8Qh31SoArbSboK3Z-tkHRa8CFvtqIKBFCCyyRzT0MapDMYB-waiOHQS9kDe0f7pWW7thbUPxD_OlM3WMp4_Z3YrDtIwjPGPQaohXm-iyy0HSL59oWLRUeTN5NTq7Vq9rtvuLxUuVVCXT9XL75jLlIApVr8_EKcEgooP2aeqL4zH_HjHSph-Z_VLRhyrwlULCz0DTkx9pLZEi0zgD33wXrq3ReiB1KGFlH2_7OCljlpCfC_RhmhAUvFRiLEyqnuHTnN-cXWIFBOt1li-fDOrkm9vex0myJIIzM-xB9CIoGKCHgNBNELkM6TIkWnRaW5eIpnvIhVumwRKXzhhjbnr9R68dAQ7qxaRPSWMecmpHnysMIWjNcb2fQLJJ-lbxQNKRhZ2oInGlQBftcS2z5oCjlWOqSsWQVz8lR9MNUBQ9OOwkt2gDxrpHCqSO3sc7sSgagdO0fzBqlPRObhdzHxeZ1nouFUOoJfyEhoItxxlsM2uLLqnQbjXMomEW_2g

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 123ms
123ms Image
image/gif 34.227.189.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newsweek.com&p=%2Fmitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087&u=Bdzv9DBHgBv-DJf63p&d=newsweek.com&g=65968&g0=News&g1=Katherine%20Fung&n=1&f=00001&c=0.25&x=0&m=0&y=7743&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1458&t=BMpGqhCcCsnxC5w0jICgsCq6C3N8M3&V=122&tz=-60&_acct=anon&sn=2&sv=DSLmQvBKsJNuBcf1EED--7_ZC8HiDT&sd=1&im=067b0ef0&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.189.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-189-155.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newsweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 12:43:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: video.newsweek.com
URL: https://video.newsweek.com/transcoder/480hls/2591/third-stimulus-bill-timeline-1614953978.m3u8

Verdicts & Comments Add Verdict or Comment

379 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 17:20:26	Name: PugT Value: 1615034590
.pubmatic.com/	1970-01-19 17:20:26	Name: SPugT Value: 1615034079
.pubmatic.com/	1970-01-19 17:20:26	Name: KRTBCOOKIE_80 Value: 16514-CAESEPk-EHhaEUDT8W_8-AyhQ_k&KRTB&22987-CAESEPk-EHhaEUDT8W_8-AyhQ_k&KRTB&23025-CAESEPk-EHhaEUDT8W_8-AyhQ_k
.pubmatic.com/	1970-01-19 18:46:50	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 18:46:50	Name: SyncRTB3 Value: 1616198400%3A56_161_220_21_13%7C1616284800%3A35
.pubmatic.com/	1970-01-19 18:46:50	Name: DPSync3 Value: 1616198400%3A201_227_226_221
.pubmatic.com/	1970-01-19 18:46:50	Name: KADUSERCOOKIE Value: 2FAC95A1-C487-4D89-A20A-A1028F6DE3D8
.lijit.com/	1970-01-20 01:22:50	Name: _ljtrtb_26 Value: 0d987996-a689-47e3-94d1-d3f86dd95b26
.pubmatic.com/	1970-01-19 16:38:40	Name: pi Value: 2:2
.lijit.com/	1970-01-20 01:22:50	Name: ljtrtb Value: eJwNy8kJxEAMAMFc9LZA9%2BFs5J11Esa5e6BfBf0AB5wg0WnOhT%2FXC%2B32wP77oM7QGpHahEGmWWuhqRUcwLRPrtxVR1G2k3AIvB9rrhOq
.doubleclick.net/	1970-01-20 10:08:26	Name: IDE Value: AHWqTUk5pXymnVy0drtwljOXuqgKS7wrAz3phowm1CNuiP55RjMlT9lWWFad45FwSxs
.pubmatic.com/	1970-01-19 18:46:50	Name: chkChromeAb67Sec Value: 1
.lijit.com/	1970-01-20 01:22:50	Name: _ljtrtb_10 Value: 1871878968079502162
.lijit.com/	1970-01-20 01:22:50	Name: ljtrtbexp Value: eJyrVjI0U7IyNDM0MzIxMbSw0FGyMEXlG0HkTQ3Mzc1BfEMDNHlziLyZsaWxhUUtAJqzEGQ%3D
.openx.net/	1970-01-19 16:58:50	Name: pd Value: v2\|1615034588\|gen0vNiygu
.pubmatic.com/	1970-01-19 17:20:26	Name: KRTBCOOKIE_336 Value: 5844-1045490487372136254
.openx.net/	1970-01-20 01:22:50	Name: i Value: 934259d9-926e-0dbd-336e-77bf648a8b0c\|1615034588
.lijit.com/	1970-01-20 01:22:50	Name: _ljtrtb_16 Value: 26974518-c53b-4f56-9e5a-3aa0da2284f5-604378dd-4348
.pubmatic.com/	1970-01-19 17:20:26	Name: KRTBCOOKIE_391 Value: 22924-8042456573044256371
.rubiconproject.com/	1970-01-20 01:22:50	Name: audit Value: 1\|XMEtPhKPUGYdARuk2v4wafmn/FhFRbfploKlLUrIR496eP0zD2PV8D/Ty441JBk2O7GZCjlkqi/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.rubiconproject.com/	1970-01-20 01:22:50	Name: khaos Value: KLXPW878-16-7MQS
.newsweek.com/	1970-01-19 17:20:26	Name: pelcro_count_of_articles_limit Value: 6
.lijit.com/	1970-01-20 01:22:50	Name: ljt_reader Value: 1ea86026c3f4e92577f8f2c6
www.newsweek.com/	1970-01-20 02:06:02	Name: _cb Value: Bdzv9DBHgBv-DJf63p
.casalemedia.com/	1970-01-19 16:38:40	Name: CMST Value: YEN43GBDeN8A
.casalemedia.com/	1970-01-19 18:46:50	Name: CMPS Value: 3202
eus.rubiconproject.com/	1970-01-19 18:46:50	Name: pux Value: 1512%3D97981%262249%3D97981%262307%3D97981%262974%3D97981%263778%3D97981%26idl%3D97981%26brx%3D97981%262249-DV360-Hosted%3D97981%26
.casalemedia.com/	1970-01-20 01:22:50	Name: CMID Value: YEN43MibGwzG-GaWDM3rvAAA
.gumgum.com/	1970-01-20 01:22:50	Name: vst Value: e_76ef4943-0734-4e5d-b8a5-3853a7357311
.newsweek.com/	1970-01-19 17:20:26	Name: pelcro_count_of_articles_read Value: 1
.amazon-adsystem.com/	1970-01-19 21:38:12	Name: ad-id Value: A7Q10GP2RkwZvkJe_1DzTJI
www.newsweek.com/	1970-01-19 16:38:40	Name: geo-location Value: {"country":"CH","region":"ZH"}
.amazon-adsystem.com/	1970-01-21 13:04:07	Name: ad-privacy Value: 0
.casalemedia.com/	1970-01-20 01:22:50	Name: CMRUM3 Value: 08604378df276005ed6b6f-6880-4db5-a7d9-58fc9a6447eb&2d604378dd2760CAESEPdYBRkTOzwGrsiou-YV8xM&f1604378dc05a00&e6604378dc27600&6f604378dc05a0&dd604378dc27600&51604378dc05a0&27604378dc0b40
.newsweek.com/	1970-01-19 17:20:26	Name: pelcro.pageview.frequency Value: MQ==
.newsweek.com/	1970-01-20 01:15:38	Name: pelcro.unique.id Value: ZzJjdTk0NjVwaDdrbHhwdzdqZA==
.newsweek.com/	1970-01-19 17:01:43	Name: cmx1 Value: 2021-03-06
.pubmatic.com/	1970-01-19 18:46:50	Name: KTPCACOOKIE Value: YES
www.newsweek.com/	1970-01-19 16:38:40	Name: _lr_geo_location Value: DE
.newsweek.com/	1970-01-19 16:37:50	Name: cds1 Value: 2021-03-06
.newsweek.com/	1970-01-19 16:38:33	Name: cus1 Value: 2021-03-06
.newsweek.com/	1970-01-19 17:20:26	Name: pelcro_count_of_articles_left Value: 5
www.newsweek.com/	1969-12-31 23:59:59	Name: has_js Value: 1
www.newsweek.com/	1970-01-19 16:37:16	Name: _cb_svref Value: null
.newsweek.com/	1970-01-19 16:38:40	Name: _gid Value: GA1.2.158023725.1615034587
www.newsweek.com/	1970-01-19 16:37:16	Name: orir Value:
www.newsweek.com/	1970-01-20 02:06:02	Name: _cb_ls Value: 1
.casalemedia.com/	1970-01-19 18:46:50	Name: CMPRO Value: 1139
www.newsweek.com/	1970-01-20 01:58:50	Name: gdpr-auditId Value: 85419be0-c903-464d-b20e-aac6babadb09
www.newsweek.com/	1970-01-20 02:06:02	Name: _chartbeat2 Value: .1615034587015.1615034587015.1.DSLmQvBKsJNuBcf1EED--7_ZC8HiDT.1
.newsweek.com/	1970-01-20 10:08:26	Name: _ga Value: GA1.2.1657243943.1615034587
.newsweek.com/	1970-01-19 16:37:14	Name: _dc_gtm_UA-44450862-1 Value: 1
.lijit.com/	1970-01-20 01:22:50	Name: _ljtrtb_85 Value: AACdE07AhvIAAEcRlr-KpQ
.newsweek.com/	1970-01-19 16:37:14	Name: _gat_UA-44450862-1 Value: 1
www.newsweek.com/	1969-12-31 23:59:59	Name: X-UA-Info Value: country\|CH\|state\|ZH\|city\|Zurich\|latitude\|47.394000\|longitude\|8.445000\|isp\|M247 Ltd\|ip\|185.156.175.107\|device\|desktop\|time\|1615034586

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VVrnBG8V-kJdW5tbvpN8TrvRmW20x2Jc4nRKmnN3wqV812-HwLV1-WJV7CgLSgW4pZR0k6j2vbyW3zKxpS60d1bxW8wms8H69m0ZRW6NW5Md3GbhWdN8BxZ70jr0m1W66ttw78bNStTMSBQD-FfSW7W3Y_NKb2mck7wN7FQDCgVgv5GW3YcT9K6pF02ZW8Rmfrt12JNwYVQpK-16xCJhlW2hF1018j6JKlW89Mvhc5B_D0TW3MQ1Mf6Jvr_xW9m1xJT7QFG__W93xnFx1_VdgJW1wCTL13TJbgnW8X-vF65hpPhyW1gkg_m3rK6YXW2gx-xD7Vj3Y2W1yr3CH6rYgB_VTCFfh6CTGwHW1GCkKh7zZq-7W7dlZDq3h923nW3qsZqb2G8zbqW8tHC059lYvjNN4mbdH7jMmBR3lgX1(Line 13) Message: toS
console-api	log	URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw(Line 1) Message: prebid_ads_xuaInfo_country CH
console-api	log	URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw(Line 1) Message: con_type 4g
console-api	log	URL: https://www.newsweek.com/mitt-romney-pushes-back-giving-some-states-covid-relief-it-doesnt-make-any-sense-1574087?_hsmi=96965274&_hsenc=p2ANqtz-_AePLZWMuAwtKSNhwYXdENlG0p6jbt-ph4HC_qRyk4pVrXI8rJsgWpRwJ4zUKEWFwVZJUfKn5dtCIG9yioA0xbVWDGM4dNMKXu80AuvJpT9sckncw(Line 2) Message: device: desktop false 1600 x 1200
console-api	debug	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: [bugsnag] Loaded!
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: script loaded :437 2 2
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: 18
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: 480p
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: o.ampAutoplay undefined
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: doFir on doc ready
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: document ready:992
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: GDPR_isLoaded
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: stats counted
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	warning	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: Pelcro - Local Storage Not Supported - Please upgrade your browser
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: pelcro_visit_value 5 1993
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: pelcro_visit_cookie_value 5 2497
console-api	log	URL: https://js.pelcro.com/sdk/main.min.js(Line 8) Message: window.onload:5958 2 2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7c9dcc426b4a05d939c203b2a6f27036.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ads.betweendigital.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
amazon-tam-match.dotomi.com
ams.creativecdn.com
ap.lijit.com
api-location-prd.pelcro.com
api.pushnami.com
ats.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cdn.fqtag.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
d.newsweek.com
d275im4r3zngba.cloudfront.net
d5p.de17a.com
data.adsrvr.org
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fqtag.com
g.newsweek.com
gc.newsweek.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
geo.rlcdn.com
i.clean.gg
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
info.silobreaker.com
js.pelcro.com
js.stripe.com
loadm.exelator.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
query.fqtag.com
recommendationengine.googleapis.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
stats.newsweek.com
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.pushnami.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
uploads.pelcro.com
ups.analytics.yahoo.com
us-u.openx.net
video.newsweek.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.newsweek.com
www.pelcro.com
x.bidswitch.net
video.newsweek.com
104.108.50.124
104.108.64.33
124.146.215.49
13.225.80.120
142.250.185.226
150.136.156.92
151.101.112.176
151.101.14.49
151.139.128.11
159.253.128.183
178.250.0.163
18.156.0.31
18.195.155.181
18.198.126.47
185.184.8.30
185.29.133.199
185.33.221.15
185.64.189.110
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.94.180.126
193.0.160.128
198.148.27.139
199.60.103.254
2.18.233.180
2.18.234.21
213.155.156.164
213.19.147.151
216.52.2.30
2600:1901:0:7a0b::
2600:9000:206f:d400:11:2a6a:9480:93a1
2600:9000:20d7:3600:18:1fcd:34e:d2a1
2600:9000:20d7:9200:8:bd4:5580:21
2600:9000:20d7:9a00:16:f82a:8600:93a1
2600:9000:21f3:c800:c:b42a:3740:93a1
2606:4700:10::6816:858
2606:4700:10::ac43:db6
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2013
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9d
2a02:fa8:8806:12::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a0b:4d07:101::1
3.127.129.22
3.222.149.159
3.91.110.183
34.214.36.192
34.227.189.155
34.250.193.151
34.95.69.49
34.98.64.218
35.156.245.144
35.186.195.222
35.190.36.172
35.190.72.161
35.201.96.126
35.227.248.159
35.244.174.68
35.244.220.155
37.157.6.251
52.23.3.189
52.46.130.13
52.51.224.103
52.6.106.191
52.95.118.60
54.166.112.225
54.171.173.220
54.194.13.58
54.93.43.1
65.9.187.106
65.9.187.27
65.9.24.128
65.9.58.8
66.155.71.149
69.173.144.139
69.173.144.165
70.42.32.159
72.251.249.14
77.243.60.138
88.212.252.2
88.214.206.247
99.83.219.100
027cdd160b8cd7846376309f6a3f089087d4da7d1fe894dbfb41a7ca682420df
06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
074786a3de88278cafa18f3d3ed636d7fb9b84c18ec821d5bbe7684bfe2fe3d1
08f02dc6c4a3a464ac5b5f8940ab6e3336af212ed448e27c5f4414394150bac6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0f07a672eb10bd2d82f8edcc8002949707f86ebdd39c230a28e7e59aa2d15f7a
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f9eecbe160d74b7dd4d55455b9df683b84f780dc9ce5b6c220daad55ad813f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
256614d7ebb2c118ce5110d89efff453f6dd98860f5d8293210c65f828804d0f
26afa415e1221eefb1b5aeac203c50935a2fb77ad77589f509d90202cc617c6d
2971bdd780546ddee609798b86a19dbb9ba613149f4d66f6b58c289558657faa
2bf8a4995f4236978a6ca8e7e0c5d3b0fb73f17f37487bf747190a0a82901feb
2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035
388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ff627e749e7a39cfaed11234bddb20a699d7a6c839e26ddf04ef21a2a2d8133
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
43784358edc19f685416d0a394f4e3c5727c56d8b9523a83d85edc78fb825b22
438c618b527721df1100a08498c18d75f02970d3c95600faba94b24d42dfc053
485d1e9597d74b48109f11c4bde59393d4a232d99a31a3c6989d5e56ff9a5fbf
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4baa3c22eeab1d4a7b92a64bbfe188845048c1147c7dfb056a9b41e02fa3a840
4d13723b246f9cdd4c7d83b512439539fa76131ca05e45f19086957572a57f1a
4d2e28ae6a54f406031e363b154ea0fcb41e5e19f53137d142d4c0461a976115
4d514e10555efe3a73d7a590c001690a3cc589671419d353cddd2bff36a5f1c5
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987
5b191c0b8cd4fe9d3fa6a2c5fda524c9cb392f0ab959e924d7d9786b04953503
5d998b8247e9380e64a822d26af8a738bc76edf381626cb64e45c4358f7825fc
5e8e5fe8bda51e143511122e4296e652c905e0e7445cad6e3b79365eafaa7f0d
6095bf9cddd76165fe68b17f0a2a42fe8244151240192c37e91ddf571907db69
62650fd33dce4209d2585176f5f4fcee4fb5abdeba5f3140bec1dd5f9abe043a
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
639f2f9d2daba6f9181b54d90db300bdd67e0cf94d724658bd9cb28aca3d8437
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
6dac64d464bf2838e256feeb0fa1077f32fe0361bd667aa08b4b10ccab27f829
720d8b5230522b836bd94ee27f388976a2da5f18b4c9a6474cd5f047f8380751
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
783a62f3eb9e69c9d4321076a2f2cdf29a482df8edabdca3282ed6fd72628204
78d696005212095afc1b473d1d8de01ab3c3617cdf3bfbe368a4ff701b736527
7fab7dcc2651c595525637d39ed16f5119a1edd615722fc15846145a952c80cd
81fb3730563fe351158067310d2d5d0daebe0acbd2b278f0b7808cd61ef48d8b
8304c4370f3c0694fadf3af1b943722fb21e278e8a30639d8d5a3f9ad1009d62
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84839a96bec1d8321255ccf47d6d93b67581f38021041b7969bf6e45259d9e73
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f51701a5cc105ee8f8c7e50f1dbf329ad65de52c52a689b3892df377bf4b39
86119508451510c4b9db24c9fba4d808f20e39b73ab16942717700a2316947d3
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
871fb3e4aa1bc00900629682ab6619bdb97f906b9fac03308a1e165a2266c309
8a12e7858a98183f16ea6175164bc67348bc23e3e1aa7b8c2c030fc3e1015652
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01
94b2fd1bbb2e106afbec3d5c27e7f3083ca9e4dc94efd79d53a3fb62ada26234
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b3fd54c22ab6b249fee63c213b856e010687600a69eee3c4792b3553b7371c8
9e1dfe8b0e471b7023c77f0880ded11f5c149ad4b5e248de55c4067f3692916e
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a72c001fcf73fc087a7dffd420f3d3e714546d4c093df0afc174d876e1c9368b
aa12b6968b55d509378d47dc26722bd22f3b62a5d85d11685817da0275601693
aa7a6c04f84f89de8386b554018ef614a1390e5c3f9a3d90b6419c56dc412a1d
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b67cf9e1ec148e234cf3ca80eb4e08be44dcabbbb3a899a5ad119083c59e8214
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b
bce4bf08bdc9a63708fd9a343ce3f3a7b2af8b2e4ad2f7606c4ab7021605fa4f
bde8b59fb988c3e52c85233240060f51c64af363751d2f7f278ec4828cc55d81
c21caf36058aed3bedb9471a30f438a571170c032caa717ebb9b96d8fa42fc00
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c599b673c60bb8d4af55bc745c284f3193a30c46c6be989d4c94bb66e81d62cc
c829f9d67ab7851c5ce62820191525d4581aa26bc0a18f6cba0b5af2c7912dd6
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
cdaf85fe81d43fc3660c06d3ab5e45746aedb293cf66a79134e907a9d6c5a346
ceea53e44ec565f4238f76684d3c16fe2c0806d7d0208678105d6f64320b8e56
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2fe90a407b16736a30d6c80ff3fd41cbd4fb6a66e1a835cafa30d58e6ca92af
d73c80c747e2ebaa8fce065cb77d293449cc8ca02591327c5a95d924c1948364
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc705c50693086fc8943a6215ac2b2db10eb84f106747d4e4dc21d54c3bc0ff9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df02d0528c82b30c35f6650bf806090e43216e075a6404afb46c60dcc9ccc38c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cf1c133b96419d7116640c9850740280ad5aed7e54b9749f7bb3211d6be4f7
e5e8c4fe82b17fc138e3e284baa752e44fefc0764e5fd4c25e84bc438cc70894
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e92e4796c42fdbae294f105642d304011e44c6c6ee2d67786f1e77585e2c99bd
e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab
eecdf607f41793e61a58937f215d9b1192888fc67ba525b041b05f2b3ab9685f
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff953b0f5adfb07abb28b08ec662fd620ce9fae2b8edf8dea330a29c8437c0c
f0f33ff8c7fbc1303a7c42cf242835af1c23357962a57ec6bec6cf8e7671cee9
f10879aaa1ec1d5db23ce2a79e0cbf134606c54933f81677a5b9c9150488bd4f
f656841e63e8747685f67c75cf450afa2e4845f1de8e0fccd60b81bdd58611c9
f6f4b4586d702093c9cc07e981206978d58633f46da7c721f46513d4dcc71b11
f750334a4025cb690ec9149313637a5ea4388fcd4cea6aab38e835a3d2e64ad2
f75744c2809b8499e960e417586de8c99371da88449f9fb79e0d5a944128ae94
fc6686761d3664feb55c6717335a43fcc4f9546505e3c1fd2d5c8bdb807b3b24
fd90c74a256c879ce6d6774b6f837c13a0fc31a122dcc3352ab63f76191cbc11

www.newsweek.com Open in urlscan Pro 99.83.219.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

196 Requests

98 %HTTPS

29 %IPv6

71 Domains

112 Subdomains

74 IPs

12 Countries

2029 kBTransfer

6299 kBSize

55 Cookies

15 Outgoing links

Page URL History

Redirected requests

196 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newsweek.com Open in urlscan Pro
99.83.219.100 Public Scan

Screenshot
Live screenshot

Full Image

196
Requests

98 %
HTTPS

29 %
IPv6

71
Domains

112
Subdomains

74
IPs

12
Countries

2029 kB
Transfer

6299 kB
Size

55
Cookies

196 HTTP transactions
0 data transactions