urlscan.io logo urlscan.io
SecurityTrails logo

www.buzzfeednews.com Open in urlscan Pro
151.101.66.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.buzzfeed.com/click/26727723.198387/aHR0cHM6Ly93d3cuYnV6emZlZWRuZXdzLmNvbS9hcnRpY2xlL2VsbGlldmhhbGwvcHJpbmNlLW...
Effective URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=emai...
Submission: On February 16 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 118 IPs in 8 countries across 113 domains to perform 434 HTTP transactions. The main IP is 151.101.66.114, located in United States and belongs to FASTLY, US. The main domain is www.buzzfeednews.com. The Cisco Umbrella rank of the primary domain is 32535.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on June 23rd 2021. Valid for: a year.
This is the only time www.buzzfeednews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.226.166.212 14618 (AMAZON-AES)
47 151.101.66.114 54113 (FASTLY)
1 2a04:4e42:e00... 54113 (FASTLY)
11 142.251.40.130 15169 (GOOGLE)
1 104.16.220.11 13335 (CLOUDFLAR...)
1 2 151.101.66.137 54113 (FASTLY)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 35.188.42.15 15169 (GOOGLE)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2600:1400:d:4... 20940 (AKAMAI-ASN1)
1 4 192.184.68.195 14618 (AMAZON-AES)
1 52.85.61.89 16509 (AMAZON-02)
2 54.230.240.249 16509 (AMAZON-02)
1 23.52.162.190 16625 (AKAMAI-AS)
2 4 52.85.61.5 16509 (AMAZON-02)
1 2600:9000:220... 16509 (AMAZON-02)
1 151.139.128.11 20446 (HIGHWINDS3)
6 34.120.70.128 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
5 2600:9000:220... 16509 (AMAZON-02)
3 6 70.42.32.159 22075 (AS-OUTBRAIN)
1 35.190.59.101 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
2 75.2.40.13 16509 (AMAZON-02)
1 5 35.186.226.184 15169 (GOOGLE)
1 151.101.130.114 54113 (FASTLY)
1 34.120.195.249 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
1 2600:9000:220... 16509 (AMAZON-02)
1 7 23.34.251.243 16625 (AKAMAI-AS)
2 2600:9000:220... 16509 (AMAZON-02)
5 3.210.40.137 14618 (AMAZON-AES)
3 151.101.128.176 54113 (FASTLY)
2 35.238.176.72 15169 (GOOGLE)
3 3 107.178.246.49 15169 (GOOGLE)
9 52.85.61.87 16509 (AMAZON-02)
1 199.232.198.217 54113 (FASTLY)
7 52.85.63.179 16509 (AMAZON-02)
6 3.92.156.8 14618 (AMAZON-AES)
2 2600:9000:220... 16509 (AMAZON-02)
3 23.200.173.61 16625 (AKAMAI-AS)
3 2602:803:c002... 26667 (RUBICONPR...)
1 3.223.147.57 14618 (AMAZON-AES)
5 11 68.67.179.123 29990 (ASN-APPNEX)
3 35.211.165.199 19527 (GOOGLE-2)
3 23.66.229.102 16625 (AKAMAI-AS)
1 35.174.143.115 14618 (AMAZON-AES)
1 52.25.1.59 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 100.25.247.56 14618 (AMAZON-AES)
1 2600:9000:220... 16509 (AMAZON-02)
1 19 52.46.130.91 16509 (AMAZON-02)
19 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:220... 16509 (AMAZON-02)
2 34.238.134.115 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
9 10 35.211.178.172 19527 (GOOGLE-2)
1 2600:9000:220... 16509 (AMAZON-02)
3 3 54.234.88.163 14618 (AMAZON-AES)
1 22 54.164.234.113 14618 (AMAZON-AES)
2 39 23.52.162.21 16625 (AKAMAI-AS)
2 6 35.244.159.8 15169 (GOOGLE)
5 5 2620:112:f002... 6336 (TURN-US-ASN)
2 11 104.16.190.66 13335 (CLOUDFLAR...)
5 10 34.199.144.90 14618 (AMAZON-AES)
3 23.52.161.180 16625 (AKAMAI-AS)
2 10 23.192.31.127 16625 (AKAMAI-AS)
4 4 54.175.87.114 14618 (AMAZON-AES)
3 10 35.71.139.29 16509 (AMAZON-02)
4 4 68.67.160.75 29990 (ASN-APPNEX)
2 2 3.228.147.119 14618 (AMAZON-AES)
9 9 70.42.32.63 13789 (INTERNAP-...)
1 1 54.236.183.237 14618 (AMAZON-AES)
3 8 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 54.210.154.62 14618 (AMAZON-AES)
2 2 129.159.70.95 31898 (ORACLE-BM...)
1 2 38.91.45.7 398989 (DEEPINTENT)
4 5 23.209.184.224 16625 (AKAMAI-AS)
2 2 52.72.112.178 14618 (AMAZON-AES)
4 4 199.127.204.147 26120 (RHYTHMONE)
16 16 15.197.193.217 16509 (AMAZON-02)
2 2 198.148.27.140 19189 (PULSEPOINT)
1 1 199.187.193.177 47043 (SMARTADSE...)
2 8.28.7.81 62713 (AS-PUBMATIC)
6 6 185.29.134.244 30419 (MEDIAMATH...)
7 8 151.101.2.49 54113 (FASTLY)
11 16 142.250.80.98 15169 (GOOGLE)
8 8 67.202.105.22 32748 (STEADFAST)
1 2 67.202.105.31 32748 (STEADFAST)
1 1 124.146.215.42 2514 (INFOSPHER...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
5 5 8.43.72.97 26667 (RUBICONPR...)
2 2 69.90.254.78 13768 (COGECO-PEER1)
1 1 3.208.223.190 14618 (AMAZON-AES)
2 2 51.161.117.181 16276 (OVH)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2 18.213.10.151 14618 (AMAZON-AES)
1 6 8.43.72.98 26667 (RUBICONPR...)
2 4 35.190.60.146 15169 (GOOGLE)
3 4 185.167.164.39 198622 (ADFORM)
6 8.28.7.83 62713 (AS-PUBMATIC)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
2 8.28.7.84 62713 (AS-PUBMATIC)
6 104.36.115.109 62713 (AS-PUBMATIC)
1 1 169.55.104.49 36351 (SOFTLAYER)
2 2 199.38.167.129 54312 (ROCKETFUEL)
3 3 216.152.140.200 13768 (COGECO-PEER1)
5 2607:f8b0:400... 15169 (GOOGLE)
1 209.204.233.176 27381 (CASALE-MEDIA)
9 2607:f8b0:400... 15169 (GOOGLE)
1 1 3.227.228.140 14618 (AMAZON-AES)
6 34.117.239.71 15169 (GOOGLE)
4 4 2606:ae80:145... 25751 (VALUECLICK)
2 2600:1400:d:5... 20940 (AKAMAI-ASN1)
1 4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 104.16.68.69 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
2 52.85.61.17 16509 (AMAZON-02)
2 52.85.61.58 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 204.154.110.76 36062 (DOUBLE-VE...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 104.36.115.114 62713 (AS-PUBMATIC)
2 35.201.67.47 15169 (GOOGLE)
2 54.187.159.182 16509 (AMAZON-02)
2 52.85.61.81 16509 (AMAZON-02)
1 35.162.230.186 16509 (AMAZON-02)
6 6 54.236.195.76 14618 (AMAZON-AES)
1 74.119.119.150 19750 (AS-CRITEO)
3 3 51.210.112.236 16276 (OVH)
2 2 52.0.156.250 14618 (AMAZON-AES)
1 2 35.201.96.126 15169 (GOOGLE)
1 52.85.61.93 16509 (AMAZON-02)
1 2 44.198.222.213 14618 (AMAZON-AES)
1 3.208.70.15 14618 (AMAZON-AES)
2 204.154.110.84 36062 (DOUBLE-VE...)
2 2 34.229.3.43 14618 (AMAZON-AES)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 3.210.151.157 14618 (AMAZON-AES)
1 34.120.155.137 15169 (GOOGLE)
3 23.52.160.130 16625 (AKAMAI-AS)
1 1 34.102.163.6 15169 (GOOGLE)
2 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 104.18.100.194 13335 (CLOUDFLAR...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 52.85.61.83 16509 (AMAZON-02)
1 2 54.211.181.31 14618 (AMAZON-AES)
1 1 50.16.141.46 14618 (AMAZON-AES)
2 2 173.231.184.20 29791 (VOXEL-DOT...)
1 1 192.132.33.46 18568 (BIDTELLECT)
1 1 141.226.224.48 200478 (TABOOLA-AS)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
434 118
1    3.226.166.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-166-212.compute-1.amazonaws.com
link.buzzfeed.com
47    151.101.66.114 (United States)

ASN54113 (FASTLY, US)
www.buzzfeednews.com
www.buzzfeed.com
img.buzzfeed.com
1    2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
11    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
securepubads.g.doubleclick.net
1    104.16.220.11 (None, )

ASN13335 (CLOUDFLARENET, US)
run.adrizer.com
2    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
1    2600:141b:13::17d7:82db (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
1    2600:141b:13::17d7:82cb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2607:f8b0:4006:80d::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:1400:d:49d::1931 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
4    192.184.68.195 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
1    52.85.61.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-89.ewr53.r.cloudfront.net
ak.sail-horizon.com
2    54.230.240.249 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-240-249.ewr53.r.cloudfront.net
sc-static.net
1    23.52.162.190 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
4    52.85.61.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-5.ewr53.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:2209:7800:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
6    34.120.70.128 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 128.70.120.34.bc.googleusercontent.com
elements.widget.shopbonsai.ca
3    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2600:9000:2209:5200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
6    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
sync.outbrain.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
2    75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
5    35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
1    151.101.130.114 (United States)

ASN54113 (FASTLY, US)
abeagle-public.buzzfeed.com
1    34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o1085221.ingest.sentry.io
1    2607:f8b0:4023:1407::9b (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:2209:4000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
7    23.34.251.243 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-251-243.deploy.static.akamaitechnologies.com
ct.pinterest.com
www.pinterest.com
www.pinterest.ca
2    2600:9000:2209:1c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
5    3.210.40.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-40-137.compute-1.amazonaws.com
pixiedust.buzzfeed.com
3    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    35.238.176.72 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 72.176.238.35.bc.googleusercontent.com
api.widget.shopbonsai.ca
3    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
9    52.85.61.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-87.ewr53.r.cloudfront.net
tagan.adlightning.com
1    199.232.198.217 (United States)

ASN54113 (FASTLY, US)
static.scroll.com
7    52.85.63.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-63-179.ewr53.r.cloudfront.net
c.amazon-adsystem.com
6    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
2    2600:9000:2209:de00:f:1dcc:7540:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin2.com
3    23.200.173.61 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-173-61.deploy.static.akamaitechnologies.com
a.teads.tv
3    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    3.223.147.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-147-57.compute-1.amazonaws.com
krk.kargo.com
11    68.67.179.123 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 562.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
3    35.211.165.199 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
3    23.66.229.102 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-229-102.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    35.174.143.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-143-115.compute-1.amazonaws.com
tlx.3lift.com
1    52.25.1.59 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-1-59.us-west-2.compute.amazonaws.com
api.amplitude.com
1    2607:f8b0:4006:80f::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:81c::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    100.25.247.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-247-56.compute-1.amazonaws.com
secure-dcr.imrworldwide.com
1    2600:9000:2209:200:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
og1bgxveuvbfyzgatkv1gewjslblv1645043056.nuid.imrworldwide.com
19    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
19    2607:f8b0:4006:80c::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    2600:9000:2209:4000:1f:af3f:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
lantern.roeyecdn.com
2    34.238.134.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-134-115.compute-1.amazonaws.com
fbcapi.buzzfeed.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
10    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    2600:9000:2209:3600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    54.234.88.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-88-163.compute-1.amazonaws.com
cs.emxdgt.com
22    54.164.234.113 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-234-113.compute-1.amazonaws.com
rtb.gumgum.com
39    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
js-sec.indexww.com
dsum.casalemedia.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
5    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
11    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.districtm.io
dmx.districtm.io
10    34.199.144.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-144-90.compute-1.amazonaws.com
match.sharethrough.com
3    23.52.161.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
10    23.192.31.127 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
4    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
10    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
4    68.67.160.75 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
2    3.228.147.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-147-119.compute-1.amazonaws.com
ads.creative-serving.com
9    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    54.236.183.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-183-237.compute-1.amazonaws.com
sync.srv.stackadapt.com
8    2600:1f18:4e9:5a02:efb6:c060:3207:6cbc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    54.210.154.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-154-62.compute-1.amazonaws.com
sync.ipredictive.com
2    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
5    23.209.184.224 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-224.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
2    52.72.112.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-112-178.compute-1.amazonaws.com
ad.360yield.com
4    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
16    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.177 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
2    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
16    142.250.80.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
cm.g.doubleclick.net
8    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
1    124.146.215.42 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
5    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
token.rubiconproject.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    3.208.223.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-223-190.compute-1.amazonaws.com
d.adroll.com
2    51.161.117.181 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns572509.ip-51-161-117.net
gu.dyntrk.com
4    2607:f8b0:4006:824::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    18.213.10.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-151.compute-1.amazonaws.com
um2.eqads.com
6    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
4    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
6    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    169.55.104.49 (Ashburn, United States)

ASN36351 (SOFTLAYER, US)
PTR: 31.68.37a9.ip4.static.sl-reverse.com
um.simpli.fi
2    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    216.152.140.200 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
5    2607:f8b0:4006:80a::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    209.204.233.176 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a3604.casalemedia.com
9    2607:f8b0:4006:81f::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    3.227.228.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-228-140.compute-1.amazonaws.com
cms-xch.33across.com
6    34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
4    2606:ae80:1451:18::1720 (United States)

ASN25751 (VALUECLICK, US)
33across-match.dotomi.com
pubmatic-match.dotomi.com
2    2600:1400:d:595::4469 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
4    2607:f8b0:4006:823::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:822::200a (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:824::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
5    2607:f8b0:4006:80b::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    52.85.61.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-17.ewr53.r.cloudfront.net
fr-actions.trackonomics.net
2    52.85.61.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-58.ewr53.r.cloudfront.net
trx-hub.com
2    2607:f8b0:4006:809::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    204.154.110.76 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-phlb106.doubleverify.com
tps.doubleverify.com
3    2607:f8b0:4006:81e::200e (Queens, United States)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
1    2607:f8b0:4006:809::200e (Queens, United States)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
1    2607:f8b0:4006:807::200e (Queens, United States)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
2    2607:f8b0:4006:81d::200e (Queens, United States)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
2    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
2    52.85.61.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-81.ewr53.r.cloudfront.net
m.stripe.network
1    35.162.230.186 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-230-186.us-west-2.compute.amazonaws.com
m.stripe.com
6    54.236.195.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-195-76.compute-1.amazonaws.com
match.prod.bidr.io
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
3    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-1.cloudy.ovh
pixel.onaudience.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loada.exelator.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    52.85.61.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-93.ewr53.r.cloudfront.net
aa.agkn.com
2    44.198.222.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-222-213.compute-1.amazonaws.com
io.narrative.io
1    3.208.70.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-70-15.compute-1.amazonaws.com
rtb.adentifi.com
2    204.154.110.84 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-phlb114.doubleverify.com
tpsc-nyc.doubleverify.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadus.exelator.com
loadm.exelator.com
1    2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
1    3.210.151.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-151-157.compute-1.amazonaws.com
thrtle.com
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
3    23.52.160.130 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-160-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.100.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    52.85.61.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-83.ewr53.r.cloudfront.net
cm.smadex.com
2    54.211.181.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-181-31.compute-1.amazonaws.com
dpm.demdex.net
1    50.16.141.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-141-46.compute-1.amazonaws.com
nep.advangelists.com
2    173.231.184.20 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: lga-cassandra-1.sys.adgear.com
cm.adgrx.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
Apex Domain
Subdomains		 Transfer
37 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 427
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
a3604.casalemedia.com — Cisco Umbrella Rank: 134850
dsum.casalemedia.com — Cisco Umbrella Rank: 1042
55 KB
35 buzzfeednews.com
www.buzzfeednews.com — Cisco Umbrella Rank: 32535
2 MB
33 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
240 KB
28 googlesyndication.com
6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
176 KB
26 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 263
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
57 KB
24 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 436
eus.rubiconproject.com — Cisco Umbrella Rank: 512
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 935
token.rubiconproject.com — Cisco Umbrella Rank: 593
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
53 KB
22 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 978
6 KB
21 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 429
image6.pubmatic.com — Cisco Umbrella Rank: 582
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 738
image2.pubmatic.com — Cisco Umbrella Rank: 752
simage4.pubmatic.com — Cisco Umbrella Rank: 1024
37 KB
21 buzzfeed.com
link.buzzfeed.com — Cisco Umbrella Rank: 240888
www.buzzfeed.com — Cisco Umbrella Rank: 10771
img.buzzfeed.com — Cisco Umbrella Rank: 14462
abeagle-public.buzzfeed.com — Cisco Umbrella Rank: 16804
pixiedust.buzzfeed.com — Cisco Umbrella Rank: 13585
bas.buzzfeed.com Failed
fbcapi.buzzfeed.com — Cisco Umbrella Rank: 31819
263 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 350
acdn.adnxs.com — Cisco Umbrella Rank: 547
88 KB
18 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 2363
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
11 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
8 KB
15 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 760
cms-xch.33across.com — Cisco Umbrella Rank: 2652
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 1338
5 KB
13 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1017
x.bidswitch.net — Cisco Umbrella Rank: 265
5 KB
12 districtm.io
cdn.districtm.io — Cisco Umbrella Rank: 1644
dmx.districtm.io — Cisco Umbrella Rank: 1164
5 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 532
eb2.3lift.com — Cisco Umbrella Rank: 356
4 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
235 KB
10 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 561
2 KB
9 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 523
6 KB
9 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1168
224 KB
8 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
2 KB
8 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2412
secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 2280
og1bgxveuvbfyzgatkv1gewjslblv1645043056.nuid.imrworldwide.com
72 KB
8 shopbonsai.ca
elements.widget.shopbonsai.ca — Cisco Umbrella Rank: 22276
api.widget.shopbonsai.ca — Cisco Umbrella Rank: 23475
211 KB
7 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2190
tr.outbrain.com — Cisco Umbrella Rank: 1993
sync.outbrain.com — Cisco Umbrella Rank: 717
5 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 618
6 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
3 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
4 KB
6 openx.net
u.openx.net — Cisco Umbrella Rank: 636
us-u.openx.net — Cisco Umbrella Rank: 322
1 KB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 854
q.stripe.com — Cisco Umbrella Rank: 5951
m.stripe.com — Cisco Umbrella Rank: 828
69 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 2775
r.skimresources.com — Cisco Umbrella Rank: 2667
p.skimresources.com — Cisco Umbrella Rank: 3600
t.skimresources.com — Cisco Umbrella Rank: 2808
11 KB
5 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 20824
loadus.exelator.com — Cisco Umbrella Rank: 1160
load77.exelator.com — Cisco Umbrella Rank: 2952
loadm.exelator.com — Cisco Umbrella Rank: 891
4 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 346
111 KB
5 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 454
tps.doubleverify.com — Cisco Umbrella Rank: 435
tpsc-nyc.doubleverify.com — Cisco Umbrella Rank: 1116
98 KB
5 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 548
idsync.rlcdn.com — Cisco Umbrella Rank: 283
api.rlcdn.com — Cisco Umbrella Rank: 739
1 KB
5 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 447
tags.bluekai.com — Cisco Umbrella Rank: 425
4 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
2 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
1 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 943
1 KB
4 pinterest.ca
www.pinterest.ca — Cisco Umbrella Rank: 24947
15 KB
4 dotomi.com
33across-match.dotomi.com — Cisco Umbrella Rank: 2416
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2481
1 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 529
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
143 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
3 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 829
pixel.quantserve.com — Cisco Umbrella Rank: 374
11 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1400
1 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 480
2 KB
3 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 801
662 B
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1139
1 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 357
1 KB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 810
www.pinterest.com — Cisco Umbrella Rank: 1008
2 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
192 KB
3 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 5418
fr-actions.trackonomics.net — Cisco Umbrella Rank: 9740
29 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 683
s.tribalfusion.com — Cisco Umbrella Rank: 1640
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1259
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187
2 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 497
552 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 439
1 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 1950
643 B
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3352
1007 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 913
16 KB
2 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 6588
888 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 615
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 692
848 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 2780
563 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1021
1 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 946
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 585
695 B
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1078
hde.tynt.com — Cisco Umbrella Rank: 3924
3 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 516
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 621
615 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 807
594 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1041
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 882
950 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3024
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
426 B
2 dwin2.com
www.dwin2.com — Cisco Umbrella Rank: 15342
11 KB
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2040
48 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2482
497 B
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1072
13 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 667
19 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 sentry.io
sentry.io — Cisco Umbrella Rank: 373
o1085221.ingest.sentry.io
659 B
2 typekit.net
p.typekit.net — Cisco Umbrella Rank: 510
use.typekit.net — Cisco Umbrella Rank: 399
24 KB
2 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3152
cds.connatix.com — Cisco Umbrella Rank: 3185
235 KB
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 725
310 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 648
671 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 1777
234 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 2711
528 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 212
665 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 1554
248 B
1 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1043
193 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 931
88 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 388
656 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 619
362 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
662 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3850
359 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1329
112 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1249
825 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1193
318 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 821
585 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
579 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 659
241 B
1 roeyecdn.com
lantern.roeyecdn.com — Cisco Umbrella Rank: 19940
2 KB
1 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12901
792 B
1 amplitude.com
api.amplitude.com — Cisco Umbrella Rank: 1169
168 B
1 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 2399
655 B
1 scroll.com
static.scroll.com — Cisco Umbrella Rank: 5303
7 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 770
2 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2571
43 KB
1 adrizer.com
run.adrizer.com — Cisco Umbrella Rank: 24710
35 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1195
585 B
434 113
Domain Requested by
35 www.buzzfeednews.com www.buzzfeednews.com
26 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
22 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
rtb.gumgum.com
hde.tynt.com
ads.pubmatic.com
19 s.amazon-adsystem.com 1 redirects tagan.adlightning.com
s.amazon-adsystem.com
rtb.gumgum.com
match.sharethrough.com
u.openx.net
eus.rubiconproject.com
ssum-sec.casalemedia.com
ads.pubmatic.com
eb2.3lift.com
17 tpc.googlesyndication.com googleads.g.doubleclick.net
6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
www.buzzfeednews.com
cdn.ampproject.org
tagan.adlightning.com
16 cm.g.doubleclick.net 11 redirects rtb.gumgum.com
u.openx.net
eus.rubiconproject.com
eb2.3lift.com
16 match.adsrvr.org 16 redirects
11 ib.adnxs.com 5 redirects www.buzzfeednews.com
acdn.adnxs.com
11 securepubads.g.doubleclick.net www.buzzfeednews.com
securepubads.g.doubleclick.net
www.googletagservices.com
6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
10 eb2.3lift.com 3 redirects www.buzzfeednews.com
eb2.3lift.com
10 match.sharethrough.com 5 redirects s.amazon-adsystem.com
match.sharethrough.com
10 x.bidswitch.net 9 redirects
9 pagead2.googlesyndication.com tagan.adlightning.com
googleads.g.doubleclick.net
www.buzzfeednews.com
tpc.googlesyndication.com
www.googletagservices.com
9 dmx.districtm.io 1 redirects cdn.districtm.io
s.amazon-adsystem.com
9 b1sync.zemanta.com 9 redirects
9 tagan.adlightning.com www.buzzfeednews.com
tagan.adlightning.com
6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
8 ssc-cms.33across.com 8 redirects
8 sync-tm.everesttech.net 7 redirects rtb.gumgum.com
8 pr-bh.ybp.yahoo.com 3 redirects u.openx.net
ssum-sec.casalemedia.com
8 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
hde.tynt.com
www.buzzfeednews.com
7 c.amazon-adsystem.com www.buzzfeednews.com
7 img.buzzfeed.com www.buzzfeednews.com
6 js-sec.indexww.com www.buzzfeednews.com
ssum-sec.casalemedia.com
6 match.prod.bidr.io 6 redirects
6 cms-xch-chicago.33across.com hde.tynt.com
www.buzzfeednews.com
6 image2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
6 simage2.pubmatic.com ads.pubmatic.com
s.amazon-adsystem.com
6 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
6 sync.mathtag.com 6 redirects
6 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
6 c2shb.pubgw.yahoo.com www.buzzfeednews.com
6 elements.widget.shopbonsai.ca www.buzzfeednews.com
elements.widget.shopbonsai.ca
5 cdn.ampproject.org www.buzzfeednews.com
5 googleads.g.doubleclick.net tagan.adlightning.com
googleads.g.doubleclick.net
5 ad.turn.com 5 redirects
5 pixiedust.buzzfeed.com www.buzzfeednews.com
5 tr.snapchat.com 1 redirects www.buzzfeednews.com
5 cdn-gl.imrworldwide.com www.buzzfeednews.com
cdn-gl.imrworldwide.com
5 www.buzzfeed.com www.buzzfeednews.com
4 www.pinterest.ca tagan.adlightning.com
www.buzzfeednews.com
4 www.google.com 1 redirects googleads.g.doubleclick.net
6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
tagan.adlightning.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 www.googletagservices.com tagan.adlightning.com
googleads.g.doubleclick.net
6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
4 stags.bluekai.com 4 redirects
4 us-u.openx.net 1 redirects u.openx.net
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 secure.adnxs.com 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 sb.scorecardresearch.com 2 redirects www.buzzfeednews.com
3 acdn.adnxs.com www.buzzfeednews.com
3 pixel.onaudience.com 3 redirects
3 encrypted-tbn1.gstatic.com 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
3 pixel-sync.sitescout.com 3 redirects
3 idsync.rlcdn.com 2 redirects s.amazon-adsystem.com
3 token.rubiconproject.com 3 redirects
3 sync.1rx.io 3 redirects
3 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
3 cdn.districtm.io 1 redirects s.amazon-adsystem.com
cdn.districtm.io
3 cs.emxdgt.com 3 redirects
3 pixel.quantserve.com 1 redirects www.buzzfeednews.com
3 htlb.casalemedia.com www.buzzfeednews.com
3 grid.bidswitch.net www.buzzfeednews.com
3 fastlane.rubiconproject.com www.buzzfeednews.com
3 a.teads.tv www.buzzfeednews.com
3 pixel.tapad.com 3 redirects
3 js.stripe.com elements.widget.shopbonsai.ca
tagan.adlightning.com
js.stripe.com
3 connect.facebook.net www.buzzfeednews.com
connect.facebook.net
2 cm.adgrx.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects
2 tpsc-nyc.doubleverify.com cdn.doubleverify.com
2 pubmatic-match.dotomi.com 2 redirects
2 io.narrative.io 1 redirects
2 visitor.fiftyt.com 1 redirects
2 loada.exelator.com 2 redirects
2 m.stripe.network js.stripe.com
m.stripe.network
2 q.stripe.com www.buzzfeednews.com
2 t.skimresources.com www.buzzfeednews.com
2 simage4.pubmatic.com ads.pubmatic.com
2 encrypted-tbn0.gstatic.com 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 trx-hub.com www.buzzfeednews.com
2 fr-actions.trackonomics.net www.buzzfeednews.com
2 fonts.googleapis.com 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
www.buzzfeednews.com
2 cdn.doubleverify.com tagan.adlightning.com
2 33across-match.dotomi.com 2 redirects
2 p.rfihub.com 2 redirects
2 image4.pubmatic.com s.amazon-adsystem.com
2 pippio.com 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 ums.acuityplatform.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 creativecdn.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 bh.contextweb.com 2 redirects
2 ad.360yield.com 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 www.facebook.com www.buzzfeednews.com
2 fbcapi.buzzfeed.com www.buzzfeednews.com
2 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
2 secure-dcr.imrworldwide.com www.buzzfeednews.com
2 www.dwin2.com tagan.adlightning.com
2 api.widget.shopbonsai.ca www.buzzfeednews.com
2 quantcast.mgr.consensu.org www.buzzfeednews.com
quantcast.mgr.consensu.org
2 ct.pinterest.com www.buzzfeednews.com
2 api.sail-personalize.com www.buzzfeednews.com
2 p.skimresources.com www.buzzfeednews.com
2 tr.outbrain.com amplify.outbrain.com
www.buzzfeednews.com
2 sc-static.net www.buzzfeednews.com
tr.snapchat.com
2 s.pinimg.com www.buzzfeednews.com
s.pinimg.com
2 www.google-analytics.com www.buzzfeednews.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 loadm.exelator.com 1 redirects
1 sync.taboola.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 bttrack.com 1 redirects
1 nep.advangelists.com 1 redirects
1 cm.smadex.com 1 redirects
1 c.bing.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 api.rlcdn.com www.buzzfeednews.com
1 thrtle.com
1 load77.exelator.com
1 loadus.exelator.com 1 redirects
1 rtb.adentifi.com
1 aa.agkn.com
1 tags.bluekai.com
1 dis.criteo.com ads.pubmatic.com
1 m.stripe.com m.stripe.network
1 www.pinterest.com 1 redirects
1 encrypted-tbn3.gstatic.com 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
1 encrypted-tbn2.gstatic.com 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
1 tps.doubleverify.com tagan.adlightning.com
1 www.gstatic.com 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
1 cms-xch.33across.com 1 redirects
1 a3604.casalemedia.com tagan.adlightning.com
1 um.simpli.fi 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 id.rlcdn.com eus.rubiconproject.com
1 d.adroll.com 1 redirects
1 tg.socdm.com 1 redirects
1 hde.tynt.com rtb.gumgum.com
1 de.tynt.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 s.ad.smaato.net s.amazon-adsystem.com
1 lantern.roeyecdn.com tagan.adlightning.com
1 og1bgxveuvbfyzgatkv1gewjslblv1645043056.nuid.imrworldwide.com www.buzzfeednews.com
1 adservice.google.com tagan.adlightning.com
1 adservice.google.ca tagan.adlightning.com
1 api.amplitude.com www.buzzfeednews.com
1 tlx.3lift.com www.buzzfeednews.com
1 krk.kargo.com www.buzzfeednews.com
1 static.scroll.com www.buzzfeednews.com
1 rules.quantcount.com secure.quantserve.com
1 stats.g.doubleclick.net www.buzzfeednews.com
1 o1085221.ingest.sentry.io www.buzzfeednews.com
1 abeagle-public.buzzfeed.com www.buzzfeednews.com
1 r.skimresources.com s.skimresources.com
1 s.skimresources.com www.buzzfeednews.com
1 cdn-magiclinks.trackonomics.net www.buzzfeednews.com
1 amplify.outbrain.com www.buzzfeednews.com
1 ak.sail-horizon.com www.buzzfeednews.com
1 secure.quantserve.com www.buzzfeednews.com
1 use.typekit.net www.buzzfeednews.com
1 sentry.io www.buzzfeednews.com
1 p.typekit.net www.buzzfeednews.com
1 cds.connatix.com www.buzzfeednews.com
1 cd.connatix.com 1 redirects
1 run.adrizer.com www.buzzfeednews.com
1 polyfill.io www.buzzfeednews.com
1 link.buzzfeed.com 1 redirects
0 bas.buzzfeed.com Failed www.buzzfeednews.com
434 182
Subject Issuer Validity Valid
*.buzzfeed.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-23 -
2022-07-25		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2020-06-02 -
2022-06-07		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.trackonomics.net
Go Daddy Secure Certificate Authority - G2		 2021-12-22 -
2023-01-23		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
elements.widget.shopbonsai.ca
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-26 -
2022-02-24		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
api.sail-personalize.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-13 -
2023-01-13		 a year crt.sh
*.ingest.sentry.io
R3		 2021-12-23 -
2022-03-23		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
buzzfeed.com
Amazon		 2022-02-04 -
2023-03-05		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-01-26 -
2022-05-04		 3 months crt.sh
*.shopbonsai.ca
R3		 2021-12-19 -
2022-03-19		 3 months crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.scroll.com
R3		 2021-12-28 -
2022-03-28		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
www.dwin2.com
Amazon		 2021-09-28 -
2022-10-27		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.app.kargo.com
Amazon		 2022-01-06 -
2023-02-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2022-01-28 -
2023-02-28		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.nuid.imrworldwide.com
Amazon		 2021-06-11 -
2022-07-10		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.roeyecdn.com
Amazon		 2021-12-06 -
2023-01-02		 a year crt.sh
fbcapi.buzzfeed.com
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-01-15 -
2023-01-13		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.trx-hub.com
Amazon		 2021-03-22 -
2022-04-20		 a year crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA		 2021-09-08 -
2022-09-07		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-11 -
2022-05-04		 4 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2021-03-22 -
2022-04-23		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh

This page contains 67 frames:

Primary Page: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Frame ID: 79D797855E13318067A2F49B2C8085CE
Requests: 161 HTTP requests in this frame

Frame: https://cds.connatix.com/p/150819/connatix.player.js
Frame ID: 7804F4F3EA8173042C49084ED8A0F650
Requests: 1 HTTP requests in this frame

Frame: https://www.buzzfeed.com/destination-sync.html
Frame ID: 2E745E63E152313AA9F391C150FCF46B
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=32a4892a-7a98-44df-b23b-7ed05a1b1f6f
Frame ID: B3F14AF060410537651BE851769F2C63
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: C120E415FBA694AE5A980E8682CB2B47
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1644987781024&pnid=140&pcid=df384afa-93cd-4cba-889a-7302d9cbf2a5
Frame ID: 55DAD57B8A75BEA0D85D2DBA2DFD40FE
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 0B6877435E7AC736DCD4C7C030FEC917
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&dcc=t
Frame ID: 5E72C62F0BA04BB1DFD21D127571DC7A
Requests: 1 HTTP requests in this frame

Frame: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7B6EBCDF87CB2D5D78DC5F0D38848953
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Frame ID: 2DD41371CEF3DC07F3ADA0BD2FB1FA42
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: A115F0B69AB30F9A1B267B86FB3037D0
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Frame ID: 2C1EAC5AC46CA5FBF13A15730E331112
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: E682D006B6CB519DFF655DEA7754351A
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=5639511748561466636&ex=districtm&gdpr=0
Frame ID: A2BA486C66233C4707562C9DD876FEF7
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=7190464996333120856
Frame ID: 48FBE8528C4843A8E9E11C1EFEF796F8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D&gdpr=0
Frame ID: 32F87D59562AC4FB89067240F475E872
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: D88A284AF6FAF21B01805258AC957625
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Frame ID: F44841345B0CB844C5A275C8EAE45CDD
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: 99E69699FA8924C7E188449E96BD5E7D
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1kdTg3N2RsRTJ1S2JWUXZYOEtSZWJTbXVFdjg2am1xcH5B&gdpr=0&gdpr_consent=
Frame ID: 8396492A7BE2427118B891CFFB0A3404
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=5639511748561466636&ex=appnexus.com&gdpr=0
Frame ID: DAA37B6B81F03CF83656FE761BDB2A05
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1690652649689404964478
Frame ID: 654746959540B860E1DEC512134A0F4A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=551a620d-5d71-4f00-9317-f6d3cd49797a&gdpr=0&gdpr_consent=
Frame ID: 8B4F31BC2BB3B07E449B39D2E005D8C9
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yg1dcQAGvHZpZwBH
Frame ID: 1D2F9B4B5FAFB92BCF7E320B71C99D23
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jMTNmZDEyNC04ODQzLTQyOGQtYTZhYy00NzAwODdlODcwZjk=&gdpr=0&gdpr_consent=
Frame ID: B3FAC79782E384ACBE1B85398D756DF3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 9DA4B35324E4A0BD15C3208152F0F19D
Requests: 13 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Frame ID: 3FAE3350486DE46D98142948CD16B357
Requests: 7 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=92950dbd-51f7-47e4-8829-8240cbc07bc0&t=1647635057
Frame ID: 3EA9F2D49DF2F188CB7122A2B8FF0918
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 2B531258B8BDBACC337E3E4F31D63EDF
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=emx&i=5639511748561466636brt64381645043057522864a8
Frame ID: EF3AA525BE6DC98001FE08055B6F7ADB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=Yg1dcsCo8X4AAO8jHxkAAAAA
Frame ID: D969A4DF2DE1D3B51E3E56009B01ABA5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=NR4AKcf3CbLuD4z1iPY1&pi=gumgum&tc=1
Frame ID: 9D71BCE31894FB67238FE605E0A0E98A
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/buzzfeed/bl-8d5d585-988ebaab.js
Frame ID: E24C28A7BFE57E4E66F0534C32FF7A66
Requests: 11 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: EFBAA7AD32DE2841A077DC4EB3B871A4
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA
Frame ID: 0AFA69552074F9D9BB51550872DD6521
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg1dcQAGuf2ScwBB&gdpr=0&gdpr_consent=
Frame ID: 467776A582FDCE62FB2D647A45077E8D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&ex=pubmatic.com
Frame ID: 902851D3C8F15F7F1BCAA1FD856C800B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2FC46615E22B3314DAB8B1913FB0AF10
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Frame ID: 87D8499C5D260491E3CE2FFC224798F8
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 894FB03EA768B1CA8011C6870E38EC52
Requests: 3 HTTP requests in this frame

Frame: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F3EBA3F3070896D487A716851F54A26E
Requests: 22 HTTP requests in this frame

Frame: https://tagan.adlightning.com/buzzfeed/bl-8d5d585-988ebaab.js
Frame ID: E8BD0DBBBC2334769FBB4624783857BF
Requests: 19 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2197.js
Frame ID: 55B20867481E9D5E1B718AF0E304BB17
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8981E28BEF87B7A7B0B4F5098E105975
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/pxHkm2-HxYlJ2clKwIK610_mLBl57TmuFqT0_zZ6EhE.js
Frame ID: B8618F6990D3E5AB381B8DF6A5FF8B72
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Frame ID: B8E9617FF40E640FA2F4155248A48738
Requests: 1 HTTP requests in this frame

Frame: https://www.pinterest.ca/ct.html
Frame ID: EAA4081FD0AF8F43316A29E83D2D58A5
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html
Frame ID: 6A5A8447F1DE455BF94B872FE73868B3
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4B655F10E0E8839C667F31B376B4EF09
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59520B41A1F62A313650EEBAA6EC5CCD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A9FC8B6121C57858196DD9BD853E5C7B
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3310620d-5d72-4000-add8-9f18524c05bb&gdpr=0&gdpr_consent=
Frame ID: 23EEE2407D6546BBA8DD94935B86AEB3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD_X07EGrsAAHrxJ8WjcQ
Frame ID: 5A6A9FA8BB5F6CAAA82D9502312AB454
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: CA07A2D9544488C204A748CA6DE3A673
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_7edf3424e5964fe0bc833
Frame ID: E9A322B3A1866A603E6844A7BD5232DA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=DDEC82A8-7793-40F5-9468-CD25DF98A6EA
Frame ID: 791D1602CA5044AC0776B97B25F529E9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1183953184118DB9BB148B99FFD288A1
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FA68B313FDB86ECE9E94E1455615DF8B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 51EC969D9B0862C200025A6D1BCB3F2F
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C73BA4FE8633FA3C54411DB714AF85E1
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 743417BB9C5F7B218CDF3589A91CDE48
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A071E2E6E4B36D2DF2DC8A54C218F5A5
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 20C85B9DDB96541027617F4121EA714D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 809D70B61431B9F7FAE23D7B4E7B8EC3
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 53A9B1784AFABB14F38029E950B9878F
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 759AADF32E2742ABCB0B913C986EA704
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: EA3D4F6EE47147392E5721772ACF4C25
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Prince Andrew Reaches Settlement With Jeffery Epstein Victim Virginia GiuffreTwitterFacebookLinkRender Kit • newsletter_signupHeartHeartHeartBack to top

Page URL History Show full URLs

  1. https://link.buzzfeed.com/click/26727723.198387/aHR0cHM6Ly93d3cuYnV6emZlZWRuZXdzLmNvbS9hcnRpY2xlL2VsbG... HTTP 302
    https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sail... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

434
Requests

77 %
HTTPS

25 %
IPv6

113
Domains

182
Subdomains

118
IPs

8
Countries

4449 kB
Transfer

12943 kB
Size

181
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.buzzfeed.com/click/26727723.198387/aHR0cHM6Ly93d3cuYnV6emZlZWRuZXdzLmNvbS9hcnRpY2xlL2VsbGlldmhhbGwvcHJpbmNlLWFuZHJldy12aXJnaW5pYS1naXVmZnJlLXNldHRsZW1lbnQ/606f64a72447d271f06461d2B4c30c3d9 HTTP 302
    https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/150819/connatix.player.js
Request Chain 45
  • https://sb.scorecardresearch.com/cs/6768151/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 77
  • https://sb.scorecardresearch.com/b?c1=2&c2=6768151&cs_ucfr=1&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1645043056154&ns_c=UTF-8&c7=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&c8=Prince%20Andrew%20Reaches%20Settlement%20With%20Jeffery%20Epstein%20Victim%20Virginia%20Giuffre&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6768151&cs_ucfr=1&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1645043056154&ns_c=UTF-8&c7=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&c8=Prince%20Andrew%20Reaches%20Settlement%20With%20Jeffery%20Epstein%20Victim%20Virginia%20Giuffre&c9=
Request Chain 101
  • https://tr.snapchat.com/cm/s?bt=__LIVE__&pnid=140&cb=1645043056500 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1644987781024%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1644987781024%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1644987781024&pnid=140&pcid=df384afa-93cd-4cba-889a-7302d9cbf2a5
Request Chain 151
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&dcc=t
Request Chain 163
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=28b0e443-ac70-4b50-9cfc-d5e50f499f01
Request Chain 165
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ= HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=5639511748561466636&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=5639511748561466636brt64381645043057522864a8
Request Chain 167
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Request Chain 168
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0 HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Request Chain 169
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=districtm&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5639511748561466636&ex=districtm&gdpr=0
Request Chain 170
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=7190464996333120856
Request Chain 171
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D&gdpr=0 HTTP 301
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D&gdpr=0
Request Chain 175
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1kdTg3N2RsRTJ1S2JWUXZYOEtSZWJTbXVFdjg2am1xcH5B&gdpr=0&gdpr_consent=
Request Chain 176
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5639511748561466636&ex=appnexus.com&gdpr=0
Request Chain 177
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1690652649689404964478
Request Chain 179
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=5639511748561466636
Request Chain 180
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_c13fd124-8843-428d-a6ac-470087e870f9&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=28b0e443-ac70-4b50-9cfc-d5e50f499f01 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=28b0e443-ac70-4b50-9cfc-d5e50f499f01 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=98fd7e62-7e6b-49d9-ac02-3e38fdc6affd&ssp=gumgum2&expires=30&user_group=5&bsw_param=28b0e443-ac70-4b50-9cfc-d5e50f499f01 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=28b0e443-ac70-4b50-9cfc-d5e50f499f01
Request Chain 181
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%289tAi24gOl655lBFBTrvHyf3D9Ubo7-5MjIDaCUzozNpkmTjhC7DNQhWHDV5dYoOg%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%289tAi24gOl655lBFBTrvHyf3D9Ubo7-5MjIDaCUzozNpkmTjhC7DNQhWHDV5dYoOg%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_c13fd124-8843-428d-a6ac-470087e870f9&obuid=ENC(9tAi24gOl655lBFBTrvHyf3D9Ubo7-5MjIDaCUzozNpkmTjhC7DNQhWHDV5dYoOg) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=9tAi24gOl655lBFBTrvHyf3D9Ubo7-5MjIDaCUzozNpkmTjhC7DNQhWHDV5dYoOg HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=51mZLd4len9qzOddwWTe
Request Chain 182
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=77d5c9de-059f-0e1b-34ac-bca0a5c5b63a
Request Chain 183
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-1b3efdc9-882c-42be-6142-dcb4a53f265e$ip$149.56.153.181
Request Chain 184
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-fsqszvVE2pc5EeepmDioRol4WL7qsw_6Am_e~A
Request Chain 185
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=6a6bd311-8f66-11ec-8001-f99ddf8e8f45
Request Chain 186
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://rtb.gumgum.com/usersync?b=snc&i=4535EB670A3D44EC81DC67635947A6DC
Request Chain 188
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_c13fd124-8843-428d-a6ac-470087e870f9&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://stags.bluekai.com/site/23178?id=51mZLd4len9qzOddwWTe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2NJRNVNEYZBUNRSW4OLRPJHWIZDXK5KGK&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2NJRNVNEYZBUNRSW4OLRPJHWIZDXK5KGK HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=51mZLd4len9qzOddwWTe
Request Chain 189
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=63f04982-c22c-4831-9c6e-b165c99e2035
Request Chain 190
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1645043057777 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1632092845 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/92950dbd-51f7-47e4-8829-8240cbc07bc0 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-31cfac64-326a-4696-bd02-aeb5ffefd739-005?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-31cfac64-326a-4696-bd02-aeb5ffefd739-005 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-31cfac64-326a-4696-bd02-aeb5ffefd739-005
Request Chain 191
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=ZYQOlJfck3eO&ev=1&pid=558355
Request Chain 192
  • https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
  • https://rtb.gumgum.com/usersync?b=sad&i=1796045720203520033&gdpr=0&gdpr_consent=
Request Chain 195
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=551a620d-5d71-4f00-9317-f6d3cd49797a&gdpr=0&gdpr_consent=
Request Chain 196
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yg1dcQAGvHZpZwBH
Request Chain 199
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Request Chain 200
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=92950dbd-51f7-47e4-8829-8240cbc07bc0&t=1647635057
Request Chain 201
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 202
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=emx&i=$UIDbrt64381645043057522864a8 HTTP 302
  • https://rtb.gumgum.com/usersync?b=emx&i=5639511748561466636brt64381645043057522864a8
Request Chain 203
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=Yg1dcsCo8X4AAO8jHxkAAAAA
Request Chain 204
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=NR4AKcf3CbLuD4z1iPY1&pi=gumgum&tc=1
Request Chain 206
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=
Request Chain 207
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=
Request Chain 208
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://pixel.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=Q05YMEAYX2RYH1FgR0lFZhRLXTFYHwpmEU3-HBAM
Request Chain 209
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=
Request Chain 211
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Yg1dcQAGuf2ScwBB HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yg1dcQAGuf2ScwBB&_test=Yg1dcQAGuf2ScwBB
Request Chain 213
  • https://match.adsrvr.org/track/cmf/openx?oxid=80e86dae-2d8a-364d-53d7-ac4d6d95b77c&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=80e86dae-2d8a-364d-53d7-ac4d6d95b77c&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=92950dbd-51f7-47e4-8829-8240cbc07bc0&ttd_puid=80e86dae-2d8a-364d-53d7-ac4d6d95b77c
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOFP_XPiwP0MBg3jyHp5Mak&google_cver=1
Request Chain 216
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=KZQ05UC7-18-F2S3 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KZQ05UC7-18-F2S3&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 217
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yg1dcdbZopM.g-rSh9vKSgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGF_0DjEv2ysxzhHV5n0nzY&google_cver=1&google_hm=2
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yg1dcdbZopM-g_rSh9vKSgAAACAAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFBjTr_gfZyZAnftPoMMkzA&google_cver=1
Request Chain 219
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&expiration=1647635057&gdpr=0&gdpr_consent=
Request Chain 221
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=647644618866
Request Chain 222
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 223
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030002_620d5d71c17f3&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030002_620d5d71c17f3
Request Chain 229
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 230
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/1EngKAbdWqwSSZ-MhkQw4cn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4678668747306645598
Request Chain 231
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f134620d-5d71-4100-9b0e-cf7e0141aaa3&gdpr=0&gdpr_consent=
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAMPw1XFdOnD_ZAgcZ5F3S8&google_cver=1
Request Chain 233
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=&expires=30
Request Chain 234
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yg1dcQAGuf2ScwBB&gdpr=0
Request Chain 235
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pRMDVVQzctMTgtRjJTMw==&gdpr=0
Request Chain 237
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTg3NDllMDc1ZTg0OWNkNjc3M2RiZDc4N2NiMzNiYzRmNDQ4OTNiMA&gdpr=0
Request Chain 239
  • https://c1.adform.net/serving/cookie/match?party=14&cid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA
Request Chain 240
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg1dcQAGuf2ScwBB&gdpr=0&gdpr_consent=
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3eyCqHeTQPWUaM0l35im6g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 243
  • https://idsync.rlcdn.com/420486.gif?partner_uid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJERERUM4MkE4LTc3OTMtNDBGNS05NDY4LUNEMjVERjk4QTZFQRAAGg0I8bq1kAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3d621708012f477974c24124d95bbc405b0bef72a818ed7d4046fff1f53d8d2f791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzZDYyMTcwODAxMmY0Nzc5NzRjMjQxMjRkOTViYmM0MDViMGJlZjcyYTgxOGVkN2Q0MDQ2ZmZmMWY1M2Q4ZDJmNzkxNDI2YjU0MTdkY2UyMRAAGgwI8rq1kAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzZDYyMTcwODAxMmY0Nzc5NzRjMjQxMjRkOTViYmM0MDViMGJlZjcyYTgxOGVkN2Q0MDQ2ZmZmMWY1M2Q4ZDJmNzkxNDI2YjU0MTdkY2UyMRAAGgwI8rq1kAYSBAgCEABCAEoA&google_gid=CAESECVzra93gumphVedNeYUHhk&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=327ef1ed-ab46-4a14-a7dd-7e7b41575d0c
Request Chain 244
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3310620d-5d72-4000-add8-9f18524c05bb
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RERFQzgyQTgtNzc5My00MEY1LTk0NjgtQ0QyNURGOThBNkVB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELnC9jDFj7sh4VYH_kfw-J0&google_cver=1
Request Chain 247
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CD4BEB1BB7CE40A6BE53C58FFAD6B19B
Request Chain 248
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7190464996333120856&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 249
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=92950dbd-51f7-47e4-8829-8240cbc07bc0
Request Chain 252
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent= HTTP 302
  • https://dmx.districtm.io/s/10057/y-oebhWiZE2uHQXwpBImM0P1WTTG6_i59jI.AqAy4-~A
Request Chain 253
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___ HTTP 302
  • https://dmx.districtm.io/s/10022/647644618866
Request Chain 254
  • https://p.rfihub.com/cm?pub=36496&in=1 HTTP 302
  • https://dmx.districtm.io/s/10056/970314629024472183
Request Chain 255
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96 HTTP 302
  • https://dmx.districtm.io/s/10001/5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341
Request Chain 256
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/5b90ca22-f278-4c3a-9b58-9ddcda50c05a
Request Chain 264
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 265
  • https://ssc-cms.33across.com/ps/?_=1645043057819.&ri=0013300001r0t9mAAA&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X HTTP 302
  • https://rtb.gumgum.com/usersync?b=tta&i=211578107144626
Request Chain 266
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=28b0e443-ac70-4b50-9cfc-d5e50f499f01&google_hm=MjhiMGU0NDMtYWM3MC00YjUwLTljZmMtZDVlNTBmNDk5ZjAx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHMiS1FsP_lrUCbTq26QuIQ&google_cver=1&ssp=the33across&bsw_param=28b0e443-ac70-4b50-9cfc-d5e50f499f01 HTTP 302
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3D28b0e443-ac70-4b50-9cfc-d5e50f499f01 HTTP 302
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=28b0e443-ac70-4b50-9cfc-d5e50f499f01 HTTP 301
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=28b0e443-ac70-4b50-9cfc-d5e50f499f01
Request Chain 267
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1645043057819.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=3310620d-5d72-4000-add8-9f18524c05bb
Request Chain 268
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-Sz1ekFdE2uFh5CGd3yAfRP5MXm2RQIRP~A HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-Sz1ekFdE2uFh5CGd3yAfRP5MXm2RQIRP%7EA&ts=1645043058&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 269
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=2abf5aeafd551218&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGbJLphW9hUQMFPaxvAAAAAAA&expiration=1645129458&is_secure=true&us_privacy= HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGbJLphW9hUQMFPaxvAAAAAAA&ts=1645043058&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 270
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1647635058%26external_user_id%3D92950dbd-51f7-47e4-8829-8240cbc07bc0 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647635058&external_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0
Request Chain 272
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&khaos=KZQ05UC7-18-F2S3 HTTP 302
  • https://rtb.gumgum.com/usersync?b=mag&i=KZQ05UC7-18-F2S3&gdpr=0&gdpr_consent=undefined
Request Chain 315
  • https://dmx.districtm.io/s/v1/users/10002 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qVkRkRzF4VkhaRlptVm1kRUpvYTFwRFNYUlBSbTkzUmtkSiJ9.gekAoKmv2lhNPlffWpKAV9_-BwVbkojBWSZd6s0X_D1N3Na5doQAIkj8Nvj9fxfuhKeMokxOSX9FWvkd7dCQ6w
Request Chain 317
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&khaos=KZQ05UC7-18-F2S3 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KZQ05UC7-18-F2S3&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZQ05UC7-18-F2S3&ts=1645043059&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 339
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 344
  • https://www.pinterest.com/ct.html HTTP 302
  • https://www.pinterest.ca/ct.html
Request Chain 363
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3310620d-5d72-4000-add8-9f18524c05bb&gdpr=0&gdpr_consent=
Request Chain 364
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEX1gwN0VHcnNBQUhyeEo4V2pjUQ&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD_X07EGrsAAHrxJ8WjcQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAD_X07EGrsAAHrxJ8WjcQ&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAD_X07EGrsAAHrxJ8WjcQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD_X07EGrsAAHrxJ8WjcQ
Request Chain 366
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_7edf3424e5964fe0bc833
Request Chain 368
  • https://pixel.onaudience.com/?partner=214&mapped=DDEC82A8-7793-40F5-9468-CD25DF98A6EA HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=44282d203f9f42a2e7e7a76349051562 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=ba33a6a68c4cf933
Request Chain 369
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&gdpr=&fbounce=1
Request Chain 371
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:DDEC82A8-7793-40F5-9468-CD25DF98A6EA HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=6c7e3790-8f66-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:DDEC82A8-7793-40F5-9468-CD25DF98A6EA
Request Chain 373
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LM53lXNE2uXowYFhEN06bxkY.MC3xYc-~A&gdpr=0&gdpr_consent=
Request Chain 374
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=26e85a5e10561215&is_secure=true&networkId=17100&version=1&nuid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbUjPkon_CwN-sW0BAAAAAAA&expiration=1645129461&nuid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 375
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=6a6bd311-8f66-11ec-8001-f99ddf8e8f45&gdpr=0&gdpr_consent=
Request Chain 376
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5639511748561466636&gdpr=0&gdpr_consent=
Request Chain 382
  • https://loadus.exelator.com/getid?p=1480&g=1&j=0&asid=P77672CB5-D3F4-4EBC-8161-08175209A620 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 393
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=themediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3440646926031390032&ssp=themediagrid
Request Chain 395
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=92950dbd-51f7-47e4-8829-8240cbc07bc0&dongle=0cfd
Request Chain 396
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=O2356Yufp&dongle=u6nf
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJkiqGWdpQ1VxLvzBnvRaW4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 398
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY5MDY1MjY0OTY4OTQwNDk2NDQ3OA%3D%3D
Request Chain 399
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1690652649689404964478&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1690652649689404964478&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7cfd324b-2035-4c6d-a002-61534655a34b&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7cfd324b-2035-4c6d-a002-61534655a34b&_noobservation=1&_expected_cookie=96244d582c86b3e04e94ebcd830b97ad
Request Chain 400
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1690652649689404964478?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-QqZGYX9E2oS.Xm6okgC0pl8WPvjRxEzAg.kRzXfqkw--~A&dongle=0883
Request Chain 403
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1690652649689404964478&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=28b0e443-ac70-4b50-9cfc-d5e50f499f01 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=166b8047-c9cd-4fd0-9092-46e681bc28a3&expires=10&ssp=triplelift&bsw_param=28b0e443-ac70-4b50-9cfc-d5e50f499f01 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=28b0e443-ac70-4b50-9cfc-d5e50f499f01&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 404
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=51mZLd4len9qzOddwWTe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GUYW2WSMMQ2GYZLOHFYXUT3EMR3VOVDF&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GUYW2WSMMQ2GYZLOHFYXUT3EMR3VOVDF HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=51mZLd4len9qzOddwWTe
Request Chain 412
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5639511748561466636
Request Chain 413
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD_X07EGrsAAHrxJ8WjcQ&expiration=1646252662
Request Chain 414
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7190464996333120856
Request Chain 415
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yg1dcdbZopM.g-rSh9vKSgAA%26032?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yg1dcdbZopM.g-rSh9vKSgAA%26032
Request Chain 416
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=970314629024472183
Request Chain 417
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-889f3425-b7cf-4742-b086-81d84d02d966
Request Chain 418
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=6d63a21c-8f66-11ec-a808-2ee2c4333855
Request Chain 421
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5639511748561466636
Request Chain 422
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yg1dcQAGuf2ScwBB
Request Chain 423
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7190464996333120856
Request Chain 424
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=2cd2b6da-270b-4969-b3d9-92a8e083cac2
Request Chain 425
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Yg1dcdbZopM.g-rSh9vKSgAA%26032 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f281de26-454c-47ba-9028-fe73b2cd244d-tuct906e2f6
Request Chain 426
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=51mZLd4len9qzOddwWTe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NJRNVNEYZBUNRSW4OLRPJHWIZDXK5KGK HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NJRNVNEYZBUNRSW4OLRPJHWIZDXK5KGK HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=51mZLd4len9qzOddwWTe
Request Chain 427
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3440646926031390032&expiration=1646252662
Request Chain 429
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5639511748561466636
Request Chain 431
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yg1dcQAGuf2ScwBB
Request Chain 432
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7190464996333120856
Request Chain 433
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=51mZLd4len9qzOddwWTe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NJRNVNEYZBUNRSW4OLRPJHWIZDXK5KGK HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NJRNVNEYZBUNRSW4OLRPJHWIZDXK5KGK HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=51mZLd4len9qzOddwWTe
Request Chain 434
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3310620d-5d72-4000-add8-9f18524c05bb
Request Chain 435
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341%2526expiration%253D1647635062 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341%26expiration%3D1647635062 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341&expiration=1647635062
Request Chain 436
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=Yg1dcdbZopM.g-rSh9vKSgAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=Yg1dcdbZopM.g-rSh9vKSgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662310837142294

434 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request prince-andrew-virginia-giuffre-settlement
www.buzzfeednews.com/article/ellievhall/
Redirect Chain
  • https://link.buzzfeed.com/click/26727723.198387/aHR0cHM6Ly93d3cuYnV6emZlZWRuZXdzLmNvbS9hcnRpY2xlL2VsbGlldmhhbGwvcHJpbmNlLWFuZHJldy12aXJnaW5pYS1naXVmZnJlLXNldHRsZW1lbnQ/606f64a72447d271f06461d2B4c30...
  • https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confir...
537 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
81cf60a6e9528df5f73059241d41842572ba6e35529ce1657312d78c3ac572a0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-language
en
content-security-policy
upgrade-insecure-requests
document-policy
js-profiling
etag
"865aa-PN2takacG9GMAq+t0zzVvGqP+dk"
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000
x-bf-vary
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
0d095dcff611f9edcaf6746a2aa1ece3
x-xss-protection
1; mode=block
accept-ranges
bytes
date
Wed, 16 Feb 2022 20:24:14 GMT
age
60347
x-bf-cdn-url
/article/ellievhall/prince-andrew-virginia-giuffre-settlement
timing-allow-origin
*
x-served-by
cache-yul12823-YUL
x-cache
HIT
x-cache-hits
23
x-timer
S1645043054.484787,VS0,VE0
vary
Accept-Encoding
content-length
105076

Redirect headers

date
Wed, 16 Feb 2022 20:24:14 GMT
server
Sailthru
x-robots-tag
noindex
location
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
content-length
0
content-type
text/html; charset=UTF-8
connection
close
polyfill.min.js
polyfill.io/v3/ 		101 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=default,es2015,es2016,es2017,fetch,NodeList.prototype.forEach,Element.prototype.remove,Element.prototype.classList,Object.values,Object.getOwnPropertyDescriptors,IntersectionObserver,ResizeObserver,MutationObserver,Intl
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
204934
detected-user-agent
Chrome Mobile/98.0.4758
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Mon, 14 Feb 2022 10:57:34 GMT
date
Wed, 16 Feb 2022 20:24:15 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/98.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
4f4017a2564e50cb2816206d9876dccaa319d1d696fd56aa1e3af6f9de6ed487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27357
x-xss-protection
0
server
sffe
etag
"1134 / 972 of 1000 / last-modified: 1645013085"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Feb 2022 20:24:14 GMT
track.min.js
run.adrizer.com/ 		103 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://run.adrizer.com/track.min.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.220.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad498922283d143b7abade92e57ea7f0aea2bd35655220dc50a675f463a3c04

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:14 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
7024
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-request-id
8SSZHJB7GC5MCCSQ
x-amz-id-2
/yn7tOkf4UK6yfwTFk7V28WdAF/mljhyQ2KPlSt6KDhTnlHfjjoJ6b+CXymQgF/s9cklpcz304I=
Last-Modified
Mon, 15 Feb 2021 22:14:47 GMT
Server
cloudflare
ETag
W/"f88a765c6ea3dacc55ca6ed581e54f1f"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
CF-RAY
6de97f934ad72d19-ORD
Expires
Thu, 17 Feb 2022 00:24:14 GMT
vendor.4792cc3246e86208ae7c.js
www.buzzfeednews.com/static-assets/js/ 		218 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/js/vendor.4792cc3246e86208ae7c.js?brotli=allow
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a76aa1c97653886eae1fdf25b5f54190cf89130cce7937ef5a63e822b728a105

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
TlCqToSzxlcqRT_xTt_dn1h2sB70cHO_
content-encoding
gzip
etag
"3c0626f4ba37b59df0a01e2e70a97927"
timing-allow-origin
*
age
33663
x-cache
HIT
content-length
62291
x-amz-id-2
LttdYlxqD15EEv6YPC1+Zn7zloMu64/gM4i3aNlwVPloZF1FNmwGxNH/XZ1IGG6XbFTIO6SuHqo=
x-request-id
336365d8cc336c079f97f7d9978a1f54
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/js/vendor.4792cc3246e86208ae7c.js?brotli=allow
last-modified
Wed, 28 Oct 2020 13:47:55 GMT
x-timer
S1645043055.528576,VS0,VE0
date
Wed, 16 Feb 2022 20:24:14 GMT
vary
Accept-Encoding
x-amz-request-id
2Z0HY49WBP3BMVEZ
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
208
subbuzzes.dc669573d6172df5957c.js
www.buzzfeednews.com/static-assets/js/ 		319 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/js/subbuzzes.dc669573d6172df5957c.js?brotli=allow
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce0059f5fdd56246c1a6f322af510a903deca40b64fadb33958a1aa00e8e8d0c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
4mJaEmwk8YhF3OkZlmusuEQrN2Q7eMS6
content-encoding
gzip
etag
"fa01911203bf0af0c9a297d86ba5a020"
timing-allow-origin
*
age
48679
x-cache
HIT
content-length
77096
x-amz-id-2
+9fCHXtpV8M3ucCU6DyLQ7MRPf5p+mucK8I5PE5SOE5+R9LFmMO4y4WoRB4sDvHYJvh2nJFu7oU=
x-request-id
affde8c37569dd6a5d28f19a6716c75f
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/js/subbuzzes.dc669573d6172df5957c.js?brotli=allow
last-modified
Fri, 04 Feb 2022 22:52:51 GMT
x-timer
S1645043055.528665,VS0,VE0
date
Wed, 16 Feb 2022 20:24:14 GMT
vary
Accept-Encoding
x-amz-request-id
T60J8XMJEXDK7JJT
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
228
app.7f43100cb6fbbd1ed688.js
www.buzzfeed.com/static-assets/bf-header-ui/news/ 		314 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeed.com/static-assets/bf-header-ui/news/app.7f43100cb6fbbd1ed688.js?brotli=allow
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
86069332d331c17de6b8ad8b320e557e1529dffd742f8f90a8fc5fc0cd3d82c5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
ArcrAs.LAixNbUU9ORre.iQC9aHv2vOY
content-encoding
br
etag
"f6890e56e277940385badbef62ef88aa"
age
7629
x-cache
HIT
strict-transport-security
max-age=31536000; preload
content-length
64437
x-amz-id-2
N2L73fVs67j4cj42ITwYEXmSRYy+oZ/SLCYz+Pw0xRbB+8daxrQNlIKwxruU3lA56RaWDdkxZkY=
x-request-id
e0585e1fa0d4f677ba025cfc66ff71ec
x-served-by
cache-yul12823-YUL
timing-allow-origin
*
last-modified
Wed, 09 Feb 2022 16:44:04 GMT
x-timer
S1645043055.539978,VS0,VE0
x-frame-options
SAMEORIGIN
date
Wed, 16 Feb 2022 20:24:14 GMT
vary
Accept-Encoding
x-amz-request-id
C3HBC2DRFPHES7HP
cache-control
max-age=31536000,immutable
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
45
connatix.player.js
cds.connatix.com/p/150819/ Frame 7804
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/150819/connatix.player.js
965 KB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/150819/connatix.player.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
20bb133b91d5f4256eb3a152725d6a016a4e93cb07d0d0a527b6ed7c4556b2b3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:14 GMT
content-encoding
br
last-modified
Wed, 16 Feb 2022 13:42:42 GMT
age
23989
etag
"1ac885a74df504b51c979b128b88874d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
239810

Redirect headers

location
https://cds.connatix.com/p/150819/connatix.player.js
date
Wed, 16 Feb 2022 20:24:14 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
server
Kestrel
accept-ranges
bytes
content-length
0
webpack-66d5f76248cbc5eafe0d.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/webpack-66d5f76248cbc5eafe0d.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f1221c4bf1bbef5d8e1fadaa827d6783b05dfa80e6364cc3dbf3009b36190418

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
vZcfiOHOLTacx5UACrroqbSU7giMyLLS
content-encoding
gzip
etag
"863dbbc361ce822bcda538c339883428"
timing-allow-origin
*
age
33473
x-cache
HIT
content-length
2801
x-amz-id-2
KwAgG/kC9wapfe0vTNx3/7pAWcIotNEBrJyw9GJN8EK2cEOfyBI33IshHjIuyFw3t1s39LvIuMw=
x-request-id
c7cdba810a5ddea511d0bce3eb83c8f9
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/webpack-66d5f76248cbc5eafe0d.js
last-modified
Thu, 10 Feb 2022 11:28:32 GMT
x-timer
S1645043055.655000,VS0,VE0
date
Wed, 16 Feb 2022 20:24:14 GMT
vary
Accept-Encoding
x-amz-request-id
R65JC5CXMR15KAW3
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
179
framework-8d7dd061f8b8a419eb95.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/framework-8d7dd061f8b8a419eb95.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
65792382cbccbec1d2ea0aa8ebadfe017176baf0f6fd08f70d3709909b356836

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
bLP0mwFFb0HJi1cc7AMogWflFH6YYf.y
content-encoding
gzip
etag
"1752c9d858944034127b8697a605c8aa"
timing-allow-origin
*
age
37578
x-cache
HIT
content-length
42766
x-amz-id-2
Z3zY9fv/tyxqJ5aFDu33l457KDzM2eWC0BmZhJzSvDvge3ophYSABUT9W2NeABrUEh9pexTaOw8=
x-request-id
ce6d9e26c6f10a6277415d25c8a3c44f
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/framework-8d7dd061f8b8a419eb95.js
last-modified
Fri, 13 Aug 2021 09:56:20 GMT
x-timer
S1645043055.667261,VS0,VE0
date
Wed, 16 Feb 2022 20:24:14 GMT
vary
Accept-Encoding
x-amz-request-id
2Z0HCJ3NEA2YWPJN
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
180
main-b803a421e6250c22b1ee.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		74 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/main-b803a421e6250c22b1ee.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
371bd3e84d9d2f550b77f8506ac123fe92212db736c0a5a748f9502e6d05ec3f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
D0hF468zm6T60cJlNmx1OmV7AN7j5WSf
content-encoding
gzip
etag
"661f1d65d1d607b888d239797a682d57"
timing-allow-origin
*
age
35186
x-cache
HIT
content-length
23515
x-amz-id-2
MCc/4NJ62xeInXB4u+IFr85s4VvE9FX4CyfxauKHvKORRxSC4HWyBFtIssz/78GkLqSUnyxD27U=
x-request-id
ce7743b1e72f0ea6b10e54a6e5242aad
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/main-b803a421e6250c22b1ee.js
last-modified
Tue, 02 Nov 2021 11:29:48 GMT
x-timer
S1645043055.733971,VS0,VE0
date
Wed, 16 Feb 2022 20:24:14 GMT
vary
Accept-Encoding
x-amz-request-id
2Z0JZP1XVCTEFSMN
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1441
_app-dc83a9f42ded8aba4257.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/ 		657 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d907327cac9484a2d0745255b4d07e622b5b8430344794cbc29aae8dd17f222

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:14 GMT
content-encoding
gzip
age
8022
x-guploader-uploadid
ADPycduQKTGRWVXv4dGG_F9IzmO2LnwuyGnkPmel1pvAoQljo-wUWK_xs9CRS-LOJcfWP0rLCNo2bY7KoH12ZNim_MY
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
197035
x-request-id
7adbd47568d14480fd7127c6d075b8a3
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
last-modified
Tue, 15 Feb 2022 18:06:56 GMT
x-timer
S1645043055.749340,VS0,VE0
etag
"e1fcb667f1a7bb065b050cfbd5e47aee"
vary
Accept-Encoding
x-goog-hash
crc32c=rOqy0Q==, md5=4fy2Z/GnuwZbBQz71eR67g==
content-type
application/javascript; charset=utf-8
x-goog-generation
1644948416020858
expires
Wed, 15 Feb 2023 18:10:07 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
672471
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3927
109d8103-3878bce267d225c757e0.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/109d8103-3878bce267d225c757e0.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ec897c2ac33fe9171cc74b964d87f9701c9f6c08b9c2867eeff7959c617bcc55

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:14 GMT
content-encoding
gzip
age
51426
x-guploader-uploadid
ADPycdv9mkBCegP48w8x1SXvDksbb92BPrPWiAVEF65lST4JEfoGGwgTEbCNqpRVN7lZPRF1jrNwiQToOJR2P-AjhQG0YKmkqQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
24740
x-request-id
fcee8b6170315ad361dd10dd99550047
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/109d8103-3878bce267d225c757e0.js
last-modified
Wed, 16 Feb 2022 01:11:43 GMT
x-timer
S1645043055.783327,VS0,VE0
etag
"40dee2386ecc044e95b80d67a2255fef"
vary
Accept-Encoding
x-goog-hash
crc32c=UYBnOw==, md5=QN7iOG7MBE6VuA1noiVf7w==
content-type
application/javascript; charset=utf-8
x-goog-generation
1644008708818534
expires
Thu, 16 Feb 2023 06:07:09 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
71732
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
182
2edb282b-df78b7c997f1de941e01.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/2edb282b-df78b7c997f1de941e01.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6cfe3c10835cefa5aa4c94884ede24834cdb45f5c32bb38124b360e5aeeb716d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NjN_mO2uIjmTbGefI7Ay4kVt1QlhCBKg
content-encoding
gzip
etag
"3e20e68c1bcf4c46b339398c096c3897"
timing-allow-origin
*
age
48401
x-cache
HIT
content-length
24509
x-amz-id-2
akdM3AyzUDTg14P4s8nI3MEowaa711xrI2MCrKXd8/3uZfLOYFDCxgeAyV1xXL1gtgYxwrY+6q4=
x-request-id
0b6e3bf40548c044edd631f951aaa6f5
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/2edb282b-df78b7c997f1de941e01.js
last-modified
Fri, 13 Aug 2021 09:56:11 GMT
x-timer
S1645043055.801574,VS0,VE0
date
Wed, 16 Feb 2022 20:24:14 GMT
vary
Accept-Encoding
x-amz-request-id
BHVZN5XQE7Z8Y19D
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
182
868-9c8d4c139440e5a34bc5.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		638 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/868-9c8d4c139440e5a34bc5.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
33cb68becf4ba2fca669a70dfbde95a280f9a060f075aca854a9672a55c5770e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:14 GMT
content-encoding
gzip
age
15139
x-guploader-uploadid
ADPycds9fnfMHd5M8W9LtZdfr0XcD4bs3c9hNk3NiFDSV2V22xoD8Chwd6WQK1q6gNzrcXLGZ3B6sb0LMaefICUI4oI-S_s3UQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
168783
x-request-id
ff8a244c606f74a534183c04ba1338dc
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/868-9c8d4c139440e5a34bc5.js
last-modified
Fri, 04 Feb 2022 17:34:05 GMT
x-timer
S1645043055.818148,VS0,VE0
etag
"28835696855484e5ff44a7a58496a28b"
vary
Accept-Encoding
x-goog-hash
crc32c=PqVx+w==, md5=KINWloVUhOX/RKelhJaiiw==
content-type
application/javascript; charset=utf-8
x-goog-generation
1643996045601182
expires
Sat, 04 Feb 2023 17:38:12 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
653431
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
50-edead58405e113949d6f.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/50-edead58405e113949d6f.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a1134d6bd7ae94fc73447e2e43abe6e419d24ce1dd1d92e77c2932166be7dd02

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
SPsaRJHKa8MA2qAetZXVz34sJmsmHj14
content-encoding
gzip
etag
"43808daff5fb40727f31f458a8202637"
timing-allow-origin
*
age
36349
x-cache
HIT
content-length
6853
x-amz-id-2
DysEu8fgwX5m5RzYiyGecaXlUdHQVxMTHlbD+oCoQwLdLHfT/U7f5BeD2cbnRlg9TfQShESQZR4=
x-request-id
15c3c6aa16ff4197e2974b98f0fc2523
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/50-edead58405e113949d6f.js
last-modified
Wed, 19 Jan 2022 11:49:25 GMT
x-timer
S1645043055.851900,VS0,VE0
date
Wed, 16 Feb 2022 20:24:14 GMT
vary
Accept-Encoding
x-amz-request-id
36Z874P3GV5GAAT7
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
178
403-240fdaf6014d924c4e62.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		531 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/403-240fdaf6014d924c4e62.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d0c950c60ffc4cf6c848bceff4714be3c3c005c6f3aceb2bc3952d61918424d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
UQw.FGlm8MoCMxKnlQCA.s6k_pXTO.Wn
content-encoding
gzip
etag
"f7e02cb737e23e713e6db9d91f985e86"
timing-allow-origin
*
age
18622
x-cache
HIT
content-length
156870
x-amz-id-2
gUAeNxOvlhZzt2ujAjGvDZ/R5iKAPxDznLKgRJFTFh4oZLrpBN7Y1q2PpNXgSEcfyN43QATJV4U=
x-request-id
aef2e1b19f128b41318596d1e3398fdc
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/403-240fdaf6014d924c4e62.js
last-modified
Tue, 15 Feb 2022 15:12:14 GMT
x-timer
S1645043055.873816,VS0,VE0
date
Wed, 16 Feb 2022 20:24:14 GMT
vary
Accept-Encoding
x-amz-request-id
07656Z9S99RP1BGD
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
2
%5B...slug%5D-38fd9eda203042ed7f87.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/%5B...slug%5D-38fd9eda203042ed7f87.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8c31a85990e61536bfbee3f353b42fe3799672462665bc2648954aa98c5f263

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:14 GMT
content-encoding
gzip
age
33273
x-guploader-uploadid
ADPycdtoyZztdUVC-kPoud7UyI58LAeTpjIMjfeBThqxKfyrau-QYdFJBI9vktkk1Kf2RtIpYgYEIH-OmIIQyeeLSvE
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
9602
x-request-id
33fd2dbb92a09605610d88b5e0ffdd10
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/pages/%5B...slug%5D-38fd9eda203042ed7f87.js
last-modified
Thu, 10 Feb 2022 11:27:32 GMT
x-timer
S1645043055.910504,VS0,VE0
etag
"ca18669b4061f8e54f841104f8d8c30e"
vary
Accept-Encoding
x-goog-hash
crc32c=fLKJKA==, md5=yhhmm0Bh+OVPhBEE+NjDDg==
content-type
application/javascript; charset=utf-8
x-goog-generation
1644492452447832
expires
Fri, 10 Feb 2023 11:32:24 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
30478
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
183
_buildManifest.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/CgnmmeLMhmlsmOjXY3IHw/ 		1 KB
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/CgnmmeLMhmlsmOjXY3IHw/_buildManifest.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c8e9ef296f8ec79c3d5960569515ee2a684a3e5ee7579190954b32f78be4270

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
tyjCcqbEsP7v8lXCqlaRWImNiv7u1.UH
content-encoding
gzip
etag
"bb48b608cfb63a5e6ceb0c789924e46e"
timing-allow-origin
*
age
8050
x-cache
HIT
content-length
508
x-amz-id-2
KkvrgN5z8O1bSopClsp2Up6GZuP3Go9EwCyeDATnjFJktofKJA0FKU48kI5yePwAoUabPaRRe58=
x-request-id
00f906875a0bed20e4d8a3e8c4c4be07
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/CgnmmeLMhmlsmOjXY3IHw/_buildManifest.js
last-modified
Tue, 15 Feb 2022 18:07:25 GMT
x-timer
S1645043055.924483,VS0,VE0
date
Wed, 16 Feb 2022 20:24:14 GMT
vary
Accept-Encoding
x-amz-request-id
EZGT2GF6FNCWN69Z
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
49
_ssgManifest.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/CgnmmeLMhmlsmOjXY3IHw/ 		77 B
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/CgnmmeLMhmlsmOjXY3IHw/_ssgManifest.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:14 GMT
content-encoding
gzip
age
9071
x-guploader-uploadid
ADPycdsYQjnbX1sdFRx0sk_D4LHiNzkktbZgfnDL-Hp6nqb9BrcyS8ifE2YpxU6qbhCzmp7CvAreVHfSdEM3zJTaync
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
61
x-request-id
f735e9e82b2afe6047c7320d30cad687
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/CgnmmeLMhmlsmOjXY3IHw/_ssgManifest.js
last-modified
Tue, 15 Feb 2022 18:06:56 GMT
x-timer
S1645043055.936607,VS0,VE0
etag
"b6652df95db52feb4daf4eca35380933"
vary
Accept-Encoding
x-goog-hash
crc32c=Ypo4GQ==, md5=tmUt+V21L+tNr07KNTgJMw==
content-type
application/javascript; charset=utf-8
x-goog-generation
1644948416036802
expires
Wed, 15 Feb 2023 18:10:08 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
77
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
50
fEo6B4rkb_large.jpg
img.buzzfeed.com/buzzfeed-static/static/user_images/ 		822 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.buzzfeed.com/buzzfeed-static/static/user_images/fEo6B4rkb_large.jpg?crop=498%3A498%3B0%2C5&downsize=60:*&output-format=auto&output-quality=auto
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
FastlyIO /
Resource Hash
46f9ff2dd6e5d9c069a23ba0316c0641c0cfbf490be056bae39679a853afc71a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
gODURn3K9kKTHZe0oN6V44f0TCZzDQ8M
via
1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"wn3mGUuo02qQTi7D0SCA956Z5s8HXrTT/MLPrOL+xsw"
age
2534483
x-cache
HIT, HIT, HIT
fastly-io-info
ifsz=597803 idim=499x665 ifmt=png ofsz=822 odim=60x60 ofmt=webp
x-amz-storage-class
STANDARD_IA
x-amz-replication-status
FAILED
fastly-stats
io=1
content-length
822
x-amz-id-2
JMnAlfbkUoEHXiISliEIXD7xNoA0qLP3AYpU0prI/Q954wHUqU2fkfwNaS4jq5Y+/4NTrL3KyUw=
x-served-by
cache-iad-kjyo7100051-IAD, cache-iad-kiad7000124-IAD, cache-yul12823-YUL
timing-allow-origin
*
server
FastlyIO
x-timer
S1645043055.965391,VS0,VE1
date
Wed, 16 Feb 2022 20:24:14 GMT
vary
X-Image-Format-Optimization, X-Image-Quality-Optimization
x-amz-request-id
KT8BJWWYGW42YCPR
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1, 1
fEo6B4rkb_large.jpg
img.buzzfeed.com/buzzfeed-static/static/user_images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.buzzfeed.com/buzzfeed-static/static/user_images/fEo6B4rkb_large.jpg?output-format=jpg&crop=498%3A498%3B0%2C5
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
FastlyIO /
Resource Hash
941f03c0f39022e1840ebbd61f3f82ae12abe2266b9ff3af170bf78f61ad57c4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
gODURn3K9kKTHZe0oN6V44f0TCZzDQ8M
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"3F5cZHGDSwvGhK3UGNtGeyY6mJ3cEHqUKEWWQW5IMmE"
age
7827728
x-cache
HIT, HIT, HIT, HIT
fastly-io-info
ifsz=597803 idim=499x665 ifmt=png ofsz=35260 odim=498x498 ofmt=jpeg
x-amz-storage-class
STANDARD_IA
x-amz-replication-status
FAILED
fastly-stats
io=1
content-length
35260
x-amz-id-2
ZFklbQOkVwmLuDX01tCBwg1igL6xk8Sq73xwft09DqjkrXkbmZIGAKAQzdOmkeUtH44zfhy9N9Y=
x-served-by
cache-dca17749-DCA, cache-bwi5160-BWI, cache-iad-kiad7000138-IAD, cache-yul12823-YUL
timing-allow-origin
*
server
FastlyIO
x-timer
S1645043055.978414,VS0,VE1
date
Wed, 16 Feb 2022 20:24:14 GMT
x-amz-request-id
68MX0PRKTANHPHMZ
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1, 1, 1
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=pcr5jdf&ht=tk&f=10326&a=51127441&app=typekit&e=css
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82db New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
last-modified
Sat, 02 Oct 2021 08:25:28 GMT
server
nginx
etag
"61581778-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
BasierSquare-Bold.a91dbb8319f216b0fcc66b3f5ac51003.woff2
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/BasierSquare-Bold.a91dbb8319f216b0fcc66b3f5ac51003.woff2
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f4b95775737b01965c9005c2899973da340f5a957ebeeb13ac8d44d83be0a3de

Request headers

Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Origin
https://www.buzzfeednews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
age
32110
x-guploader-uploadid
ADPycdsmd4x6v5EkDC3gMveEBgCoaUQOfqFxFiKckQzygucZVuOA0pHWqXc1NrJDCb0uijZ3ifUCJO1ytTf2vBQufyyychCUZQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
15188
x-request-id
827c66f2531b75750690f26e895dec6c
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/media/BasierSquare-Bold.a91dbb8319f216b0fcc66b3f5ac51003.woff2
last-modified
Wed, 02 Feb 2022 12:17:27 GMT
x-timer
S1645043055.164840,VS0,VE0
etag
"200d8f83eed233bae3eae270989c48ac"
vary
Accept-Encoding
x-goog-hash
crc32c=tHggyA==, md5=IA2Pg+7SM7rj6uJwmJxIrA==
content-type
font/woff2
x-goog-generation
1643804247783415
expires
Thu, 02 Feb 2023 12:48:12 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
15188
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
167
BasierSquare-Regular.f6bb0273dc0a2d006278cc5206f0f6aa.woff2
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/BasierSquare-Regular.f6bb0273dc0a2d006278cc5206f0f6aa.woff2
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca81bc4c7927cf0792d37692063e406aa719bd07599e686744f4fe85b6be5d93

Request headers

Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Origin
https://www.buzzfeednews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
age
35300
x-guploader-uploadid
ADPycdu6xsoE3vVU9lb-IlMsdi_TUHvdJhZH8pXy3hh468UXmIbJZJbuEFnG61M3llMjFnu9KJ8P4aAfEShqQogTsTA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
15116
x-request-id
341c213790ee5a1510a8741da739b0f2
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/media/BasierSquare-Regular.f6bb0273dc0a2d006278cc5206f0f6aa.woff2
last-modified
Wed, 02 Feb 2022 11:56:20 GMT
x-timer
S1645043055.167948,VS0,VE0
etag
"cb2cea763355eb742101e11eb83db014"
vary
Accept-Encoding
x-goog-hash
crc32c=Pc/xXQ==, md5=yyzqdjNV63QhAeEeuD2wFA==
content-type
font/woff2
x-goog-generation
1640357641595902
expires
Thu, 02 Feb 2023 12:01:14 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
15116
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4843
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/gif
/
sentry.io/api/1768740/envelope/ 		2 B
410 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1768740/envelope/?sentry_key=0a90e49f43654faf9ae99995abe7249e&sentry_version=7
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Feb 2022 20:24:15 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://www.buzzfeednews.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
fincen-files-promo.7c11bd19cd973320fd5ed8f7176c3b91.svg
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/ 		628 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/fincen-files-promo.7c11bd19cd973320fd5ed8f7176c3b91.svg
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
929a71d55e958c6e91135e4c8502cf8244c89b38ce327fefe0fef5fd28598274

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
RWbt5hR6T23xKhNonym8O6_KV9zbUFWp
content-encoding
gzip
etag
"d6eb4b6ed1825fcef1b2eb54be62e9e7"
timing-allow-origin
*
age
26751
x-cache
HIT
content-length
205914
x-amz-id-2
1uKGWUbbMGYjH1tjIQhgMyqE//A9IachDJPJo6QVpLWDQAu4G8GVhM9fXZclS1UT0WChpZ8GxfI=
x-request-id
1005e371be01cfc46b066bf3b068a1ea
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/media/fincen-files-promo.7c11bd19cd973320fd5ed8f7176c3b91.svg
last-modified
Thu, 02 Dec 2021 18:59:28 GMT
x-timer
S1645043055.318798,VS0,VE0
date
Wed, 16 Feb 2022 20:24:15 GMT
vary
Accept-Encoding
x-amz-request-id
2Z0KK2ZCHNHB7DT1
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
2
PensumPro-Bold.44ccbd05d03f323d9a1820b10425c789.woff2
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/PensumPro-Bold.44ccbd05d03f323d9a1820b10425c789.woff2
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49a12cd6ce103cc5842e3db91b19a38e8ede34f0ab0bc32a18c90159627199df

Request headers

Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Origin
https://www.buzzfeednews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
age
48400
x-guploader-uploadid
ADPycdvIZZmAoT44h92tFcxlaybSVNBB6fIVmczwRWg5AH2_qaO77791E7BqmD9jdSmto1hLbj33yvDfrS4tmksnkUc
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
62916
x-request-id
0eed7b8ca05fd0970c4e35fed334a97b
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/media/PensumPro-Bold.44ccbd05d03f323d9a1820b10425c789.woff2
last-modified
Wed, 16 Feb 2022 01:11:43 GMT
x-timer
S1645043055.321007,VS0,VE0
etag
"f01591f850334f550d74c0e8b060c6c5"
vary
Accept-Encoding
x-goog-hash
crc32c=d9Je/Q==, md5=8BWR+FAzT1UNdMDosGDGxQ==
content-type
font/woff2
x-goog-generation
1644973903445359
expires
Thu, 16 Feb 2023 06:57:35 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
62916
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
182
PensumPro-BookItalic.64fd6a5d73523b80afc14814313e575f.woff2
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/ 		67 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/PensumPro-BookItalic.64fd6a5d73523b80afc14814313e575f.woff2
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db269470ac8280c9603680a99823b0c721a5b2e757810f589b2aa5a24316eafa

Request headers

Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Origin
https://www.buzzfeednews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
SUcBfKCqHRO9yIRf4KTtWk8uTp5sAXNO
etag
"ab0080f3a20050e3e09e88f798c7b338"
timing-allow-origin
*
age
48400
x-cache
HIT
content-length
68524
x-amz-id-2
ofOnmn6bxoooZJ82kW0N2Rs9v47OrRi3dwXAlzNDtAIhq4eewXUcAPU8BvvQ5Qpn9QJJQgMqm60=
x-request-id
4cda506ef7bde70c661159e772aa3954
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/media/PensumPro-BookItalic.64fd6a5d73523b80afc14814313e575f.woff2
last-modified
Wed, 03 Nov 2021 16:39:53 GMT
x-timer
S1645043055.321119,VS0,VE0
date
Wed, 16 Feb 2022 20:24:15 GMT
vary
Accept-Encoding
x-amz-request-id
YDHVQH78QV62Q0XV
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/octet-stream
x-cache-hits
182
PensumPro-Book.70b2872090004231e9ac820d96294d8f.woff2
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/PensumPro-Book.70b2872090004231e9ac820d96294d8f.woff2
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
73082d4849583710938e62c042dee43585b3061a3ae3d76319217ca88c260319

Request headers

Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Origin
https://www.buzzfeednews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
age
51418
x-guploader-uploadid
ADPycdtzheKhXSzZLE4XgEPAHQl4FHSGLDrysy6-p1CUV8WLi4rEcLWEudDNwSt8hHt1clgoes4iG_lgpXfhxwiLO98
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
63824
x-request-id
086b002c080d9ef09b62a7d8bc63ab18
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/media/PensumPro-Book.70b2872090004231e9ac820d96294d8f.woff2
last-modified
Wed, 16 Feb 2022 01:11:43 GMT
x-timer
S1645043055.321201,VS0,VE0
etag
"3a99dc0e5618c568d4f24f1b496c5039"
vary
Accept-Encoding
x-goog-hash
crc32c=z0LfGQ==, md5=OpncDlYYxWjU8k8bSWxQOQ==
content-type
font/woff2
x-goog-generation
1638828593455554
expires
Thu, 16 Feb 2023 06:07:17 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
63824
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
103
VellsMono-Regular-Web.ae902615b19273ef7c29d34137b26b72.woff2
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/VellsMono-Regular-Web.ae902615b19273ef7c29d34137b26b72.woff2
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca48fbf161faf17cc5aa63137bcb9a8a4bc033e673d9d02bd3aa25c401695c89

Request headers

Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Origin
https://www.buzzfeednews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
age
70635
x-guploader-uploadid
ADPycdtmcLNDqUzDC12PtNHF9U7hZtyLE2Ro5nDpB8bhBOcduvc-775sQUrwNpMhwUxTS0-h45yOo2REICqgJiDV4Jc
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
61548
x-request-id
63d4b2b236c5fe153d86c65fb024b419
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/media/VellsMono-Regular-Web.ae902615b19273ef7c29d34137b26b72.woff2
last-modified
Thu, 10 Feb 2022 19:39:51 GMT
x-timer
S1645043055.321294,VS0,VE0
etag
"b17b4494f9b90e3fac8d57fac9e16f43"
vary
Accept-Encoding
x-goog-hash
crc32c=kUo+OQ==, md5=sXtElPm5Dj+sjVf6yeFvQw==
content-type
font/woff2
x-goog-generation
1644008708892051
expires
Sat, 11 Feb 2023 00:59:36 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
61548
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
305
l
use.typekit.net/af/9fa845/000000000000000000010d5b/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9fa845/000000000000000000010d5b/27/l?fvd=n4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82cb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
85c7fc0acc4c90e82efb09963151e3252158847a6267165c41cc237ad7671453

Request headers

Referer
https://www.buzzfeednews.com/
Origin
https://www.buzzfeednews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
server
nginx
etag
"6c7dd503ef8be85de61926a4c2ab832e5fde0e6a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24292
breaking-bar.5cf84a95a05935ba653b.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/breaking-bar.5cf84a95a05935ba653b.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/webpack-66d5f76248cbc5eafe0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f20ef9fd178edf8a73ebf4271554436642d8c8444311971129691feb90d4e76d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
ywIvpxMEOzDVccqBv6QN6DD7hTb3RdjN
content-encoding
gzip
etag
"d37ba4299568a5d8a015f17346d5afee"
timing-allow-origin
*
age
27983
x-cache
HIT
content-length
1991
x-amz-id-2
wtM4Z83PgSpw7BRUpSgOxv0FrSb1DOF87F1QZsXgHXy3ENerM6669b+u3cUKufPVP3hANXB/6yM=
x-request-id
756d153807ed094b4e2698219be6e61c
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/breaking-bar.5cf84a95a05935ba653b.js
last-modified
Wed, 19 Jan 2022 20:01:02 GMT
x-timer
S1645043055.460518,VS0,VE0
date
Wed, 16 Feb 2022 20:24:15 GMT
vary
Accept-Encoding
x-amz-request-id
2Z0Y17PZBJPJYE3V
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
158
comments-cta-button.5d486843c2eb5d294af0.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/comments-cta-button.5d486843c2eb5d294af0.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/webpack-66d5f76248cbc5eafe0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bd1a7cb989791276ea23378fbd0989415ac243e6363ed961318a3f75e4d220e7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
content-encoding
gzip
age
48857
x-guploader-uploadid
ADPycduWAIoTKXeiwW8FPLx0H3PqnlJQ8lBdoVCFZqcyD8toTnobgJ42kCck7hHuSv-s82B9JoggTwbabaTsr1UKS38
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
1784
x-request-id
dbe488ad3f3fc77bd5ded2241b427df6
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/comments-cta-button.5d486843c2eb5d294af0.js
last-modified
Wed, 16 Feb 2022 01:11:43 GMT
x-timer
S1645043055.478542,VS0,VE0
etag
"98905f23b166fd15ff2311fa14d6187c"
vary
Accept-Encoding
x-goog-hash
crc32c=ypby5Q==, md5=mJBfI7Fm/RX/IxH6FNYYfA==
content-type
application/javascript; charset=utf-8
x-goog-generation
1643927656807455
expires
Thu, 16 Feb 2023 06:49:58 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
4698
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
169
comments.62badda1c9ebeeca2140.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		74 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/comments.62badda1c9ebeeca2140.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/webpack-66d5f76248cbc5eafe0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ecf2ed1b3fcc3019424b69188b3a8138ed9544e4a48b539b850fd047cf8f26e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
content-encoding
gzip
age
48400
x-guploader-uploadid
ADPycds-BvHuM2ITJE3N_Fu_LbkFvTH91BJj2HcE1aVx4gCJmVlgyyoXFnBddwotd0cYlz_fqE52kkOFx3T7vsi-BTk
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20412
x-request-id
476fb44e560f4a66a406c4535ec8c6f7
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/comments.62badda1c9ebeeca2140.js
last-modified
Wed, 16 Feb 2022 01:11:43 GMT
x-timer
S1645043056.504752,VS0,VE0
etag
"588006eec678c878de6bd6965c052a34"
vary
Accept-Encoding
x-goog-hash
crc32c=6Z8SXQ==, md5=WIAG7sZ4yHjea9aWXAUqNA==
content-type
application/javascript; charset=utf-8
x-goog-generation
1643927656781757
expires
Thu, 16 Feb 2023 06:57:35 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
75440
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
180
454.fde45c93b296a59c4731.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/454.fde45c93b296a59c4731.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/webpack-66d5f76248cbc5eafe0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
482b2c1223925efafceb4478297480ded9f9b36bc3f17b0ef42756d020197886

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
content-encoding
gzip
age
35170
x-guploader-uploadid
ADPycdtK2UQ508DB8nW-xGrsmAWPhSw4cEKmNH3YE4_fO0SqyhiRyIyDyOQiq5Me6haNM4GfkzERLXZwsLk9KFvhWsffxPsVtQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
7279
x-request-id
b200680f91a8c12abd6534ca4b7d9888
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/454.fde45c93b296a59c4731.js
last-modified
Wed, 02 Feb 2022 12:05:04 GMT
x-timer
S1645043056.504860,VS0,VE0
etag
"87ff0dd2960e6934dfd76c0e00135d95"
vary
Accept-Encoding
x-goog-hash
crc32c=hULf6Q==, md5=h/8N0pYOaTTf12wOABNdlQ==
content-type
application/javascript; charset=utf-8
x-goog-generation
1636739328082257
expires
Thu, 02 Feb 2023 12:16:07 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
25139
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
173
24b857353c90f3f92b90.css
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/css/24b857353c90f3f92b90.css
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/webpack-66d5f76248cbc5eafe0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b5718de47b175cd832d3b5fa835e3b0471162ae3be235d0adcec616c48faaaee

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
36qHGmLo9Fn5oj97M3lC.JxQUmTMvqkN
content-encoding
gzip
etag
"6d8beaf150ad10b16af993dfdfabc6ac"
timing-allow-origin
*
age
33198
x-cache
HIT
content-length
883
x-amz-id-2
h+aAVkMiEM/3/qDNYo6f1TGwbhLAgzjiQjawGA8FTHXhJD1iSG0M+OBDnpxJfI4VYkdCY8r6qyA=
x-request-id
0c36f4c7667f027a12f9278a4545d45d
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/css/24b857353c90f3f92b90.css
last-modified
Tue, 02 Nov 2021 11:29:50 GMT
x-timer
S1645043056.504960,VS0,VE0
date
Wed, 16 Feb 2022 20:24:15 GMT
vary
Accept-Encoding
x-amz-request-id
5MXVFVDV8Z30ZFYZ
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
text/css
x-cache-hits
174
scroll-actions.4df1acd76612ed52ae60.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/scroll-actions.4df1acd76612ed52ae60.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/webpack-66d5f76248cbc5eafe0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
28fab11290254b488e704d826293b90a29f69601b8e4c02c2464079efd22faff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
CvabSy.NA1F67m6QIMse4kJGg9MrABzJ
content-encoding
gzip
etag
"3e11c2f7416cd18112a163cb4dc34e55"
timing-allow-origin
*
age
32110
x-cache
HIT
content-length
2843
x-amz-id-2
vouRbXwq0qIQwWuLSJfFw4a02eF7k4DMyrAZDS3WG+eQDme8FZ3gQbNtv/10jC5UCgrzEX1baZs=
x-request-id
a1288d7a6634e46bbc4b374a1ebf1061
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/scroll-actions.4df1acd76612ed52ae60.js
last-modified
Fri, 26 Nov 2021 14:13:55 GMT
x-timer
S1645043056.504966,VS0,VE0
date
Wed, 16 Feb 2022 20:24:15 GMT
vary
Accept-Encoding
x-amz-request-id
2Z0MPF5KW2FBYZ90
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
167
destination-sync.html
www.buzzfeed.com/ Frame 2E74 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeed.com/destination-sync.html
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/868-9c8d4c139440e5a34bc5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6dfd3cfccb18589b9e98dfa8f04218473eb40a5438f677a9a0ed55e7d8d78c35
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
etag
W/"62017375-cd0"
last-modified
Mon, 07 Feb 2022 19:31:01 GMT
x-request-id
356ad4ca1adca998cbfd69e007f0cdf2
accept-ranges
bytes
date
Wed, 16 Feb 2022 20:24:15 GMT
age
93099
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
x-served-by
cache-yul12823-YUL
x-cache
HIT
x-cache-hits
4356
x-timer
S1645043056.510169,VS0,VE0
vary
Accept-Encoding
content-length
1018
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/868-9c8d4c139440e5a34bc5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7199
date
Wed, 16 Feb 2022 18:24:16 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 16 Feb 2022 20:24:16 GMT
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:49d::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl
7200
x-cdn
akamai
etag
"c4a0eea377c5e0da574e46f4d6e838e5"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
accept-ranges
bytes
content-length
1142
access-control-expose-headers
X-CDN
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.195 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 23 Feb 2022 20:24:15 GMT
spm.v1.min.js
ak.sail-horizon.com/spm/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-89.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:19:35 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 04:22:34 GMT
server
AmazonS3
age
280
etag
W/"b22b4f4738e8722be1636447be239da2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
nSTEbKx1yeHljj4cPRDJJbfG3tcQztxISvfJ0F7uRQTDFHnNM-KSrA==
scevent.min.js
sc-static.net/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/868-9c8d4c139440e5a34bc5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.240.249 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-240-249.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
af3f350dca72e0309a29b508ce47c6a81588c1f1c4925407a397c53163d541b9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
6261
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
x-amz-cf-id
hNtyZvbmKfh4mp4Zjy1fLKEXi2-u26-hZeSoZ3X9KR4M3mB0ZjtwJQ==
obtp.js
amplify.outbrain.com/cp/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/868-9c8d4c139440e5a34bc5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Feb 2022 12:30:38 GMT
Server
AkamaiNetStorage
ETag
"23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3150
Expires
Wed, 16 Feb 2022 20:44:15 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6768151/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Server
52.85.61.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-5.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 16 Feb 2022 19:54:17 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
1799
etag
W/"5b0f9f0704a703b8da651007721fac57"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
173AmcPRxylEXcCAuSLe6jrjid2-Jl0wcqhBb6xOAlEdnHh9m4qYpA==

Redirect headers

date
Wed, 16 Feb 2022 20:24:15 GMT
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-cs/default/beacon.js
content-length
52
x-amz-cf-id
c2-a3v4nmqxzN3XusKopxmeI5FRQDt4x3WEwZNRjSM9THTUzZ5ZEHA==
session.ed10e4bcdb3492ae4a25.js
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/ 		917 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/session.ed10e4bcdb3492ae4a25.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/webpack-66d5f76248cbc5eafe0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3d4ee6a6585f129f667fecc152b7805c56de8d441b173649120da09daaef6baa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
content-encoding
gzip
age
32110
x-guploader-uploadid
ADPycdsCvuB8tD_GDmwQGzjt1uEfIgA1De3WT6yuiPLZpFhC8nW44ZGL54eT6_kKxMT1f7jj0KRl29YS7QfmnrqCzfk
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
498
x-request-id
5c7904200313ffc11a21fcd7d62733f0
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/chunks/session.ed10e4bcdb3492ae4a25.js
last-modified
Wed, 02 Feb 2022 12:17:27 GMT
x-timer
S1645043056.514279,VS0,VE0
etag
"aa5b0cff08437567cbea47d2de21fb0c"
vary
Accept-Encoding
x-goog-hash
crc32c=QSyiEQ==, md5=qlsM/whDdWfL6kfS3iH7DA==
content-type
application/javascript; charset=utf-8
x-goog-generation
1643804247795042
expires
Thu, 02 Feb 2023 12:47:43 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
917
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
175
buzzfeed_ok567kgt88.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/buzzfeed_ok567kgt88.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7800:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
9279514b274b76bfbe645986ede0e79f07ad802218b4a6c88f74f3a46747b5dd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 06:29:17 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 10:05:16 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age
50098
etag
W/"17acc-5d6f209aa3501"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
oqs-YYhRQtj2ciC3kc2e693CRtgkcTzo8mZmfoN9iWbU70UgEqCr2Q==
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
74679X1524629.skimlinks.js
s.skimresources.com/js/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/74679X1524629.skimlinks.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb71555142b0898ed09078970c310e348c56fd4215e3d0de4c8e6884a90f708c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
content-encoding
gzip
last-modified
Fri, 06 Aug 2021 11:19:35 GMT
server
AmazonS3
x-amz-request-id
ZBN20B526WJ1DQFV
etag
"26a83df2974b802a71ab6e58795b78f7"
x-hw
1645043055.cds172.dc2.hn,1645043055.cds032.dc2.c
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
9234
x-amz-id-2
OFAx++7BCfH6Dn4bcwF7zgQLYja9EAcH9IP/1Lfsf1PC3SYYrhnRAZuLUyCEFpNnEK0IkuydluI=
index.js
elements.widget.shopbonsai.ca/ 		275 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elements.widget.shopbonsai.ca/index.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/403-240fdaf6014d924c4e62.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.70.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.70.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
10b0639973fc0fbf08970e1b36ece38b05e6316fef61ea055855add4a1e25074

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvKGG8swzwHK-M5xiOoIkiot5-XnDsafUzsaAKIF-GpP80fQCx7vfHOhtG7wuITTSQuf_7TwRKpbg-iq8xZ5KY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
76559
access-control-allow-origin
*
last-modified
Tue, 15 Feb 2022 18:51:19 GMT
server
UploadServer
cache-control
no-cache,no-transform,public,max-age=3600
etag
"8c0adc0d68a21ce862a082cae78d9157"
x-goog-hash
crc32c=z6JKKA==, md5=jArcDWiiHOhioILK542RVw==
x-cache-id
YUL-62c5aa93
x-goog-generation
1644951079316108
access-control-expose-headers
*
x-cache-hit
revalidated
x-goog-stored-content-length
76559
accept-ranges
bytes
content-type
application/javascript
ProximaNova-Reg-webfont.1f5579f4015ddefbf6cb26af0810061b.woff2
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/ProximaNova-Reg-webfont.1f5579f4015ddefbf6cb26af0810061b.woff2
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
35b63b256d21f417be9b975bf634e27de05b1f607aa03fa7b4b3ffc0220e8fd8

Request headers

Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Origin
https://www.buzzfeednews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
NyVMI7aaz.8ohwlmvgtbmaPMHbzmSnrv
etag
"5d5b6593c3948d364e163d9d1ab28b8b"
timing-allow-origin
*
age
43362
x-cache
HIT
content-length
18320
x-amz-id-2
FAbJeBaZxDnWwfeHS4ZsVqsc6IML/nlI7KxBFZepUcBm2Qppe9NlIyHGHcQoig9z45KFRzwtbys=
x-request-id
732589a559b817d83536fda9095a706e
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/media/ProximaNova-Reg-webfont.1f5579f4015ddefbf6cb26af0810061b.woff2
last-modified
Fri, 13 Aug 2021 09:56:26 GMT
x-timer
S1645043056.544377,VS0,VE0
date
Wed, 16 Feb 2022 20:24:15 GMT
vary
Accept-Encoding
x-amz-request-id
5MXPA2V1N0CNZRTD
cache-control
max-age=31536000,immutable
accept-ranges
bytes
content-type
application/octet-stream
x-cache-hits
171
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
b4B7dDnS9p/uqk4NoicjAl3D8qfc1EO2Ez4wg2zn95dXduvLwgZN/J+S7db2ZqVqmvssRlr7udbZY0e3jU8JZg==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 16 Feb 2022 20:24:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ggcmb510.js
cdn-gl.imrworldwide.com/novms/js/2/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 16 Feb 2022 20:00:46 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 14:37:17 GMT
server
AmazonS3
age
1410
etag
W/"afa0d379b1e6e0a61fad577d0043ff26"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
uy5pwXEs6BrL6vq4YcsnuXZE0zGUg_yC
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
EWR53-P1
content-type
application/javascript
x-amz-cf-id
vtKLQwWtmMqOuH2Vl68NB2y0p-15ju3m0m79uSyhxvGu0o0c7sTbog==
render_kit.ab3b4361d5d5701cdd7b.js
www.buzzfeed.com/static-assets/buzz-format-platform/related_links/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeed.com/static-assets/buzz-format-platform/related_links/js/render_kit.ab3b4361d5d5701cdd7b.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/js/subbuzzes.dc669573d6172df5957c.js?brotli=allow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9353ef5ee9dc5aa63f593019ef04fa7978dbd9534faa7eb2a0bb3731c72e4c82
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
3rK5QFoZWe9aGcVEUFO35KgiJ2JE0NxA
content-encoding
gzip
etag
"22916f338d38975837e848ef9c92c410"
age
49372
x-cache
HIT
strict-transport-security
max-age=31536000; preload
content-length
7468
x-amz-id-2
N1RtUzyzJFZzG2S4pVrpstuYpYAAnvbV1cy6TOOKPtuk0l6fKlQe8xZh7KYbIfVId/1UKEGH7AE=
x-request-id
84f62ee10693e562996251d3788de0ed
x-served-by
cache-yul12823-YUL
timing-allow-origin
*
last-modified
Mon, 10 Jan 2022 21:17:44 GMT
x-timer
S1645043056.697313,VS0,VE0
x-frame-options
SAMEORIGIN
date
Wed, 16 Feb 2022 20:24:15 GMT
vary
Accept-Encoding
x-amz-request-id
H0AVMWR0E58RKGE3
cache-control
max-age=31536000,immutable
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
189
render_kit.7232dfa7293033e3e699.js
www.buzzfeed.com/static-assets/buzz-format-platform/newsletter_signup/js/ 		226 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeed.com/static-assets/buzz-format-platform/newsletter_signup/js/render_kit.7232dfa7293033e3e699.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/js/subbuzzes.dc669573d6172df5957c.js?brotli=allow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c1038d24c8f0ac01ed910e302b6b4ba16da7dec316e6039d01e5f0aa4e5a5e85
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
O1NLbCLdbw_P57DuAobSzUlBPbWlgV_R
content-encoding
gzip
etag
"205e1f3d313308364e47fd80bbfc8ef9"
age
10181
x-cache
HIT
strict-transport-security
max-age=31536000; preload
content-length
60630
x-amz-id-2
MXlW3rfMyQoXz5QN+0IVO1EbDyO/fc4AhSW0/BQz3ckxHTLNdLKOf9bYvwoRxfQIcE6hFJV60KM=
x-request-id
8ae66955ea94a5447eb51135a1cb1583
x-served-by
cache-yul12823-YUL
timing-allow-origin
*
last-modified
Tue, 08 Feb 2022 10:41:27 GMT
x-timer
S1645043056.698161,VS0,VE0
x-frame-options
SAMEORIGIN
date
Wed, 16 Feb 2022 20:24:15 GMT
vary
Accept-Encoding
x-amz-request-id
1WBMAKS2QTMTPHYQ
cache-control
max-age=31536000,immutable
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
843
sub-buzz-2513-1644941393-25.jpg
img.buzzfeed.com/buzzfeed-static/static/2022-02/15/16/asset/0011b72d90a5/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.buzzfeed.com/buzzfeed-static/static/2022-02/15/16/asset/0011b72d90a5/sub-buzz-2513-1644941393-25.jpg?crop=1583%3A1584%3B434%2C0&downsize=400:*&output-format=auto&output-quality=auto
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
FastlyIO /
Resource Hash
100d6bb71d1d0941f44f09dd281ee1e7ead7374ee4cef777b6fcfff0b9eeec6f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
zM_3zd.SSyDES6Vri1ocEwVpx9wSO7v2
via
1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"FZY2IKvVwg9aRciObOFsUC8C/wp51JnTST/0XooAx/I"
age
101428
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=1305328 idim=2330x1642 ifmt=jpeg ofsz=16778 odim=400x400 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
16778
x-amz-id-2
Xru2/IKwwCSh43QxlwK4swO9fkjgV38VwTf5BQ2ryczHES3JH/Edd/YwDKIBRn7I3Xcr1AIrMR4=
x-served-by
cache-iad-kcgs7200175-IAD, cache-iad-kiad7000062-IAD, cache-yul12823-YUL
timing-allow-origin
*
server
FastlyIO
x-timer
S1645043056.818365,VS0,VE0
date
Wed, 16 Feb 2022 20:24:15 GMT
vary
X-Image-Format-Optimization, X-Image-Quality-Optimization
x-amz-request-id
7S9CAZNKMXHH7A36
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-type
image/webp
x-cache-hits
0, 1, 14
sub-buzz-4198-1644941363-15.jpg
img.buzzfeed.com/buzzfeed-static/static/2022-02/15/16/asset/c912c55c7c11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.buzzfeed.com/buzzfeed-static/static/2022-02/15/16/asset/c912c55c7c11/sub-buzz-4198-1644941363-15.jpg?crop=2064%3A2065%3B468%2C0&downsize=400:*&output-format=auto&output-quality=auto
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
FastlyIO /
Resource Hash
09ed6fc1d861ff18f230dfb3384d2283eea8c0a2a0bc94c0b87b4bbb000c868a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
sl_oF_Ks6yoT4hKR8RYzbUYTjN1mY9nl
via
1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"8Yuo7STD8y6zaCblodl9hdWDLjoIDsoKdoumUut02wA"
age
101427
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=2005172 idim=3000x2067 ifmt=jpeg ofsz=10320 odim=400x400 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
10320
x-amz-id-2
ZKqIT8Q87W/6zhSIdPk4r3rWafLb2RbPW2Wh6+RXXDMHeq/P6m6eEn7w1kI4bJcD7rmfVPirqQI=
x-served-by
cache-iad-kjyo7100025-IAD, cache-iad-kcgs7200126-IAD, cache-yul12823-YUL
timing-allow-origin
*
server
FastlyIO
x-timer
S1645043056.818473,VS0,VE1
date
Wed, 16 Feb 2022 20:24:15 GMT
vary
X-Image-Format-Optimization, X-Image-Quality-Optimization
x-amz-request-id
NZNBQMCCHZ7RE1ZP
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-type
image/webp
x-cache-hits
0, 1, 1
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=0020946b84687eadc69ca9e8c97ade0b3c,0050b4bef1fd7acac4dc0283f3f481f712,005d5f7b766c31c50fc3ca08b979ce5414,00f5f52824d6816e28152720d667c7faf7
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:15 GMT
content-encoding
gzip
X-TraceId
6c429946d6340986936c0f8523c95e38
Content-Length
56
Content-Type
application/javascript
/
r.skimresources.com/api/ 		179 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?callback=skimlinksApplyHandlers&data=%7B%22pubcode%22%3A%2274679X1524629%22%2C%22domains%22%3A%5B%22tips.buzzfeednews.com%22%2C%22support.buzzfeednews.com%22%2C%22twitter.com%22%2C%22facebook.com%22%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list%22%7D
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/74679X1524629.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
e5fe5d75f9e74ac223091532e75851aba6ca3b69ec69cb9e68559e9e5ba64391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
via
1.1 google
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-credentials
true
alt-svc
clear
content-length
179
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=2.229077488420447
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=2.229077488420447
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
glcfg510.js
cdn-gl.imrworldwide.com/novms/js/2/configs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 16 Feb 2022 20:02:07 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 14:37:17 GMT
server
AmazonS3
age
1328
etag
W/"931051f801612c3a0e2782961ac3d56c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
lGCM3J1T752RkCkyvC4YTmc2da4EfDQV
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
EWR53-P1
content-type
application/javascript
x-amz-cf-id
gb034zi-nQSbZUnm_ZA4U9NW9te86KgenBN-quCtjRyFH6weNidwvA==
main.32155010.js
s.pinimg.com/ct/lib/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.32155010.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:49d::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
gzip
x-cdn
akamai
etag
"fd86de14455274a7c147dc95b77e18e3"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18298
access-control-expose-headers
X-CDN
breaking-bar
www.buzzfeednews.com/site-component/v1/en-us/ 		49 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/site-component/v1/en-us/breaking-bar
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3d2df3ed93fe9b3cb66cae080ceb0cb30dfbedc1efed29de5e05b646238ea8af

Request headers

Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
sentry-trace
ad2398cbf9ca4fba8050149e10cf8b47-9d3125fefbd07289-0

Response headers

date
Wed, 16 Feb 2022 20:24:15 GMT
content-encoding
gzip
x-api-version
1
age
14
x-cache
HIT
x-cache-hits
1
content-length
68
x-request-id
aedb3637bf046577eb6c17ad471482be
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/site-component/v1/en-us/breaking-bar
x-timer
S1645043056.878376,VS0,VE0
etag
"97884d253517eefe2bd03622567b63341b3de1ca"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
0
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=384824094&t=pageview&_s=1&dl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&ul=en-us&de=UTF-8&dt=Prince%20Andrew%20Reaches%20Settlement%20With%20Jeffery%20Epstein%20Victim%20Virginia%20Giuffre&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABCAAAAC~&jid=1774661224&gjid=2107829252&cid=1526230868.1645043056&tid=UA-1740781-74&_gid=1125824906.1645043056&_r=1&_slc=1&cd1=bf_bpage_ui&cd11=US&cd12=News&z=1746634792
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.buzzfeednews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=utm_source%3DSailthru&page=utm_medium%3Demail&page=utm_campaign%3D02%2F16%2F2022%20Incoming%20newsletter&page=utm_term%3DNews%20confirmed%20list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Origin
https://www.buzzfeednews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
content-type
text/plain
content-length
18
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow
HEAD,GET,OPTIONS
simple
api.sail-personalize.com/v1/personalize/ 		288 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=utm_source%3DSailthru&page=utm_medium%3Demail&page=utm_campaign%3D02%2F16%2F2022%20Incoming%20newsletter&page=utm_term%3DNews%20confirmed%20list
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
6e6315215ab97e283c218d83912504c854ee95d8d030afb76c6fd75923a5481e

Request headers

x-lib-version
v1.0.1
Accept-Language
en-CA,en;q=0.9
authorization
Bearer ccaf2e718aa7ed087167fca028bca7d1
content-type
application/json
accept
application/json
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-referring-url
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:16 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
196
allowedmethods
GET,OPTIONS
expires
-1
comments
www.buzzfeednews.com/comments-api/v1/ 		45 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/comments-api/v1/comments?content_type=buzz&content_id=6160827&page_size=20&child_size=10&sort=hearts&state=visible%2Chidden%2Cdeleted
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2718404ddccc24c361b62527821860f0d72ad13fb138f176dce5d958eae9d6d7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
content-encoding
gzip
age
0
x-cache
MISS
cross-origin-resource-policy
same-site
content-length
11696
x-request-id
fb6f223cabbf90f38581aab6153cf582
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/comments-api/v1/comments?child_size=10&content_id=6160827&content_type=buzz&page_size=20&sort=hearts&state=visible%2Chidden%2Cdeleted
x-timer
S1645043056.963410,VS0,VE105
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-store
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
is_enabled
tr.snapchat.com/collector/ 		46 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=32a4892a-7a98-44df-b23b-7ed05a1b1f6f
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
3e3a4755aad2ad8685422ae569f69527f6e9cc6f8d416cf796bfab2612da055b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
via
1.1 google
server
nginx/1.19.6
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
experiment_variants
abeagle-public.buzzfeed.com/public/v3/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://abeagle-public.buzzfeed.com/public/v3/experiment_variants?experiment_names=consent_management_quantcast_choice%3Bcommerce-hide-amazon%3Bpromotion_black-friday%3Bpromotion_cyber-monday%3Bshopping_package_all_bpager%3Bbonsai_shopping_cart%3BSITE-7587_commerce_AdRizer%3Belection2020_package_bfdc_bpages%3Bcommerce_ad_affiliate%3Bcommerce_ad_recirc%3BSITE-7528-TPAU_with_images%3BSITE-7524_wishlist_onsite_reminder%3BPAR-436-etsy-tpau-ranking%3Bads_scroll_subscription%3Bads_prebid%3Bads_bid_cache%3Bads_amazon_tam%3Bads_ad_lightning%3Bads_adrizer%3Bads_blockthrough%3Bmoat_dfp_native_video_tracking%3Badvertise_international%3Bnon_us_ad_lookahead_adjustments%3BADSGROUP-408_bouncex_bpager%3BADSGROUP-143_new_ad_calls_structure%3BADS-1791-new-bpage-gpt-lazyload&user_id=f3f6f6d4-5473-43ad-90c6-b1e558305efe&source=buzz_web
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
017592c0fe8453a1ce3c7ced6be031483d2010a2f5217669b1fa46a3c002e2b9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
via
1.1 varnish
age
0
etag
"a009401de85cdadf7a8f68941a004ee24c936d35"
x-served-by
cache-yul12826-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
x-timer
S1645043056.045163,VS0,VE21
content-length
4134
x-cache-hits
0
/
o1085221.ingest.sentry.io/api/6095725/envelope/ 		2 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o1085221.ingest.sentry.io/api/6095725/envelope/?sentry_key=16f695c526194254b6284a1ab5ae6b50&sentry_version=7
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.buzzfeednews.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
163.8854ad1165fa128a886b.js
elements.widget.shopbonsai.ca/ 		250 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elements.widget.shopbonsai.ca/163.8854ad1165fa128a886b.js
Requested by
Host: elements.widget.shopbonsai.ca
URL: https://elements.widget.shopbonsai.ca/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.70.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.70.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
08541704050151b92161b88903be31ae1b92cbd49fe5ffc193e84567fde12d69

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:43:45 GMT
content-encoding
gzip
age
9631
x-guploader-uploadid
ADPycdtgmeE4iwmUe1bqx2Nl47n_1HRDTNXmunk1scRHoOLaze_VIq3_OX-U9pgOexyya0-cc7jK3v2Ump9f-PhI9bk6ys1O8w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
77309
access-control-allow-origin
*
last-modified
Mon, 14 Feb 2022 17:43:37 GMT
server
UploadServer
cache-control
public,max-age=3600,no-transform
etag
"cfb42a7fa2e2f4ef20dc499af61382fb"
x-goog-hash
crc32c=xs3lLA==, md5=z7Qqf6Li9O8g3Ema9hOC+w==
x-cache-id
YUL-62c5aa93
x-goog-generation
1644860617385333
access-control-expose-headers
*
x-cache-hit
hit
x-goog-stored-content-length
77309
accept-ranges
bytes
content-type
application/javascript
170.666b7566b66202bedcce.js
elements.widget.shopbonsai.ca/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elements.widget.shopbonsai.ca/170.666b7566b66202bedcce.js
Requested by
Host: elements.widget.shopbonsai.ca
URL: https://elements.widget.shopbonsai.ca/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.70.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.70.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8841d69a8f8d692df75af15793fa4cdf6ea6ce551a419cb2883235235128d169

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:36:18 GMT
content-encoding
gzip
age
10078
x-guploader-uploadid
ADPycdtMKoje6aM0RbAGaEwmKJ1mFmHq8uzcBhEvhg2kwdizmcu-tUZ6u1T5t5PzgJzJGFnzM9-DF8TlkLYQmJ_ph4Zz-N7GwQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
9041
access-control-allow-origin
*
last-modified
Mon, 14 Feb 2022 17:43:40 GMT
server
UploadServer
cache-control
public,max-age=3600,no-transform
etag
"3bad592dbfa3ea649945d0e5194b5e38"
x-goog-hash
crc32c=dG7s6w==, md5=O61ZLb+j6mSZRdDlGUteOA==
x-cache-id
YUL-62c5aa93
x-goog-generation
1644860620362699
access-control-expose-headers
*
x-cache-hit
hit
x-goog-stored-content-length
9041
accept-ranges
bytes
content-type
application/javascript
505.45ce9a18fe94075ab1a6.js
elements.widget.shopbonsai.ca/ 		143 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elements.widget.shopbonsai.ca/505.45ce9a18fe94075ab1a6.js
Requested by
Host: elements.widget.shopbonsai.ca
URL: https://elements.widget.shopbonsai.ca/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.70.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.70.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
317f23558b3b9647275ff1bc158ea385849267feed509c13b039b7245d567af0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 18:51:21 GMT
content-encoding
gzip
age
5575
x-guploader-uploadid
ADPycduNJ2hnlKtUeJtNZjXBUCdRwMGuFItJyRwyJWQlTh8BUv9J1j9xLnHT78XRNXuGlQkp90HBwaEU-MTG3lR4mZTLyVFq0A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
35024
access-control-allow-origin
*
last-modified
Tue, 15 Feb 2022 18:51:17 GMT
server
UploadServer
cache-control
public,max-age=3600,no-transform
etag
"f48fafd51bb3f4409ceaf4da3da6f853"
x-goog-hash
crc32c=RS+LAQ==, md5=9I+v1Ruz9ECc6vTaPab4Uw==
x-cache-id
YUL-62c5aa93
x-goog-generation
1644951077685962
access-control-expose-headers
*
x-cache-hit
hit
x-goog-stored-content-length
35024
accept-ranges
bytes
content-type
application/javascript
coordinator.b18b5ad7f994cbc0e562.js
elements.widget.shopbonsai.ca/ 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elements.widget.shopbonsai.ca/coordinator.b18b5ad7f994cbc0e562.js
Requested by
Host: elements.widget.shopbonsai.ca
URL: https://elements.widget.shopbonsai.ca/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.70.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.70.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e23d3f85fbcffd67376608d92e5e248c424835023e17df383a1ccd7d16bbc689

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 18:51:21 GMT
content-encoding
gzip
age
5575
x-guploader-uploadid
ADPycduiLecS6U0LuOgn1GDmgSTqx89pdxDNVgn-WZcucCRDibYyJc97toMSiSS2iQGdhrbbDv3luHDYINu2tepxWaXcTbp1gw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
13938
access-control-allow-origin
*
last-modified
Tue, 15 Feb 2022 18:51:17 GMT
server
UploadServer
cache-control
public,max-age=3600,no-transform
etag
"90d6065fd82f5899f9d81a93c215356c"
x-goog-hash
crc32c=ANkilA==, md5=kNYGX9gvWJn52BqTwhU1bA==
x-cache-id
YUL-62c5aa93
x-goog-generation
1644951077724585
access-control-expose-headers
*
x-cache-hit
hit
x-goog-stored-content-length
13938
accept-ranges
bytes
content-type
application/javascript
i
tr.snapchat.com/cm/ Frame B3F1 		672 B
688 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=32a4892a-7a98-44df-b23b-7ed05a1b1f6f
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

server
nginx/1.19.6
date
Wed, 16 Feb 2022 20:24:16 GMT
content-type
text/html
content-length
672
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/ 		1 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1740781-74&cid=1526230868.1645043056&jid=1774661224&gjid=2107829252&_gid=1125824906.1645043056&_u=YEBAAEAACAAAAC~&z=326514446
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1407::9b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 16 Feb 2022 20:24:16 GMT
content-type
text/plain
access-control-allow-origin
https://www.buzzfeednews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6768151&cs_ucfr=1&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1645043056154&ns_c=UTF-8&c7=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprinc...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6768151&cs_ucfr=1&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1645043056154&ns_c=UTF-8&c7=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprin...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6768151&cs_ucfr=1&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1645043056154&ns_c=UTF-8&c7=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&c8=Prince%20Andrew%20Reaches%20Settlement%20With%20Jeffery%20Epstein%20Victim%20Virginia%20Giuffre&c9=
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Server
52.85.61.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-5.ewr53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
d37R_BKV5FXZ4IezEyeHD97lLsyRAf9SiVsMxkUHjQxTcPJXyE4JQw==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 16 Feb 2022 20:24:16 GMT
via
1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6768151&cs_ucfr=1&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1645043056154&ns_c=UTF-8&c7=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&c8=Prince%20Andrew%20Reaches%20Settlement%20With%20Jeffery%20Epstein%20Victim%20Virginia%20Giuffre&c9=
content-length
505
x-amz-cf-id
WIRUZ7XJhdnMiQRLJzxIMb56IR8NQrY9JKxjdDFW4BTenWZAKwkwjA==
p
tr.snapchat.com/ Frame C120 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.buzzfeednews.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

server
nginx/1.19.6
date
Wed, 16 Feb 2022 20:24:16 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rules-p-3aud4J6uA4Z6Y.js
rules.quantcount.com/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-3aud4J6uA4Z6Y.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5423a8b64392927336c6ed24e4504d9655370ae2fb885954a1bbf519e0da8100

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:13:25 GMT
content-encoding
gzip
age
652
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 17 Nov 2021 20:52:23 GMT
server
AmazonS3
etag
W/"54c17dc48c3834d548677108ac4d7613"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 6f9ef5ae165c9835aa6935d9fb7e2072.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
tq_GSOCVG8AgLc6h80wMtR44y9mRdpOLzskooBSK-MKQF4C_cQQaUA==
/
ct.pinterest.com/user/ 		487 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2615790681679&ov=%7B%22page_name%22%3A%22article%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%22%2C%22page_category%22%3A%22usnews%22%7D&cb=1645043056191
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.251.243 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-251-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.8723df17.1645043056.26cda07d
x-envoy-upstream-service-time
2
x-pinterest-rid
1719737747437442
pin-unauth
dWlkPU1tSmhabUk0WkRRdFlUazFNeTAwWVdRMUxUa3dOR1l0TURreE5Ea3dORE13WW1aaQ
access-control-allow-origin
https://www.buzzfeednews.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
350
expires
Sat, 01 Jan 2000 00:00:00 GMT
P77672CB5-D3F4-4EBC-8161-08175209A620.js
cdn-gl.imrworldwide.com/conf/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/P77672CB5-D3F4-4EBC-8161-08175209A620.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0c0647d225dbc152018f2513db8bdc7f072000719e7a41ccc57907550b54741

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Su3stGnJb6quqcj0SuDbbwWltNM7hNDG
content-encoding
gzip
etag
W/"b92191461f65831ed97e93008b9b164a"
last-modified
Wed, 16 Feb 2022 17:16:57 GMT
server
AmazonS3
age
877
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Wed, 16 Feb 2022 20:09:40 GMT
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
xB6qbwXvzHzWdytUYXn7DzZPRHO0JBQsu2w9uFwQH4GhmiHH2GXjpQ==
choice.js
quantcast.mgr.consensu.org/choice/3aud4J6uA4Z6Y/www.buzzfeednews.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/3aud4J6uA4Z6Y/www.buzzfeednews.com/choice.js?timestamp=1645043056273
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:1c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d4691df914a517fb66e887222f04545dce0a0d5c2603f48735d3ddbf9cf917a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 16 Feb 2022 20:24:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Jan 2022 15:40:24 GMT
server
AmazonS3
age
13
etag
W/"54a999b396aaae2f5a187430d63c497f"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
wECfyHQ--j9k-pZqu7TddHepg2fio6xHzgZUVuMltx9QYURRQjhBFA==
beagle.jpg
img.buzzfeed.com/buzzfeed-static/static/avatars/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.buzzfeed.com/buzzfeed-static/static/avatars/beagle.jpg
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
377c8f32cae6c35e53db18ca8393c34d158aa25838fd191527336c3f71d93f21

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
czdRLSgPGXPjA.dE64ir.vnxQ7JSYcBs
via
1.1 varnish, 1.1 varnish
etag
"f1f7325a684057f4f696521311f22571"
age
2459570
x-cache
HIT, HIT
x-amz-replication-status
COMPLETED
content-length
3031
x-amz-id-2
9jWC+qBNwJG4OpTrp4LyECHs/K3NgwIoCongH715kYCf84ocSyD3eekLHJG6n0pvwW3/zgx7ykphnemFtN6PiA==
x-served-by
cache-iad-kjyo7100157-IAD, cache-yul12823-YUL
timing-allow-origin
*
last-modified
Tue, 25 Jun 2019 15:59:52 GMT
server
AmazonS3
x-timer
S1645043056.282179,VS0,VE0
date
Wed, 16 Feb 2022 20:24:16 GMT
x-amz-request-id
Z546B22W6DME1015
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 48
tabby.jpg
img.buzzfeed.com/buzzfeed-static/static/avatars/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.buzzfeed.com/buzzfeed-static/static/avatars/tabby.jpg
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
59d12d17ce216c478913590ef1d7cc3ea1fa95420fec3df6b97fc233c76f3bdb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
XUj6M0IvxKz4aKnw3lgUwmYMpFPJ6pre
via
1.1 varnish, 1.1 varnish
etag
"df186cec39754e99659ff3201de71237"
age
5923797
x-cache
HIT, HIT
x-amz-replication-status
COMPLETED
content-length
2627
x-amz-id-2
RcF8fIl+4yT6DH5MCGMptt31jz9N5OJTQe9tezRWYYsqxi+HunYXxt+yxGArh6SME7VOhxCbqJw=
x-served-by
cache-bwi5135-BWI, cache-yul12823-YUL
timing-allow-origin
*
last-modified
Tue, 25 Jun 2019 15:59:53 GMT
server
AmazonS3
x-timer
S1645043056.282278,VS0,VE0
date
Wed, 16 Feb 2022 20:24:16 GMT
x-amz-request-id
XSX5MWEAB6CJRB4Y
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 194
b6hGxWUdF.jpg
img.buzzfeed.com/buzzfeed-static/static/user_images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.buzzfeed.com/buzzfeed-static/static/user_images/b6hGxWUdF.jpg?output-format=jpg&crop=500%3A500%3B0%2C54
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
FastlyIO /
Resource Hash
24f0bcb8a4b959ef654784359129e617a912fd8ea5c8b41b0bd7f2c1c1439b20

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
RW4W2XpRvXNZlqM4X11r_MwORIlbdrst
via
1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"EwrBDVResBckebrSykiN6rJnsVvRISgCp0lUG9OBR2M"
age
1084559
x-cache
HIT, HIT, HIT
fastly-io-info
ifsz=803070 idim=500x666 ifmt=png ofsz=55257 odim=500x500 ofmt=jpeg
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
55257
x-amz-id-2
kaadqvCszWu4uq/0BpPo5M6WotfUa903XJ/DKLrGoDehVqA0V6+pNzH14fbR0jtblV6tCZPAcC8=
x-served-by
cache-iad-kjyo7100131-IAD, cache-iad-kiad7000110-IAD, cache-yul12823-YUL
timing-allow-origin
*
server
FastlyIO
x-timer
S1645043056.282932,VS0,VE0
date
Wed, 16 Feb 2022 20:24:16 GMT
x-amz-request-id
5XQG0553A17H8VD0
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1, 2
ProximaNova-Bold-webfont.75d8bdea138d92fa6817a023431dae5b.woff2
www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/media/ProximaNova-Bold-webfont.75d8bdea138d92fa6817a023431dae5b.woff2
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d0e92c6844d02323ba258e3d5d41307cced37b825c3d6292fc3e0c314708ad2

Request headers

Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Origin
https://www.buzzfeednews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
age
34834
x-guploader-uploadid
ADPycdv97G875bHASYGFCwc2PgOMaU6O-YMAfadlx9fatY0xf-hsABxMhjt2br7IAsxMCZNZpkj72BDQZKIeoYEp_e8rLy-ylQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
19784
x-request-id
3dc10f36323334ab1aeead042ad80ce6
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static-assets/bf-bpage-ui/_next/static/media/ProximaNova-Bold-webfont.75d8bdea138d92fa6817a023431dae5b.woff2
last-modified
Wed, 02 Feb 2022 12:17:27 GMT
x-timer
S1645043056.288565,VS0,VE0
etag
"e158c358d666d6ce173707c7dfa9fa1b"
vary
Accept-Encoding
x-goog-hash
crc32c=eD4crg==, md5=4VjDWNZm1s4XNwfH36n6Gw==
content-type
font/woff2
x-goog-generation
1643742960644639
expires
Thu, 02 Feb 2023 12:23:18 GMT
cache-control
max-age=31536000,immutable
x-goog-stored-content-length
19784
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
168
ads.js
www.buzzfeed.com/static/js/ad-detection/ 		104 B
571 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeed.com/static/js/ad-detection/ads.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b35cfe8d093a9cbccaca5987fe6bd77600d53a2e5b371564ae7aa02017b91ba0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
content-encoding
br
age
93097
x-cache
HIT
strict-transport-security
max-age=31536000; preload
content-length
82
x-request-id
61bc30bcff384326f6a0c0d935c100f3
x-served-by
cache-yul12823-YUL
last-modified
Mon, 07 Feb 2022 19:31:01 GMT
x-timer
S1645043056.307406,VS0,VE0
x-frame-options
SAMEORIGIN
etag
W/"62017375-68"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8214
/
ct.pinterest.com/v3/ 		35 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2615790681679&ov=%7B%22page_name%22%3A%22article%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%22%2C%22page_category%22%3A%22usnews%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1645043056320
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.251.243 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-251-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:16 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.8723df17.1645043056.26cda091
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
content-length
35
x-pinterest-rid
1433565301276149
expires
Sat, 01 Jan 2000 00:00:00 GMT
events
pixiedust.buzzfeed.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pixiedust.buzzfeed.com/events
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.40.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-40-137.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
pubads_impl_2022021001.js
securepubads.g.doubleclick.net/gpt/ 		358 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 08:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42355
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122668
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:35:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Feb 2023 08:38:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		112 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.buzzfeednews.com
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
d2c36fc71d6efc7b24236ccb3d8cfaa96d1c312d8ea7e3126b7debbb2b51a5fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 20:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97
x-xss-protection
0
expires
Wed, 16 Feb 2022 20:24:16 GMT
scevent.min.js
sc-static.net/ Frame B3F1 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=32a4892a-7a98-44df-b23b-7ed05a1b1f6f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.240.249 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-240-249.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
af3f350dca72e0309a29b508ce47c6a81588c1f1c4925407a397c53163d541b9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tr.snapchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:03:16 GMT
content-encoding
gzip
server
CloudFront
age
1260
etag
0d6e407936704bd380072f5891d28b0e
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
EWR53-P1
access-control-allow-headers
Content-Type
content-length
6261
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
x-amz-cf-id
wpO6pfdCnISIwLMUElJI0YPts2VgvZOLBgV4lhJnwvikrt2mwrFDCw==
v3
js.stripe.com/ 		278 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: elements.widget.shopbonsai.ca
URL: https://elements.widget.shopbonsai.ca/163.8854ad1165fa128a886b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5c52d7ed049f9f7d6310d7c76f3ee9f54b133b5b5e91405c4b26599e006f2b28
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
32
x-cache
HIT
content-length
67960
etag
"e21265763ce8b4e7780a43e6148a1517"
x-request-id
e76804c0-ab81-4f56-83ac-54405f1fa754
x-served-by
cache-yul12829-YUL
access-control-allow-origin
*
last-modified
Wed, 16 Feb 2022 19:27:21 GMT
server
Fastly
date
Wed, 16 Feb 2022 20:24:16 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
41
dynamic.5d3ec67f8027f6781d62.js
elements.widget.shopbonsai.ca/ 		1 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://elements.widget.shopbonsai.ca/dynamic.5d3ec67f8027f6781d62.js
Requested by
Host: elements.widget.shopbonsai.ca
URL: https://elements.widget.shopbonsai.ca/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.70.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
128.70.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0b2dbff9395fc956aa6e4fb273fae27e233256fb02380540ce561077b508c3b2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:24:34 GMT
content-encoding
gzip
age
10782
x-guploader-uploadid
ADPycdtJHbZSsT4IlpeYVO1O4mP2ZiTAlf5mg96DhWThv5xmDdwki8tfnkSzzAtRDPC14NxzNxS6fwSYAIyXwo7zYtg9PAU0sw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
756
access-control-allow-origin
*
last-modified
Mon, 14 Feb 2022 17:43:37 GMT
server
UploadServer
cache-control
public,max-age=3600,no-transform
etag
"02cb80d4763d1de9d91dd30b553efa3c"
x-goog-hash
crc32c=HfFkFQ==, md5=AsuA1HY9HenZHdMLVT76PA==
x-cache-id
YUL-62c5aa93
x-goog-generation
1644860616969844
access-control-expose-headers
*
x-cache-hit
hit
x-goog-stored-content-length
756
accept-ranges
bytes
content-type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=0020946b84687eadc69ca9e8c97ade0b3c,0050b4bef1fd7acac4dc0283f3f481f712,005d5f7b766c31c50fc3ca08b979ce5414,00f5f52824d6816e28152720d667c7faf7&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&optOut=false&bust=029402888396016036
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:16 GMT
Cache-Control
no-cache
X-TraceId
a9f51e0e0fcf38dad911f8fc27dc1a7f
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
events
pixiedust.buzzfeed.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pixiedust.buzzfeed.com/events
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.40.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-40-137.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ckbqtjlm6000001mmda32hpje
api.widget.shopbonsai.ca/publishers/ 		449 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.widget.shopbonsai.ca/publishers/ckbqtjlm6000001mmda32hpje
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.238.176.72 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.176.238.35.bc.googleusercontent.com
Software
/
Resource Hash
14070d68f42e59c4eb8fb31fdbba14cbbc20b7d4e51a45484b62ce593b5234c6
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

publisherid
ckbqtjlm6000001mmda32hpje
Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
date
Wed, 16 Feb 2022 20:24:16 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
449
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
etag
W/"1c1-rEaGZfnyR/yJX17/5NQJEPUY7H0"
expect-ct
max-age=0
credentials
include
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
ckbqtjlm6000001mmda32hpje
api.widget.shopbonsai.ca/publishers/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.widget.shopbonsai.ca/publishers/ckbqtjlm6000001mmda32hpje
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.238.176.72 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.176.238.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,publisherid
Origin
https://www.buzzfeednews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
content-length
0
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15724800; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type,publisherid
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		193 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P77672CB5-D3F4-4EBC-8161-08175209A620.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
cMRN_04lvqSJdvtl7TZbazXb3VGsS_cB
content-encoding
gzip
etag
W/"711241d99f4dbd99c7bef0f79ce85582"
last-modified
Mon, 29 Nov 2021 14:37:17 GMT
server
AmazonS3
age
2392
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 16 Feb 2022 19:44:25 GMT
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
WPBwm5GJUAtT04oiQ_iZJtKygsFaANpJxaXXQxBFqssUsaWEXbsPLA==
cmp2.js
quantcast.mgr.consensu.org/tcfv2/38/ 		179 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/38/cmp2.js?referer=www.buzzfeednews.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/3aud4J6uA4Z6Y/www.buzzfeednews.com/choice.js?timestamp=1645043056273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:1c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99d3a35cb295c4056ab352e9c427bc40b90a30cedfa64fe1b0f4bc9fff48701a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
content-encoding
br
age
44
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Thu, 06 Jan 2022 15:09:25 GMT
server
AmazonS3
etag
W/"694be8ab82732569410ab9ccf6e2061e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
I-CDwMDUn3mqYRgdG0DFMh5_bpqw5I4TrA3Q2BfibEfY1fK4TNSXzg==
p
tr.snapchat.com/cm/ Frame 55DA
Redirect Chain
  • https://tr.snapchat.com/cm/s?bt=__LIVE__&pnid=140&cb=1645043056500
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1644987781024%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1644987781024%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1644987781024&pnid=140&pcid=df384afa-93cd-4cba-889a-7302d9cbf2a5
0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/p?rand=1644987781024&pnid=140&pcid=df384afa-93cd-4cba-889a-7302d9cbf2a5
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tr.snapchat.com/

Response headers

server
nginx/1.19.6
date
Wed, 16 Feb 2022 20:24:16 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date
Wed, 16 Feb 2022 20:24:16 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://tr.snapchat.com/cm/p?rand=1644987781024&pnid=140&pcid=df384afa-93cd-4cba-889a-7302d9cbf2a5
content-length
0
via
1.1 google
alt-svc
clear
prebid.js
www.buzzfeednews.com/static/js/advertiser/ 		286 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static/js/advertiser/prebid.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7406d055c6cbe99296f74caa400c20433130a7b4e8111989f7166d7e6616dbb1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
content-encoding
gzip
age
93096
x-cache
HIT
content-length
89171
x-request-id
9e7715e3f6f79691c483d34d47641a5b
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static/js/advertiser/prebid.js
last-modified
Mon, 07 Feb 2022 19:31:01 GMT
x-timer
S1645043057.526773,VS0,VE0
etag
"62017375-47988"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
881
amazon.js
www.buzzfeednews.com/static/js/advertiser/ 		441 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buzzfeednews.com/static/js/advertiser/amazon.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d72c05fc51131fa5df04cae72a43ef21dc1f47490cb90d57a640b552e836c19

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
content-encoding
gzip
age
93096
x-cache
HIT
content-length
313
x-request-id
9aef0b8d1fb79fe977331071944fe596
x-served-by
cache-yul12823-YUL
x-bf-cdn-url
/static/js/advertiser/amazon.js
last-modified
Mon, 07 Feb 2022 19:31:01 GMT
x-timer
S1645043057.527766,VS0,VE0
etag
"62017375-1b9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
880
op.js
tagan.adlightning.com/buzzfeed/ 		44 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/buzzfeed/op.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-87.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66340ed6d754898f2d76ddd8bb51743d46e43abb4b8a754f5ca25ba7d7362e73

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 19:31:12 GMT
content-encoding
gzip
age
3185
x-cache
Hit from cloudfront
content-length
18548
x-amz-meta-git_commit
7b120a5
last-modified
Wed, 16 Feb 2022 16:26:37 GMT
server
AmazonS3
etag
"0160e79a567ed1c44850b4bf1e38e113"
x-amz-version-id
d6.R3.zerIaOVTfYPj9kINMorDkoHw_u
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
mQngHFT2C9qs3H8hbpRDECYggSS0MJeJxJKc-K2YeVaWzMt_fv3QYA==
scroll.js
static.scroll.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.scroll.com/js/scroll.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ee14cb5ce7f59fb3240804e38e3f3a91410e06e5b9db9a06896b13d43b35450d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
content-encoding
gzip
age
2184
x-guploader-uploadid
ADPycdtdtFDJ3-45Nad4yl75yzSl9eHLFJ2NhBuoEAB8vgH4km2vxWtdkZ3Q8qmZVu4_3_Yhk-KfkQvfcQWdYumpWcVPeCg_NA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
6179
x-served-by
cache-yul12824-YUL
last-modified
Thu, 10 Feb 2022 20:41:36 GMT
server
UploadServer
x-timer
S1645043057.569424,VS0,VE0
etag
"f20f2951c04539ed9ce875f6a479938e"
vary
Origin
x-goog-hash
crc32c=rbs4SA==, md5=8g8pUcBFOe2c6HX2pHmTjg==
x-goog-generation
1644525696132501
via
1.1 varnish
expires
Mon, 14 Feb 2022 19:47:51 GMT
cache-control
public, max-age=0, s-maxage=86400
access-control-allow-credentials
true
x-goog-stored-content-length
6179
accept-ranges
bytes
content-type
application/javascript
x-scrolljs
3
x-cache-hits
1281
f3f6f6d4-5473-43ad-90c6-b1e558305efe
bas.buzzfeed.com/v1/users/ 		0
0
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 0B68 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

content-type
text/html
date
Wed, 16 Feb 2022 19:55:58 GMT
last-modified
Mon, 29 Nov 2021 14:37:17 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
x-amz-server-side-encryption
AES256
cache-control
max-age=86400
x-amz-version-id
IljONPHQ882rCgbxybbkGTEVB8TZxE7m
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
6d22tE1J6sQ-rAfVAVUmsVb1GF6DHFPQnXrYz3xSOfQnNJTyumadJg==
age
1699
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static/js/advertiser/amazon.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
238a7b88a5b7237a3fde744d5b7a0d8deafbe118e52453771e9e1872cac1b41f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
_sJxGhvCZeE1QDAzTxsPGF.D7a87Nyvk
content-encoding
gzip
etag
f1657332112584c2a291a2c0cf3f7f54
age
10002
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0TFM074HJEMBPGQJZZGA
date
Wed, 16 Feb 2022 17:37:38 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
uknE3fiJuRsNeewimeCky8lEdGYpzAninlyoSMCRd6LiCogRw3oOPQ==
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.buzzfeednews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.buzzfeednews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.buzzfeednews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
b-7b120a5-f6b516c6.js
tagan.adlightning.com/buzzfeed/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-87.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e8ef8ad4b51e6b8ab3e5e2e41d9c3d1a25fbf6397f08f326ebccf1dbf27485

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:56:30 GMT
content-encoding
gzip
age
440867
x-cache
Hit from cloudfront
content-length
28229
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 09 Aug 2021 17:02:25 GMT
server
AmazonS3
etag
"e868e92eca7ee7766a0ebca2380ca015"
x-amz-version-id
Cqc2qgliFPxFRwsBM8Vp7NrEAvzd4wi.
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
0eyY_vX3Td9gkVpFQeJp9nhz1x-wklX8SJEGccRVwsw5BcOWKnvvRw==
bl-8d5d585-988ebaab.js
tagan.adlightning.com/buzzfeed/ 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/buzzfeed/bl-8d5d585-988ebaab.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-87.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5e263f1cce4e24e66cce27409573e496bd332475b470bc41893c0097df0b78e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 16:31:11 GMT
content-encoding
gzip
age
13986
x-cache
Hit from cloudfront
content-length
23420
x-amz-meta-git_commit
8d5d585
last-modified
Wed, 16 Feb 2022 16:25:42 GMT
server
AmazonS3
etag
"a782f09f548f94de7b57153bbf8b6f76"
x-amz-version-id
Q4Q2qDOufYFC851aLkUUAFFw1Ba3rAXQ
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
EX8Bz_D3ogaJulnAZBaje8GGPl4ODPIjF7E7lCxHmHgYI-UP9Jqk5w==
pub.304459.min.js
www.dwin2.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin2.com/pub.304459.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:de00:f:1dcc:7540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c765136a1e8dba67e0f61ab5aa4d4249a6d6ec97d4cd03e4621900fac15edd5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
br
last-modified
Thu, 03 Feb 2022 12:18:46 GMT
server
AmazonS3
age
441
etag
W/"eaddc0cde303c1df09851c4408bfc346"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
cache-control
max-age=600
date
Wed, 16 Feb 2022 20:16:56 GMT
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
DMri8g4Bho_a-n3hBTf-DYqyd0RZMZbf02eLNkUmF-yoE5nnzgfRwg==
bid-request
a.teads.tv/hb/ 		16 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.173.61 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-173-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:16 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.buzzfeednews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 16 Feb 2022 20:24:16 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		416 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13062&site_id=327022&zone_id=1702154&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&tg_i.cms_tags=breaking_team%2Ccourt%2Cprince_andrew%2Csettlement%2Cvirginia_giuffre&tg_i.section=news&tg_i.pbadslot=%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fsidebar1-bp&tk_flint=pbjs_lite_v6.4.0&x_source.tid=ac18885e-673e-48e3-8741-98e07267440c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fsidebar1-bp&slots=1&rand=0.16953671064362674
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
56bb26b7fea2eee85c2343ff3a0509d7991f95e3d94f9d8ad6227be51abdfc8f

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:16 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.buzzfeednews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
416
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
krk.kargo.com/api/v2/ 		2 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%223f79ba92-5cc3-4d01-8162-4a6f8898a608%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A1000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1645043056744%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%226ccfb0b8045c8e%22%3A%22_cQCHVvH7EC%22%7D%2C%22bidSizes%22%3A%7B%226ccfb0b8045c8e%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_cQCHVvH7EC%22%7D%2C%22uspConsent%22%3Anull%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fsidebar1-bp%22%7D%2C%22pbadslot%22%3A%22%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fsidebar1-bp%22%7D%2C%22gpid%22%3A%22%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fsidebar1-bp%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-1301%22%2C%22transactionId%22%3A%22ac18885e-673e-48e3-8741-98e07267440c%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%226ccfb0b8045c8e%22%2C%22bidderRequestId%22%3A%22596244df504779%22%2C%22auctionId%22%3A%22fd68daa1-50f1-422f-8061-acb5f3c237b1%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.147.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-147-57.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.buzzfeednews.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
prebid
ib.adnxs.com/ut/v3/ 		22 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.123 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
562.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
39a5afdd67e127ea78c2fd5799e619730d811aca742f77a289a580ae89730ff3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Feb 2022 20:24:16 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 562.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7e362117-45fa-48ea-9096-58860684b2f6
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.buzzfeednews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9337d637fee165c56f18e911ee36fae9a205070c384888d4546365686993d846

Request headers

Referer
https://www.buzzfeednews.com/
x-openrtb-version
2.5
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-credentials
true
content-length
66
hbjson
grid.bidswitch.net/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.buzzfeednews.com
Date
Wed, 16 Feb 2022 20:24:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Server
nginx
Connection
keep-alive
cygnus
htlb.casalemedia.com/ 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=506164&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213b8c8dbf848fba%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cms_tags%22%3A%5B%22breaking_team%22%2C%22court%22%2C%22prince_andrew%22%2C%22settlement%22%2C%22virginia_giuffre%22%5D%2C%22section%22%3A%5B%22news%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.4.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221468f8856b3e0c8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22506164%22%2C%22dfp_ad_unit_code%22%3A%22%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fsidebar1-bp%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22508950%22%2C%22dfp_ad_unit_code%22%3A%22%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fsidebar1-bp%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22506164%22%2C%22dfp_ad_unit_code%22%3A%22%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fsidebar1-bp%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fsidebar1-bp%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.229.102 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-229-102.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dd1e4f3c15ab5a94ab5e75430b6dfe462d4b29a26a2d1c4786410fbfd168ec9b

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:16 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.181], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.buzzfeednews.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Wed, 16 Feb 2022 20:24:16 GMT
bid-request
a.teads.tv/hb/ 		16 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.173.61 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-173-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:16 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.buzzfeednews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 16 Feb 2022 20:24:16 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		429 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13062&site_id=327022&zone_id=1702152&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&tg_i.cms_tags=breaking_team%2Ccourt%2Cprince_andrew%2Csettlement%2Cvirginia_giuffre&tg_i.section=news&tg_i.pbadslot=%2F6556%2Fbfnews.awareness.desktop%2Fen%2Fnews%2Fawareness-bp&tk_flint=pbjs_lite_v6.4.0&x_source.tid=e89d5aea-a4c2-47fd-a817-2d80c187386b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6556%2Fbfnews.awareness.desktop%2Fen%2Fnews%2Fawareness-bp&slots=1&rand=0.009177316835719873
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f36fdd855922da4c881741e13f2bc62785b9243b3ea7f7d4d27f361317bed254

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:16 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.buzzfeednews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
429
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.123 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
562.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1f74e1662a6e10a62b8a171b430182228375912b5b95bb4dedb5125615b3e38a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:16 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 562.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
eb084e13-1f4e-47be-b5f6-fa0e90541e9f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.buzzfeednews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
dc235cac2323ee8828b2f31e716086dc03630116d97da63f3417b14a43b6a305

Request headers

Referer
https://www.buzzfeednews.com/
x-openrtb-version
2.5
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-credentials
true
content-length
66
hbjson
grid.bidswitch.net/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.buzzfeednews.com
Date
Wed, 16 Feb 2022 20:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Server
nginx
Connection
keep-alive
cygnus
htlb.casalemedia.com/ 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=506163&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22280f93db3220673%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cms_tags%22%3A%5B%22breaking_team%22%2C%22court%22%2C%22prince_andrew%22%2C%22settlement%22%2C%22virginia_giuffre%22%5D%2C%22section%22%3A%5B%22news%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.4.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2229f3c847f0c7ea5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22506163%22%2C%22dfp_ad_unit_code%22%3A%22%2F6556%2Fbfnews.awareness.desktop%2Fen%2Fnews%2Fawareness-bp%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22506163%22%2C%22dfp_ad_unit_code%22%3A%22%2F6556%2Fbfnews.awareness.desktop%2Fen%2Fnews%2Fawareness-bp%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22506163%22%2C%22dfp_ad_unit_code%22%3A%22%2F6556%2Fbfnews.awareness.desktop%2Fen%2Fnews%2Fawareness-bp%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6556%2Fbfnews.awareness.desktop%2Fen%2Fnews%2Fawareness-bp%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.229.102 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-229-102.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
975c88b361c1fba8131773f3f21b5846fcb5fd14be3cdcb24e8ee4acf02dee3d

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:16 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.181], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.buzzfeednews.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Wed, 16 Feb 2022 20:24:16 GMT
bid-request
a.teads.tv/hb/ 		16 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.173.61 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-173-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:16 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.buzzfeednews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 16 Feb 2022 20:24:16 GMT
auction
tlx.3lift.com/header/ 		19 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.4.0&referrer=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&tmax=1000
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.143.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-143-115.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:16 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.buzzfeednews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		397 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13062&site_id=327022&zone_id=1702156&size_id=2&p_pos=atf&rf=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&tg_i.cms_tags=breaking_team%2Ccourt%2Cprince_andrew%2Csettlement%2Cvirginia_giuffre&tg_i.section=news&tg_i.pbadslot=%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fpromo-inline1&tk_flint=pbjs_lite_v6.4.0&x_source.tid=d91b0bcc-0895-4d7f-b3fc-954d8c51f9d1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fpromo-inline1&slots=1&rand=0.8550365780362335
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d79b05728822038259f59d5da8281d803c712650422122f13c7ee27fb97e06e3

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.buzzfeednews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
397
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		20 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.123 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
562.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
67d61728a5c9a135b181883feeadf72026cea20f247eb15e98d5ab83c672cf99
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 562.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
852f2c72-ddf8-40ab-8fbf-d8a7d050f4c3
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.buzzfeednews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
728ebd85302b4cc99e9cc7c4aa892f023604cc1ff17c82c734c62dfb7782c841

Request headers

Referer
https://www.buzzfeednews.com/
x-openrtb-version
2.5
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-credentials
true
content-length
66
hbjson
grid.bidswitch.net/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.buzzfeednews.com
Date
Wed, 16 Feb 2022 20:24:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Server
nginx
Connection
keep-alive
cygnus
htlb.casalemedia.com/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=506165&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2244e96c1e834f545%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cms_tags%22%3A%5B%22breaking_team%22%2C%22court%22%2C%22prince_andrew%22%2C%22settlement%22%2C%22virginia_giuffre%22%5D%2C%22section%22%3A%5B%22news%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.4.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22454cff0f697a532%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22506165%22%2C%22dfp_ad_unit_code%22%3A%22%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fpromo-inline1%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fpromo-inline1%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.229.102 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-229-102.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fd323922eddc0b7e7903cb2b8722cc426c40c7a8bd3431f9080d09da0f20e3f5

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:16 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.181], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.buzzfeednews.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
6499
x-ak-client-geo
19
expires
Wed, 16 Feb 2022 20:24:16 GMT
pixel;r=284615760;labels=Section.USNews.ellievhall.prince-andrew-virginia-giuffre-settlement;rf=3;a=p-3aud4J6uA4Z6Y;url=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-vir...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=284615760;labels=Section.USNews.ellievhall.prince-andrew-virginia-giuffre-settlement;rf=3;a=p-3aud4J6uA4Z6Y;url=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list;uht=2;fpan=1;fpa=P0-1424883153-1645043056166;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;us_privacy=1---;ref=;d=buzzfeednews.com;je=0;sr=1600x1200x24;dst=0;et=1645043056166;tzo=0;ogl=url.https%3A%2F%2Fwww%252Ebuzzfeednews%252Ecom%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-s%2Csite_name.BuzzFeed%20News%2Cimage.https%3A%2F%2Fimg%252Ebuzzfeed%252Ecom%2Fbuzzfeed-static%2Fstatic%2F2022-02%2F15%2F21%2Fcampaign_images%2F2e%2Cimage%3Aalt.%2Ctitle.Prince%20Andrew%20Has%20Reached%20A%20Settlement%20In%20His%20Sex%20Abuse%20Case%20With%20Jeffrey%20Epstei%2Cdescription.The%20amount%20of%20the%20settlement%20has%20not%20been%20disclosed%252E%2Ctype.article
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.195 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=15175278;event=rule;labels=tags.breaking%20team%2Ctags.court%2Ctags.Prince%20Andrew%2Ctags.settlement%2Ctags.Virginia%20Giuffre%2Ctags.breaking%20team%2Ctags.court%2Ctags.Prince%20Andrew%2C...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=15175278;event=rule;labels=tags.breaking%20team%2Ctags.court%2Ctags.Prince%20Andrew%2Ctags.settlement%2Ctags.Virginia%20Giuffre%2Ctags.breaking%20team%2Ctags.court%2Ctags.Prince%20Andrew%2Ctags.settlement%2Ctags.Virginia%20Giuffre%2CTotal%20Newsletter%20Subscribers.Incoming%2CBuzzfeed%20News.Title.Prince%20Andrew%20Has%20Reached%20A%20Settlement%20In%20His%20Sex%20Abuse%20Case%20With%20Jeffrey%20Epstein%20Victim%20Virginia%20Giuffre%2CCategory.USNews%2CAuthor.Ellie%20Hall%2CBuzzID.6160827;rf=0;a=p-3aud4J6uA4Z6Y;url=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list;uht=2;fpan=0;fpa=P0-1424883153-1645043056166;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;us_privacy=1---;ref=;d=buzzfeednews.com;je=0;sr=1600x1200x24;dst=0;et=1645043056462;tzo=0;ogl=url.https%3A%2F%2Fwww%252Ebuzzfeednews%252Ecom%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-s%2Csite_name.BuzzFeed%20News%2Cimage.https%3A%2F%2Fimg%252Ebuzzfeed%252Ecom%2Fbuzzfeed-static%2Fstatic%2F2022-02%2F15%2F21%2Fcampaign_images%2F2e%2Cimage%3Aalt.%2Ctitle.Prince%20Andrew%20Has%20Reached%20A%20Settlement%20In%20His%20Sex%20Abuse%20Case%20With%20Jeffrey%20Epstei%2Cdescription.The%20amount%20of%20the%20settlement%20has%20not%20been%20disclosed%252E%2Ctype.article
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.195 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
api.amplitude.com/ 		7 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.1.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-1-59.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 20:24:17 GMT
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
config
c.amazon-adsystem.com/cdn/prod/ 		57 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3713&u=https%3A%2F%2Fwww.buzzfeednews.com
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 16:27:48 GMT
via
1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server
Server
age
14187
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.buzzfeednews.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR53-P1
content-length
57
x-amz-cf-id
QfPm9YMk_CTTjJuRkKSCwylrjbtWNyexNywyeW5gtEnG2NetqRHvQA==
bid
c.amazon-adsystem.com/e/dtb/ 		248 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3713&u=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&pid=Xwp2K4AS7kuSH&cb=0&ws=1600x1200&v=7.73.0&t=800&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fpixel%22%7D%5D&pj=%7B%22cms_tags%22%3A%5B%22breaking_team%22%2C%22court%22%2C%22prince_andrew%22%2C%22settlement%22%2C%22virginia_giuffre%22%5D%2C%22section%22%3A%5B%22news%22%5D%2C%22si_section%22%3A%22News%22%2C%22us_privacy%22%3A%221---%22%7D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A50%7D
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
3b881e30c716a68c7c8da68353acedc954785313420f4ccdff520cfc825673bd
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:16 GMT
via
1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-P1
x-amz-rid
Y1GWYMH26RN2VBQ4G6RP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
248
x-amz-cf-id
zJDjnZxVfVeBnG4pzf4ZWG77gqUbmtQrYuwPxu65byQHk462iHhyHw==
bid
c.amazon-adsystem.com/e/dtb/ 		248 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3713&u=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&pid=Xwp2K4AS7kuSH&cb=1&ws=1600x1200&v=7.73.0&t=800&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1301%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fsidebar1-bp%22%7D%5D&pj=%7B%22cms_tags%22%3A%5B%22breaking_team%22%2C%22court%22%2C%22prince_andrew%22%2C%22settlement%22%2C%22virginia_giuffre%22%5D%2C%22section%22%3A%5B%22news%22%5D%2C%22si_section%22%3A%22News%22%2C%22us_privacy%22%3A%221---%22%7D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A50%7D
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
5f4866f0e3717fb6ab8886504a51f5e596b87b04bb088629a0c071d1ea32afb6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-P1
x-amz-rid
17DJ5ZRKD1H7AZC82635
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
248
x-amz-cf-id
_Ajl0mpXfC_5V3T3suP0j5jK9tQcCo_QJa-TwRcact5AaHnhN2AWUQ==
bid
c.amazon-adsystem.com/e/dtb/ 		248 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3713&u=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&pid=Xwp2K4AS7kuSH&cb=2&ws=1600x1200&v=7.73.0&t=800&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-42%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F6556%2Fbfnews.awareness.desktop%2Fen%2Fnews%2Fawareness-bp%22%7D%5D&pj=%7B%22cms_tags%22%3A%5B%22breaking_team%22%2C%22court%22%2C%22prince_andrew%22%2C%22settlement%22%2C%22virginia_giuffre%22%5D%2C%22section%22%3A%5B%22news%22%5D%2C%22si_section%22%3A%22News%22%2C%22us_privacy%22%3A%221---%22%7D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A50%7D
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
8b8f4879c2a0d5f126342a7d1f6c3e0b328b6cd04d7f70c047e4bc31676879b3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-P1
x-amz-rid
095DTSH5398KTKP7H2E0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
248
x-amz-cf-id
4f9MP1rrIaZRdljnMuUOt77BKt4dFVB0D-jyRQsSzPoxDrAHAZJkQw==
bid
c.amazon-adsystem.com/e/dtb/ 		248 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3713&u=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&pid=Xwp2K4AS7kuSH&cb=3&ws=1600x1200&v=7.73.0&t=800&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-210%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F6556%2Fbfnews.desktop%2Fen%2Fnews%2Fpromo-inline1%22%7D%5D&pj=%7B%22cms_tags%22%3A%5B%22breaking_team%22%2C%22court%22%2C%22prince_andrew%22%2C%22settlement%22%2C%22virginia_giuffre%22%5D%2C%22section%22%3A%5B%22news%22%5D%2C%22si_section%22%3A%22News%22%2C%22us_privacy%22%3A%221---%22%7D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A50%7D
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
d5b5016a7cb5e80ae74f9964b8773a853690a32d1321ad4ee2f26632ca67f308
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-P1
x-amz-rid
YWRAENWWWM3NAX5805HV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
248
x-amz-cf-id
7N5I9zBuW1T9PjbEI5Z8Z2cAxNtR6NsYCxApDqwU7zj5tb-gDg6Rew==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
8706
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Wed, 16 Feb 2022 17:59:11 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
V4VyO8R-oLVGjV-fqkY5wyEqvfA7s-PiXVt31G4UB9SjERVexcGc_A==
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.buzzfeednews.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 20:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.buzzfeednews.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 20:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.52
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
RfA1vg8phTRIztAqWvtm4yifQWdY8S79sQBwtDkuZg0UF6BjqPd6RbiEJPWrEk9Jil8kDb9eWJz853AXbo0j7A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 16 Feb 2022 20:24:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
260954170738952
connect.facebook.net/signals/config/ 		496 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/260954170738952?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4c742c4f4f0d514c824d52954779b38d7284ad5ace5edba5c267035a37f5c6f2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
148308
x-xss-protection
0
pragma
public
x-fb-debug
PT4wBL9blu06Z1LjN175Z5pJBaq//Oo2Dh3pm2qSVEdOaqvkXbUNYNy0SJvcE2RnT9ZfWXuuxZnhV7N/GciWKQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 16 Feb 2022 20:24:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 0B68 		44 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P77672CB5-D3F4-4EBC-8161-08175209A620&sessionId=og1bgxveuvbfyzgatkv1gewjslblv1645043056&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.615&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.247.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-247-56.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
og1bgxveuvbfyzgatkv1gewjslblv1645043056.nuid.imrworldwide.com/ Frame 0B68 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://og1bgxveuvbfyzgatkv1gewjslblv1645043056.nuid.imrworldwide.com/
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:200:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 00:19:05 GMT
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
72313
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
35
x-amz-cf-id
-Fn9Sb1TImI-uyg34bDzZwG5uApIysxxTxtm3rhDfxQH8ysNJCnctg==
events
pixiedust.buzzfeed.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pixiedust.buzzfeed.com/events
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.40.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-40-137.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
iu3
s.amazon-adsystem.com/ Frame 5E72
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&dcc=t
329 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0e4c89e6082c9d40b6157c764105039b62783ebfbdae1bcf4d75b748ec6a83c3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

Server
Server
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
329
Connection
keep-alive
x-amz-rid
6Q2MPJZT3T6N2NYFBDN0
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
JRGBDZ8X40FCQE6RW108
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
ads
securepubads.g.doubleclick.net/gampad/ 		436 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3670350196294164&correlator=4435844141491538&output=ldjh&eid=31064910%2C31064868%2C44742767%2C44756895%2C44755509&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220216&iu_parts=6556%2Cbfnews.desktop%2Cen%2Cnews%2Cpixel&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&prev_scp=wid%3D0%26pos%3Dpixel%26zone3%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=abtest%3Dads_bid_cache%257Ctrue%252CADS-2026_bfo_mobile_sticky%257Cnull%252Ccommerce_ad_affiliate%257Ctop%252Ccommerce_ad_recirc%257Ctop%252Cinfinite_quiz%257Cnull%252CSITE-7528-TPAU_with_images%257Ccontrol%252Cads_mweb_quiz_promo-inline1%257Cnull%26pagetype%3DB%26dfp-keyword%3D%26creativeSet%3DD%26section%3Dnews%26cms_tag%3Dbreaking_team%252Ccourt%252Cprince_andrew%252Csettlement%252Cvirginia_giuffre%26destination%3Dbfnews%252Cbuzzfeednews%26cuid%3D7809942963%26cvid%3Dabb320e3-2d9a-481c-8c0e-67aa5fb96f01%26cpid%3D4a8393e0-e04f-43a8-bdd7-e718c8a5e823%26bfmono%3Dbpage_new%26fbvalopt_fbp%3D%26fbvalopt_fbc%3D%26fbvalopt_permid%3D%26bid%3D6160827%26user%3Dellievhall%26nbs%3D0%26nsfw%3D0%26sensitive%3D0%26trending%3D0%26tag%3D%26badges%3Dtheroyaltea%26brain_tags%3D%26ADRIZER_DEST%3D76924073b2bb242695a550ee142f1f08%26ADRIZER_SOURCE%3D36c343c45b34eee8967a6ce56ccdbe6b%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D23fd64370cf45129a39471e4bbd67e11&cookie_enabled=1&bc=31&abxe=1&dt=1645043057229&lmt=1645043057&dlt=1645043054493&idt=1992&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=2321287857&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=5x5&ga_vid=1526230868.1645043056&ga_sid=1645043057&ga_hid=384824094&ga_fc=true&fws=4&ohw=5&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
6ba3e5b047575a9950b8af65d886e5af717e3dde77f51da3f78c70ff1ab6fc11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
231
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.buzzfeednews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7B6E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 16 Feb 2022 20:24:17 GMT
expires
Thu, 16 Feb 2023 20:24:17 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
init.js
www.dwin2.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin2.com/init.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:de00:f:1dcc:7540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52fde6814d26601698a78c499c2e90268f3cde533d85c26e27fae6806012dff3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
br
last-modified
Wed, 16 Feb 2022 19:26:27 GMT
server
AmazonS3
age
452
etag
W/"b66654f3f730ca7e82c3d6a0d155590f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
cache-control
max-age=600
date
Wed, 16 Feb 2022 20:16:46 GMT
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
6-GcK7134PsoHFD6lKCloPMQrlTWzY9BktN0yAzsgPTlaJw5RHMpuA==
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3670350196294164&correlator=4435844141491538&output=ldjh&eid=31064910%2C31064868%2C44742767%2C44756895%2C44755509&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220216&iu_parts=6556%2Cbfnews.desktop%2Cen%2Cnews%2Cpromo-inline1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C728x90%7C5x5&fluid=height&prev_scp=wid%3D210%26pos%3Dpromo-inline1%26zone3%3Dnews%26amznbid%3D2%26amznp%3D2%26hb_rt_ix%3D401%26hb_rt_appnexus%3D420%26hb_format_ix%3Dbanner%26hb_size_ix%3D728x90%26hb_pb_ix%3D0.04%26hb_adid_ix%3D4867a586b75bac%26hb_bidder_ix%3Dix%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.03%26hb_adid_appnexus%3D5015f6b80d119dc%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.04%26hb_adid%3D4867a586b75bac%26hb_bidder%3Dix&eri=1&cust_params=abtest%3Dads_bid_cache%257Ctrue%252CADS-2026_bfo_mobile_sticky%257Cnull%252Ccommerce_ad_affiliate%257Ctop%252Ccommerce_ad_recirc%257Ctop%252Cinfinite_quiz%257Cnull%252CSITE-7528-TPAU_with_images%257Ccontrol%252Cads_mweb_quiz_promo-inline1%257Cnull%26pagetype%3DB%26dfp-keyword%3D%26creativeSet%3DD%26section%3Dnews%26cms_tag%3Dbreaking_team%252Ccourt%252Cprince_andrew%252Csettlement%252Cvirginia_giuffre%26destination%3Dbfnews%252Cbuzzfeednews%26cuid%3D7809942963%26cvid%3Dabb320e3-2d9a-481c-8c0e-67aa5fb96f01%26cpid%3D4a8393e0-e04f-43a8-bdd7-e718c8a5e823%26bfmono%3Dbpage_new%26fbvalopt_fbp%3D%26fbvalopt_fbc%3D%26fbvalopt_permid%3D%26bid%3D6160827%26user%3Dellievhall%26nbs%3D0%26nsfw%3D0%26sensitive%3D0%26trending%3D0%26tag%3D%26badges%3Dtheroyaltea%26brain_tags%3D%26ADRIZER_DEST%3D76924073b2bb242695a550ee142f1f08%26ADRIZER_SOURCE%3D36c343c45b34eee8967a6ce56ccdbe6b%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D23fd64370cf45129a39471e4bbd67e11&cookie_enabled=1&bc=31&abxe=1&dt=1645043057254&lmt=1645043057&dlt=1645043054493&idt=1992&frm=20&biw=1600&bih=1200&oid=2&adxs=217&adys=1435&adks=4212793159&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&vis=1&scr_x=0&scr_y=0&psz=728x250&msz=728x250&ga_vid=1526230868.1645043056&ga_sid=1645043057&ga_hid=384824094&ga_fc=true&fws=516&ohw=728&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
91dd97f0544944726873a60c8b73f167ab347968d8c73e17d60a1d9dd5ed0def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9209
x-xss-protection
0
google-lineitem-id
4706670853
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138236289402
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.buzzfeednews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		116 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3670350196294164&correlator=4435844141491538&output=ldjh&eid=31064910%2C31064868%2C44742767%2C44756895%2C44755509&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220216&iu_parts=6556%2Cbfnews.desktop%2Cen%2Cnews%2Csidebar1-bp&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=5x5%7C300x250%7C300x600&prev_scp=sidebarPage%3D1%26wid%3D1301%26pos%3Dsidebar1-bp%26zone3%3Dnews%26amznbid%3D2%26amznp%3D2%26hb_rt_appnexus%3D433%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D49e12e4a9863a68%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D49e12e4a9863a68%26hb_bidder%3Dappnexus&eri=1&cust_params=abtest%3Dads_bid_cache%257Ctrue%252CADS-2026_bfo_mobile_sticky%257Cnull%252Ccommerce_ad_affiliate%257Ctop%252Ccommerce_ad_recirc%257Ctop%252Cinfinite_quiz%257Cnull%252CSITE-7528-TPAU_with_images%257Ccontrol%252Cads_mweb_quiz_promo-inline1%257Cnull%26pagetype%3DB%26dfp-keyword%3D%26creativeSet%3DD%26section%3Dnews%26cms_tag%3Dbreaking_team%252Ccourt%252Cprince_andrew%252Csettlement%252Cvirginia_giuffre%26destination%3Dbfnews%252Cbuzzfeednews%26cuid%3D7809942963%26cvid%3Dabb320e3-2d9a-481c-8c0e-67aa5fb96f01%26cpid%3D4a8393e0-e04f-43a8-bdd7-e718c8a5e823%26bfmono%3Dbpage_new%26fbvalopt_fbp%3D%26fbvalopt_fbc%3D%26fbvalopt_permid%3D%26bid%3D6160827%26user%3Dellievhall%26nbs%3D0%26nsfw%3D0%26sensitive%3D0%26trending%3D0%26tag%3D%26badges%3Dtheroyaltea%26brain_tags%3D%26ADRIZER_DEST%3D76924073b2bb242695a550ee142f1f08%26ADRIZER_SOURCE%3D36c343c45b34eee8967a6ce56ccdbe6b%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D23fd64370cf45129a39471e4bbd67e11&cookie_enabled=1&bc=31&abxe=1&dt=1645043057260&lmt=1645043057&dlt=1645043054493&idt=1992&frm=20&biw=1600&bih=1200&oid=2&adxs=1033&adys=365&adks=1173126773&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&vis=1&scr_x=0&scr_y=0&psz=350x0&msz=350x0&ga_vid=1526230868.1645043056&ga_sid=1645043057&ga_hid=384824094&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
d1474ac69d57ced8ca73171aa546b9479f7bdd32848f5bb9874d94b24f7d6cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33583
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.buzzfeednews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3670350196294164&correlator=4435844141491538&output=ldjh&eid=31064910%2C31064868%2C44742767%2C44756895%2C44755509&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220216&iu_parts=6556%2Cbfnews.awareness.desktop%2Cen%2Cnews%2Cawareness-bp&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C5x5%7C970x90%7C728x90%7C970x250&fluid=height&prev_scp=wid%3D42%26pos%3Dawareness-bp%26zone3%3Dnews%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=abtest%3Dads_bid_cache%257Ctrue%252CADS-2026_bfo_mobile_sticky%257Cnull%252Ccommerce_ad_affiliate%257Ctop%252Ccommerce_ad_recirc%257Ctop%252Cinfinite_quiz%257Cnull%252CSITE-7528-TPAU_with_images%257Ccontrol%252Cads_mweb_quiz_promo-inline1%257Cnull%26pagetype%3DB%26dfp-keyword%3D%26creativeSet%3DD%26section%3Dnews%26cms_tag%3Dbreaking_team%252Ccourt%252Cprince_andrew%252Csettlement%252Cvirginia_giuffre%26destination%3Dbfnews%252Cbuzzfeednews%26cuid%3D7809942963%26cvid%3Dabb320e3-2d9a-481c-8c0e-67aa5fb96f01%26cpid%3D4a8393e0-e04f-43a8-bdd7-e718c8a5e823%26bfmono%3Dbpage_new%26fbvalopt_fbp%3D%26fbvalopt_fbc%3D%26fbvalopt_permid%3D%26bid%3D6160827%26user%3Dellievhall%26nbs%3D0%26nsfw%3D0%26sensitive%3D0%26trending%3D0%26tag%3D%26badges%3Dtheroyaltea%26brain_tags%3D%26ADRIZER_DEST%3D76924073b2bb242695a550ee142f1f08%26ADRIZER_SOURCE%3D36c343c45b34eee8967a6ce56ccdbe6b%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D23fd64370cf45129a39471e4bbd67e11&cookie_enabled=1&bc=31&abxe=1&dt=1645043057266&lmt=1645043057&dlt=1645043054493&idt=1992&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=1639429597&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=1526230868.1645043056&ga_sid=1645043057&ga_hid=384824094&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
89b55a72376820151b7e740283289ecaefd7def1a920fd7629f88e640d39f62c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12232
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.buzzfeednews.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
lantern_publisher_304459.js
lantern.roeyecdn.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lantern.roeyecdn.com/lantern_publisher_304459.js?&1645043057275
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4000:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb6ed7fe5867d786e7c9e9587a3cc01df051586962da80be341dd0da4b29fafc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
20qo0WbcR0KrD9ABX8ASI0XKoeqB3oyP
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 11:15:32 GMT
server
AmazonS3
age
81047
etag
"ffd0c8631db1a489a8e29b7c5589743d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 15 Feb 2022 21:53:32 GMT
x-amz-cf-pop
EWR53-P1
content-length
1330
x-amz-cf-id
qRZFBVDt27fBzv42l1SBmDSexUEVN5DTmqU-irfvB3nPrtBe8iu2OA==
events
fbcapi.buzzfeed.com/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fbcapi.buzzfeed.com/events
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.238.134.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-134-115.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.buzzfeednews.com
date
Wed, 16 Feb 2022 20:24:17 GMT
access-control-allow-credentials
true
vary
origin
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260954170738952&ev=PageView&dl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&rl=&if=false&ts=1645043057320&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645043057316.825303734&eid=ob3_plugin-set_7423c3d7c2df5483cf0a30095c4768e9169f74916c9cbce1064b50131a8ceb24&it=1645043057176&coo=false&dpo=&rqm=GET
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 16 Feb 2022 20:24:17 GMT
pr
s.amazon-adsystem.com/v3/ Frame 2DD4 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
82a69162121a9f19e52e121617453d1c255797460bb7f903a1c181536cd95266
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&dcc=t

Response headers

Server
Server
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
3218
Connection
keep-alive
x-amz-rid
8KRTH5SSG1JTWDVDFHCQ
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
events
pixiedust.buzzfeed.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pixiedust.buzzfeed.com/events
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.40.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-40-137.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ecm3
s.amazon-adsystem.com/ Frame 2DD4
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=28b0e443-ac70-4b50-9cfc-d5e50f499f01
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=28b0e443-ac70-4b50-9cfc-d5e50f499f01
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YM2GYKXFXS2Z4RSY6ACX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=28b0e443-ac70-4b50-9cfc-d5e50f499f01
Date
Wed, 16 Feb 2022 20:24:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
s.ad.smaato.net/c/ Frame 2DD4 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:3600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
569LzT6AEr8DcuqZoEzjPJgbnYHJ6uFw_wLMdqQYW2G35eq5IGyKrA==
x-cache
FunctionGeneratedResponse from cloudfront
ecm3
s.amazon-adsystem.com/ Frame 2DD4
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID&gdpr=0
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1h...
  • https://cs.emxdgt.com/umcheck?apnxid=5639511748561466636&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmV...
  • https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=5639511748561466636brt64381645043057522864a8
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=5639511748561466636brt64381645043057522864a8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
K96W9WMFYGTX45QFHA0D
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=5639511748561466636brt64381645043057522864a8
date
Wed, 16 Feb 2022 20:24:16 GMT
content-length
0
content-type
text/html
amzns2s
rtb.gumgum.com/usync/ Frame A115 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
74712b71eea9ca3f103b57a62a5b2da78af9e59883074036788839817bc37538

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-type
text/html;charset=UTF-8
server
nginx
etag
W/"0b5746cf59c702a3bf6669fd95c2f49f4"
timing-allow-origin
*
content-encoding
gzip
usermatch
ssum-sec.casalemedia.com/ Frame 2C1E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1423e319f58962f96f4c57e58e9621e900c96d2a1cfdf70f22ffb691d4520a65

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|39|241|40|10|105|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 16 Feb 2022 20:24:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Length
1506
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
335
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 16 Feb 2022 20:24:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Connection
keep-alive
cm
u.openx.net/w/1.0/ Frame E682
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
729 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
554af7a6f37306d9596b3232a22577b4a1779d1f491786029c1197da5a47819d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 16 Feb 2022 20:24:17 GMT
content-type
text/html
content-length
461
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
date
Wed, 16 Feb 2022 20:24:17 GMT
content-length
0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame A2BA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=districtm&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=5639511748561466636&ex=districtm&gdpr=0
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=5639511748561466636&ex=districtm&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
7ST2NE573KQF1S2PP05G
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=5639511748561466636&ex=districtm&gdpr=0
AN-X-Request-Uuid
70832ac8-a55a-45b5-9e26-51a875d0b06f
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 562.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame 48FB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=7190464996333120856
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=7190464996333120856
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
4P2P5HXTCQ8Z0A6PHR3Q
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
location
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=7190464996333120856
content-length
0
date
Wed, 16 Feb 2022 20:24:16 GMT
index.html
cdn.districtm.io/ids/ Frame 32F8
Redirect Chain
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D&gdpr=0
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D&gdpr=0
116 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-type
text/html
cf-ray
6de97fa57c1bcab0-YYZ
age
29762
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 69ee5c85b205257767e8ccfbec049a06.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
iDzD9oLkv5nvzURR_OFye908aUglemfpF-FTxvArVUsUC87-_m8LTg==
x-amz-cf-pop
YTO50-C3
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

date
Wed, 16 Feb 2022 20:24:17 GMT
location
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D&gdpr=0
cf-ray
6de97fa53bd2cab0-YYZ
cache-control
max-age=3600
expires
Wed, 16 Feb 2022 21:24:17 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
/
match.sharethrough.com/jwumXNuB/v1/ Frame D88A 		427 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.144.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-144-90.compute-1.amazonaws.com
Software
/
Resource Hash
3969aafa076888c24022efef76d4bfcc951cbc17432cf3e8a976917cc64bd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-length
427
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F448 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=71457
expires
Thu, 17 Feb 2022 16:15:14 GMT
date
Wed, 16 Feb 2022 20:24:17 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 99E6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Feb 2022 20:24:17 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 8396
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1kdTg3N2RsRTJ1S2JWUXZYOEtSZWJTbXVFdjg2am1xcH5B&gdpr=0&gdpr_consent=
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1kdTg3N2RsRTJ1S2JWUXZYOEtSZWJTbXVFdjg2am1xcH5B&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
P0HVBKY0PNMRY6CNTRV4
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1kdTg3N2RsRTJ1S2JWUXZYOEtSZWJTbXVFdjg2am1xcH5B&gdpr=0&gdpr_consent=
age
0
server
ATS/9.1.0.33
ecm3
s.amazon-adsystem.com/ Frame DAA3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=5639511748561466636&ex=appnexus.com&gdpr=0
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=5639511748561466636&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
XW2BZQQVFVP72NNDREG5
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=5639511748561466636&ex=appnexus.com&gdpr=0
AN-X-Request-Uuid
7b53363a-f8df-4ca7-976e-f39cb51fa45e
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 562.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame 6547
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1690652649689404964478
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1690652649689404964478
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
78SD2JPKYYP6PC1N8EJY
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1690652649689404964478
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.js
eus.rubiconproject.com/ Frame 99E6 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e009af7aa3b52160130eb7157c1a7f60424fe9757266d0be870a3689815fe0b4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84160
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 17 Feb 2022 19:46:57 GMT
usersync
rtb.gumgum.com/ Frame A115
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=5639511748561466636
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=5639511748561466636
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ea27dcb6-154e-4325-8a20-88200405defa
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=5639511748561466636
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame A115
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_c13fd124-8843-428d-a6ac-470087e870f9&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=28b0e443-ac70-4b50-9cfc-d5e50f499f01
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=28b0e443-ac70-4b50-9cfc-d5e50f499f01
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=98fd7e62-7e6b-49d9-ac02-3e38fdc6affd&ssp=gumgum2&expires=30&user_group=5&bsw_param=28b0e443-ac70-4b50-9cfc-d5e50f499f01
  • https://rtb.gumgum.com/usersync?b=bsw&i=28b0e443-ac70-4b50-9cfc-d5e50f499f01
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=28b0e443-ac70-4b50-9cfc-d5e50f499f01
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:18 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=28b0e443-ac70-4b50-9cfc-d5e50f499f01
Date
Wed, 16 Feb 2022 20:24:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame A115
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%289tAi24gOl655lBFBTrvHyf3D9Ubo7-5MjIDaCUzozNpkmTjhC7DNQhWHDV5dYoOg%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_c13fd124-8843-428d-a6ac-470087e870f9&obuid=ENC(9tAi24gOl655lBFBTrvHyf3D9Ubo7-5MjIDaCUzozNpkmTjhC7DNQhWHDV5dYoOg)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=9tAi24gOl655lBFBTrvHyf3D9Ubo7-5MjIDaCUzozNpkmTjhC7DNQhWHDV5dYoOg
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=51mZLd4len9qzOddwWTe
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=51mZLd4len9qzOddwWTe
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:18 GMT
Cache-Control
no-cache
X-TraceId
f1bae15633392c3455d461cd0266e71c
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:18 GMT
P3p
CP="We do not support P3P header."
Location
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=51mZLd4len9qzOddwWTe
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
99
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame A115
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=77d5c9de-059f-0e1b-34ac-bca0a5c5b63a
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=77d5c9de-059f-0e1b-34ac-bca0a5c5b63a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=77d5c9de-059f-0e1b-34ac-bca0a5c5b63a
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame A115
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-1b3efdc9-882c-42be-6142-dcb4a53f265e$ip$149.56.153.181
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-1b3efdc9-882c-42be-6142-dcb4a53f265e$ip$149.56.153.181
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-1b3efdc9-882c-42be-6142-dcb4a53f265e$ip$149.56.153.181
Date
Wed, 16 Feb 2022 20:24:17 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame A115
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-fsqszvVE2pc5EeepmDioRol4WL7qsw_6Am_e~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-fsqszvVE2pc5EeepmDioRol4WL7qsw_6Am_e~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 16 Feb 2022 20:24:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-fsqszvVE2pc5EeepmDioRol4WL7qsw_6Am_e~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame A115
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=6a6bd311-8f66-11ec-8001-f99ddf8e8f45
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=6a6bd311-8f66-11ec-8001-f99ddf8e8f45
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=6a6bd311-8f66-11ec-8001-f99ddf8e8f45
Date
Wed, 16 Feb 2022 20:24:16 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
6a6bd312-8f66-11ec-8001-f99ddf8e8f45
usersync
rtb.gumgum.com/ Frame A115
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://rtb.gumgum.com/usersync?b=snc&i=4535EB670A3D44EC81DC67635947A6DC
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=snc&i=4535EB670A3D44EC81DC67635947A6DC
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 varnish
server
nginx
age
0
location
https://rtb.gumgum.com/usersync?b=snc&i=4535EB670A3D44EC81DC67635947A6DC
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
x-varnish
427356977
content-length
0
142
match.deepintent.com/usersync/ Frame A115 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
server
a
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
rtb.gumgum.com/ Frame A115
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_c13fd124-8843-428d-a6ac-470087e870f9&gdpr=0&gdpr_consent=&us_privacy=
  • https://stags.bluekai.com/site/23178?id=51mZLd4len9qzOddwWTe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2NJRNVNEYZBUNRSW4OLRPJHWIZDXK5KGK
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=51mZLd4len9qzOddwWTe
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=51mZLd4len9qzOddwWTe
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:18 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:18 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=51mZLd4len9qzOddwWTe
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
98
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame A115
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=63f04982-c22c-4831-9c6e-b165c99e2035
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=63f04982-c22c-4831-9c6e-b165c99e2035
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=63f04982-c22c-4831-9c6e-b165c99e2035
date
Wed, 16 Feb 2022 20:24:17 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame A115
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1645043057777
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1632092845
  • https://sync.1rx.io/usersync/tradedesk/92950dbd-51f7-47e4-8829-8240cbc07bc0
  • https://sync.targeting.unrulymedia.com/csync/RX-31cfac64-326a-4696-bd02-aeb5ffefd739-005?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-31cfac64-326a-4696-bd02-aeb5ffefd739-005
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-31cfac64-326a-4696-bd02-aeb5ffefd739-005
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-31cfac64-326a-4696-bd02-aeb5ffefd739-005
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:18 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Date
Wed, 16 Feb 2022 20:24:18 GMT
Server
Tengine
ETag
RX31cfac64326a4696bd02aeb5ffefd739005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-31cfac64-326a-4696-bd02-aeb5ffefd739-005
Connection
keep-alive
Content-Type
text/html
usersync
rtb.gumgum.com/ Frame A115
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=ZYQOlJfck3eO&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=ZYQOlJfck3eO&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://rtb.gumgum.com/usersync?b=pln&i=ZYQOlJfck3eO&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-56659f45bd-4fxzp
expires
-1
usersync
rtb.gumgum.com/ Frame A115
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15
  • https://rtb.gumgum.com/usersync?b=sad&i=1796045720203520033&gdpr=0&gdpr_consent=
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sad&i=1796045720203520033&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:18 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=sad&i=1796045720203520033&gdpr=0&gdpr_consent=
date
Wed, 16 Feb 2022 20:24:17 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame A115 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_c13fd124-8843-428d-a6ac-470087e870f9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YWVRYRNY5PHP4KQ84MJ8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F448 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27282831&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d7d95341403f77253f60a1bba6338060b1e17c328417dd4912554c7d70d67977

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1569
content-type
text/html; charset=UTF-8
usersync
rtb.gumgum.com/ Frame 8B4F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=551a620d-5d71-4f00-9317-f6d3cd49797a&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=551a620d-5d71-4f00-9317-f6d3cd49797a&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master cdg-pixel-x13 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=551a620d-5d71-4f00-9317-f6d3cd49797a&gdpr=0&gdpr_consent=
Expires
Wed, 16 Feb 2022 20:24:16 GMT
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 1D2F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yg1dcQAGvHZpZwBH
85 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yg1dcQAGvHZpZwBH
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 varnish
age
2854
x-served-by
cache-yul12831-YUL
x-cache
HIT
x-cache-hits
29301
x-timer
S1645043058.638427,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
85

Redirect headers

p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yg1dcQAGvHZpZwBH
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 varnish
x-served-by
cache-yul12831-YUL
x-cache
MISS
x-cache-hits
0
x-timer
S1645043058.612442,VS0,VE14
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame B3FA 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jMTNmZDEyNC04ODQzLTQyOGQtYTZhYy00NzAwODdlODcwZjk=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Wed, 16 Feb 2022 20:24:17 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9DA4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=71457
expires
Thu, 17 Feb 2022 16:15:14 GMT
date
Wed, 16 Feb 2022 20:24:17 GMT
vary
Accept-Encoding
/
hde.tynt.com/deb/ Frame 3FAE
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
3ae3a82b997842614b83f070d02ea44711b24974fb99693acaa6181b6c053c0e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
1521
date
Wed, 16 Feb 2022 20:24:16 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-length
0
date
Wed, 16 Feb 2022 20:24:16 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usersync
rtb.gumgum.com/ Frame 3EA9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=92950dbd-51f7-47e4-8829-8240cbc07bc0&t=1647635057
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=92950dbd-51f7-47e4-8829-8240cbc07bc0&t=1647635057
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=92950dbd-51f7-47e4-8829-8240cbc07bc0&t=1647635057
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 2B53
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Feb 2022 20:24:17 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=gumgum
date
Wed, 16 Feb 2022 20:24:17 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usersync
rtb.gumgum.com/ Frame EF3A
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
  • https://ib.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=emx&i=$UIDbrt64381645043057522864a8
  • https://rtb.gumgum.com/usersync?b=emx&i=5639511748561466636brt64381645043057522864a8
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=emx&i=5639511748561466636brt64381645043057522864a8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx/1.17.9
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://rtb.gumgum.com/usersync?b=emx&i=5639511748561466636brt64381645043057522864a8
AN-X-Request-Uuid
486f4022-4291-4265-a549-c12cf3d93646
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 562.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
usersync
rtb.gumgum.com/ Frame D969
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=Yg1dcsCo8X4AAO8jHxkAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=Yg1dcsCo8X4AAO8jHxkAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Wed, 16 Feb 2022 20:24:18 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=Yg1dcsCo8X4AAO8jHxkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
4
X-SO-HostName
m-ad325.dc4p.scaleout.jp
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":5,"gdpr":false,"ipv4":"149.56.153.181","key":"Yg1dcsCo8X4AAO8jHxkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad325"}
X-SO-Key
Yg1dcsCo8X4AAO8jHxkAAAAA
X-SO-IP
149.56.153.181
X-SO-Cluster-ID
5
X-SO-Upstream-ID
m-ad325
usersync
rtb.gumgum.com/ Frame 9D71
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=NR4AKcf3CbLuD4z1iPY1&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=NR4AKcf3CbLuD4z1iPY1&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 16 Feb 2022 20:24:17 GMT Wed, 16 Feb 2022 20:24:17 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=NR4AKcf3CbLuD4z1iPY1&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame D88A 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=5b90ca22-f278-4c3a-9b58-9ddcda50c05a
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8XKZK0QE8V54M05388WS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame D88A
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.199.144.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-144-90.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame D88A
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.199.144.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-144-90.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame D88A
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://pixel.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=0
  • https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=Q05YMEAYX2RYH1FgR0lFZhRLXTFYHwpmEU3-HBAM
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=Q05YMEAYX2RYH1FgR0lFZhRLXTFYHwpmEU3-HBAM
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.199.144.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-144-90.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=Q05YMEAYX2RYH1FgR0lFZhRLXTFYHwpmEU3-HBAM
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
match.sharethrough.com/sync/ Frame D88A
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.199.144.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-144-90.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
ecm3
s.amazon-adsystem.com/ Frame E682 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=d83e11d3-3120-8db7-93d9-2eda05a67c9c&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G7V8PH76EF8XZEFBJKJ6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E682
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Yg1dcQAGuf2ScwBB
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yg1dcQAGuf2ScwBB&_test=Yg1dcQAGuf2ScwBB
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yg1dcQAGuf2ScwBB&_test=Yg1dcQAGuf2ScwBB
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1645043058.767518,VS0,VE0
x-served-by
cache-yul12831-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yg1dcQAGuf2ScwBB&_test=Yg1dcQAGuf2ScwBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
142f0bea-bd26-a404-6200-bab892c27a35
pr-bh.ybp.yahoo.com/sync/openx/ Frame E682 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/142f0bea-bd26-a404-6200-bab892c27a35?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:efb6:c060:3207:6cbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame E682
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=80e86dae-2d8a-364d-53d7-ac4d6d95b77c&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=80e86dae-2d8a-364d-53d7-ac4d6d95b77c&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=92950dbd-51f7-47e4-8829-8240cbc07bc0&ttd_puid=80e86dae-2d8a-364d-53d7-ac4d6d95b77c
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=92950dbd-51f7-47e4-8829-8240cbc07bc0&ttd_puid=80e86dae-2d8a-364d-53d7-ac4d6d95b77c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=92950dbd-51f7-47e4-8829-8240cbc07bc0&ttd_puid=80e86dae-2d8a-364d-53d7-ac4d6d95b77c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
293
pixel
cm.g.doubleclick.net/ Frame E682 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWM4N2JlNjQtZTRmZC02OGU5LTQ2MzctZjZmNGE3Nzc3OTFj
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E682
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOFP_XPiwP0MBg3jyHp5Mak&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOFP_XPiwP0MBg3jyHp5Mak&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOFP_XPiwP0MBg3jyHp5Mak&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 99E6
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=KZQ05UC7-18-F2S3
  • https://s.amazon-adsystem.com/ecm3?id=KZQ05UC7-18-F2S3&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=KZQ05UC7-18-F2S3&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
P2H9520DYN0CDCE2AKR7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KZQ05UC7-18-F2S3&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
crum
dsum-sec.casalemedia.com/ Frame 2C1E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yg1dcdbZopM.g-rSh9vKSgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGF_0DjEv2ysxzhHV5n0nzY&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGF_0DjEv2ysxzhHV5n0nzY&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:18 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGF_0DjEv2ysxzhHV5n0nzY&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2C1E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yg1dcdbZopM-g_rSh9vKSgAAACAAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFBjTr_gfZyZAnftPoMMkzA&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFBjTr_gfZyZAnftPoMMkzA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:17 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFBjTr_gfZyZAnftPoMMkzA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2C1E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&expiration=1647635057&gdpr=0&gdpr_consent=
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&expiration=1647635057&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:17 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0&expiration=1647635057&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame 2C1E 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yg1dcdbZopM-g_rSh9vKSgAAACAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SRV6TQK70ZX8AER14Z26
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2C1E
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=647644618866
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=647644618866
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:18 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=647644618866
crum
dsum-sec.casalemedia.com/ Frame 2C1E
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:17 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Wed, 16 Feb 2022 20:24:17 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 2C1E
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030002_620d5d71c17f3&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030002_620d5d71c17f3
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030002_620d5d71c17f3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:18 GMT

Redirect headers

date
Wed, 16 Feb 2022 20:24:17 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030002_620d5d71c17f3
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
ecm3
s.amazon-adsystem.com/ Frame 2C1E 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Yg1dcdbZopM-g_rSh9vKSgAAACAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F2N5TJX5PKBS0R4WTG78
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 32F8 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
64102
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
IAD89-C2
cf-ray
6de97fa65d1fcab0-YYZ
x-amz-cf-id
1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires
Fri, 18 Feb 2022 20:24:17 GMT
bl-8d5d585-988ebaab.js
tagan.adlightning.com/buzzfeed/ Frame E24C 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/buzzfeed/bl-8d5d585-988ebaab.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-87.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5e263f1cce4e24e66cce27409573e496bd332475b470bc41893c0097df0b78e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 16:31:11 GMT
content-encoding
gzip
age
13987
x-cache
Hit from cloudfront
content-length
23420
x-amz-meta-git_commit
8d5d585
last-modified
Wed, 16 Feb 2022 16:25:42 GMT
server
AmazonS3
etag
"a782f09f548f94de7b57153bbf8b6f76"
x-amz-version-id
Q4Q2qDOufYFC851aLkUUAFFw1Ba3rAXQ
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
KZ4N8e4K-WJXjUffuPQGoUbuFbCwYI7qXWOp4mmcZbbqWdznUkKT4w==
b-7b120a5-f6b516c6.js
tagan.adlightning.com/buzzfeed/ Frame E24C 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-87.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e8ef8ad4b51e6b8ab3e5e2e41d9c3d1a25fbf6397f08f326ebccf1dbf27485

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:56:30 GMT
content-encoding
gzip
age
440868
x-cache
Hit from cloudfront
content-length
28229
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 09 Aug 2021 17:02:25 GMT
server
AmazonS3
etag
"e868e92eca7ee7766a0ebca2380ca015"
x-amz-version-id
Cqc2qgliFPxFRwsBM8Vp7NrEAvzd4wi.
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
75hJnToIXPJt3Fr-2sgPpLNXwGOUc3pdxdIELvU_GJplaIAHccRCtw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E24C 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 20:24:17 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame EFBA
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-10-151.compute-1.amazonaws.com
Software
/
Resource Hash
26eecf4355394d98fd96429e58f7349a20d853f35b8b1b5875449171139cfa9e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Wed, 16 Feb 2022 20:24:17 GMT
pragma
no-cache

Redirect headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
tap.php
pixel.rubiconproject.com/ Frame 99E6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/1EngKAbdWqwSSZ-MhkQw4cn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4678668747306645598
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4678668747306645598
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Content-Type
image/gif

Redirect headers

date
Wed, 16 Feb 2022 20:24:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4678668747306645598
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 99E6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f134620d-5d71-4100-9b0e-cf7e0141aaa3&gdpr=0&gdpr_consent=
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f134620d-5d71-4100-9b0e-cf7e0141aaa3&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Content-Type
image/gif

Redirect headers

Date
Wed, 16 Feb 2022 20:24:17 GMT
Server
MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f134620d-5d71-4100-9b0e-cf7e0141aaa3&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Feb 2022 20:24:16 GMT
tap.php
pixel.rubiconproject.com/ Frame 99E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAMPw1XFdOnD_ZAgcZ5F3S8&google_cver=1
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAMPw1XFdOnD_ZAgcZ5F3S8&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAMPw1XFdOnD_ZAgcZ5F3S8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 99E6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=92950dbd-51f7-47e4-8829-8240cbc07bc0&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 99E6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yg1dcQAGuf2ScwBB&gdpr=0
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yg1dcQAGuf2ScwBB&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1645043058.810973,VS0,VE0
x-served-by
cache-yul12831-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yg1dcQAGuf2ScwBB&gdpr=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 99E6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pRMDVVQzctMTgtRjJTMw==&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pRMDVVQzctMTgtRjJTMw==&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pRMDVVQzctMTgtRjJTMw==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 99E6 		42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame 99E6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTg3NDllMDc1ZTg0OWNkNjc3M2RiZDc4N2NiMzNiYzRmNDQ4OTNiMA&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTg3NDllMDc1ZTg0OWNkNjc3M2RiZDc4N2NiMzNiYzRmNDQ4OTNiMA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTg3NDllMDc1ZTg0OWNkNjc3M2RiZDc4N2NiMzNiYzRmNDQ4OTNiMA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
buyers
dmx.districtm.io/s/v1/ Frame 32F8 		470 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers?gdpr=0
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8c89e4b7033f163d1b067be992e5332cde28e802c54cdd2c97b13a5744ebe93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6de97fa79ef4cab0-YYZ
access-control-allow-headers
Origin, Content-Type
match
c1.adform.net/serving/cookie/ Frame 0AFA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 20:24:17 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 16 Feb 2022 20:24:17 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4677
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg1dcQAGuf2ScwBB&gdpr=0&gdpr_consent=
1 B
545 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg1dcQAGuf2ScwBB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 13:05:27 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va2pug009:0:295
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yg1dcQAGuf2ScwBB&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Wed, 16 Feb 2022 20:24:17 GMT
via
1.1 varnish
x-served-by
cache-yul12831-YUL
x-cache
HIT
x-cache-hits
0
x-timer
S1645043058.839775,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 9028 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
S2E3B0BFDASDY6DR4T5A
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F448
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3eyCqHeTQPWUaM0l35im6g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=71456
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Thu, 17 Feb 2022 16:15:14 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame F448
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJERERUM4MkE4LTc3OTMtNDBGNS05NDY4LUNEMjVERjk4QTZFQRAAGg0I8bq1kAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3d621708012f477974c24124d95bbc405b0bef72a818ed7d4046fff1f53d8d2f791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzZDYyMTcwODAxMmY0Nzc5NzRjMjQxMjRkOTViYmM0MDViMGJlZjcyYTgxOGVkN2Q0MDQ2ZmZmMWY1M2Q4ZDJmNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzZDYyMTcwODAxMmY0Nzc5NzRjMjQxMjRkOTViYmM0MDViMGJlZjcyYTgxOGVkN2Q0MDQ2ZmZmMWY1M2Q4ZDJmNzkxNDI2YjU0MTdkY2UyMRAAGgwI8rq1kAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=327ef1ed-ab46-4a14-a7dd-7e7b41575d0c
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=327ef1ed-ab46-4a14-a7dd-7e7b41575d0c
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 20:24:19 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=327ef1ed-ab46-4a14-a7dd-7e7b41575d0c
date
Wed, 16 Feb 2022 20:24:19 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame F448
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3310620d-5d72-4000-add8-9f18524c05bb
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3310620d-5d72-4000-add8-9f18524c05bb
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 16 Feb 2022 20:24:18 GMT
Server
MT3 4133 baa842e master cdg-pixel-x10 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3310620d-5d72-4000-add8-9f18524c05bb
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Feb 2022 20:24:17 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F448
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RERFQzgyQTgtNzc5My00MEY1LTk0NjgtQ0QyNURGOThBNkVB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 16:25:15 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug024:0:557
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F448
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELnC9jDFj7sh4VYH_kfw-J0&google_cver=1
42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELnC9jDFj7sh4VYH_kfw-J0&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 16:50:24 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug022:0:379
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELnC9jDFj7sh4VYH_kfw-J0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F448
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CD4BEB1BB7CE40A6BE53C58FFAD6B19B
42 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CD4BEB1BB7CE40A6BE53C58FFAD6B19B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug005:0:631
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 16 Feb 2022 20:24:17 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CD4BEB1BB7CE40A6BE53C58FFAD6B19B
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 15 Feb 2022 20:24:17 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F448
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7190464996333120856&gdpr=0&gdpr_consent=&us_privacy=
1 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7190464996333120856&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 14:43:16 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug006:0:310
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7190464996333120856&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame F448
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=92950dbd-51f7-47e4-8829-8240cbc07bc0
42 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=92950dbd-51f7-47e4-8829-8240cbc07bc0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 13:05:18 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug004:0:434
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=92950dbd-51f7-47e4-8829-8240cbc07bc0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
usync.js
eus.rubiconproject.com/ Frame 2B53 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e009af7aa3b52160130eb7157c1a7f60424fe9757266d0be870a3689815fe0b4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84160
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 17 Feb 2022 19:46:57 GMT
events
fbcapi.buzzfeed.com/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fbcapi.buzzfeed.com/events
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.238.134.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-134-115.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.buzzfeednews.com
date
Wed, 16 Feb 2022 20:24:17 GMT
access-control-allow-credentials
true
vary
origin
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
y-oebhWiZE2uHQXwpBImM0P1WTTG6_i59jI.AqAy4-~A
dmx.districtm.io/s/10057/ Frame 32F8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=
  • https://dmx.districtm.io/s/10057/y-oebhWiZE2uHQXwpBImM0P1WTTG6_i59jI.AqAy4-~A
100 B
203 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10057/y-oebhWiZE2uHQXwpBImM0P1WTTG6_i59jI.AqAy4-~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f500750e7a32b1b40ab4da311a014d525b51b36ce845997a6625682c47af0ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 16 Feb 2022 20:24:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6de97faa3a7ccab0-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10057/y-oebhWiZE2uHQXwpBImM0P1WTTG6_i59jI.AqAy4-~A
date
Wed, 16 Feb 2022 20:24:18 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
647644618866
dmx.districtm.io/s/10022/ Frame 32F8
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___
  • https://dmx.districtm.io/s/10022/647644618866
68 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10022/647644618866
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
776d2cfaf7272349538db5e8e3091409853fb27d98e3248b13bceaa4b1ab8e3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 16 Feb 2022 20:24:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6de97faa8b07cab0-YYZ

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dmx.districtm.io/s/10022/647644618866
970314629024472183
dmx.districtm.io/s/10056/ Frame 32F8
Redirect Chain
  • https://p.rfihub.com/cm?pub=36496&in=1
  • https://dmx.districtm.io/s/10056/970314629024472183
74 B
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10056/970314629024472183
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da7448acd95eb05e58f8b68f4157b6ebd27fecc46a0fa0160d8bc85cb0f0066c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 16 Feb 2022 20:24:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6de97faa8b0bcab0-YYZ

Redirect headers

Location
https://dmx.districtm.io/s/10056/970314629024472183
Date
Wed, 16 Feb 2022 20:24:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341
dmx.districtm.io/s/10001/ Frame 32F8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96
  • https://dmx.districtm.io/s/10001/5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341
106 B
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10001/5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff9ede93490b6d00ff34238e42820dea6890594714497ee982d5ee768a899fdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 16 Feb 2022 20:24:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6de97fac1ce9cab0-YYZ

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dmx.districtm.io/s/10001/5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
5b90ca22-f278-4c3a-9b58-9ddcda50c05a
dmx.districtm.io/s/10059/ Frame 32F8
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/5b90ca22-f278-4c3a-9b58-9ddcda50c05a
92 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10059/5b90ca22-f278-4c3a-9b58-9ddcda50c05a
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d3389e5b50e9731cd23dd520b5cdfce3062f8db5b2634b4e8425e0147952d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 16 Feb 2022 20:24:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6de97faa8b0ccab0-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10059/5b90ca22-f278-4c3a-9b58-9ddcda50c05a
date
Wed, 16 Feb 2022 20:24:18 GMT
content-length
0
/
www.facebook.com/tr/ Frame 2FC4 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.buzzfeednews.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Wed, 16 Feb 2022 20:24:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E24C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQZNEu2_sbHQsBXceumtZRPHzFmSRIMeaj2liNwTlei8upMCSd9SMIzmG2e9sTHZ8OpHorkBHByIVBChGXXvxb1r-qgRUAhNue_8Gc-uKhEtbMhFEHJNrUVcfi0w1CfBVv0wODwJSeWdschtk6qYAuXFvag43Uoo8Lk7fpc0RGmQOPVp8gS1cmNNIKENTmwXHzmffx9sOowrNFsj0RQZu_-v1iGKQp7ObhfjDf1HJiUaaj32zKDWrFOjjslu31Kv2kSfZaKdw5pfd7f--muvhja354zHJObehG5tDqEIceGSPrcQpHn-eZCM9eTW6cMfjme0UikrmrcRy17zoXaItpfg&sai=AMfl-YQRoY5PzG6mF522j9L-uW5f82fBm13WluSNNqFvy8h2cYjRHRkqmsAIuefoSCFtjuWO1Gg-oeNhwkTaBiH23QhmL3Fy4kgBxDpiVso85YPuqwg5FA1rzvc4QJNqkVE&sig=Cg0ArKJSzMgBIf8oMIcnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 20:24:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adfetch
googleads.g.doubleclick.net/pagead/ Frame 87D8 		76 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
147cb20320f6928dd1316164176f7160213b538297f938c575a5489f19d67760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Feb 2022 20:24:18 GMT
server
cafe
content-length
30621
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 20:24:18 GMT
cache-control
private
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame E24C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fe0a348ab1514f7e456a57a4c604299afedb144ac35409803a4277423de868a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1289
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5311
x-xss-protection
0
server
cafe
etag
13703302848655719195
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 21:02:49 GMT
v1
a3604.casalemedia.com/impression/ Frame E24C 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a3604.casalemedia.com/impression/v1?bidID=dbf78c93-806a-499a-905e-d9da8b472814&traceID=c86lqs0u938ud1kee0sg&dspID=85&userID=&cmpro=0&ap=0.04&siteID=506165&creativeID=21bf7d
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.204.233.176 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:18 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E24C 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-Dz-iQK96IRCrXbKl9ofxqRIomfTx_3M1l1A8LwGIkDSamZQ6cKJsoIPaMbrfyO4WA0eNk1MHkbmIo6ygAScZg0w11pDw&pr=13:Yg1dcAAAAABscK1Fhv6ceAS8xLbX29xwbv91QA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EFBA 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=4a57c573-731e-4563-82f0-5eb8991287e5&expiration=1652732657
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:18 GMT
usync.html
eus.rubiconproject.com/ Frame 894F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Feb 2022 20:24:18 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
date
Wed, 16 Feb 2022 20:24:18 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usersync
rtb.gumgum.com/ Frame 3FAE
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1645043057819.&ri=0013300001r0t9mAAA&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
  • https://rtb.gumgum.com/usersync?b=tta&i=211578107144626
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=tta&i=211578107144626
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:18 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://rtb.gumgum.com/usersync?b=tta&i=211578107144626
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 3FAE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=28b0e443-ac70-4b50-9cfc-d5e50f499f01&google_hm=MjhiMGU0NDMtYWM3MC00YjUwLTljZmMtZDVlNTBmNDk5...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHMiS1FsP_lrUCbTq26QuIQ&google_cver=1&ssp=the33across&bsw_param=28b0e443-ac70-4b50-9cfc-d5e50f499f01
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=28b0e443-ac70-4b50-9cfc-d5e50f499f01
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=28b0e443-ac70-4b50-9cfc-d5e50f499f01
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=28b0e443-ac70-4b50-9cfc-d5e50f499f01
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:19 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=28b0e443-ac70-4b50-9cfc-d5e50f499f01
date
Wed, 16 Feb 2022 20:24:19 GMT
server
awselb/2.0
content-length
134
content-type
text/html
match
cms-xch-chicago.33across.com/ Frame 3FAE
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1645043057819.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=3310620d-5d72-4000-add8-9f18524c05bb
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=3310620d-5d72-4000-add8-9f18524c05bb
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 16 Feb 2022 20:24:18 GMT
Server
MT3 4133 baa842e master cdg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=3310620d-5d72-4000-add8-9f18524c05bb
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Feb 2022 20:24:17 GMT
match
cms-xch-chicago.33across.com/ Frame 3FAE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-Sz1ekFdE2uFh5CGd3yAfRP5MXm2RQIRP~A
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-Sz1ekFdE2uFh5CGd3yAfRP5MXm2RQIRP%7EA&ts=1645043058&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-Sz1ekFdE2uFh5CGd3yAfRP5MXm2RQIRP%7EA&ts=1645043058&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:17 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-Sz1ekFdE2uFh5CGd3yAfRP5MXm2RQIRP%7EA&ts=1645043058&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 3FAE
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=2abf5aeafd551218&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGbJLphW9hUQMFPaxvAAAAAAA&expiration=1645129458&is_secure=true&us_privacy=
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGbJLphW9hUQMFPaxvAAAAAAA&ts=1645043058&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGbJLphW9hUQMFPaxvAAAAAAA&ts=1645043058&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:18 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGbJLphW9hUQMFPaxvAAAAAAA&ts=1645043058&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 3FAE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1647635058%26external_user_id%3D92950dbd-51f7-47e4-8829-8240cbc07bc0
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647635058&external_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647635058&external_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:18 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1647635058&external_user_id=92950dbd-51f7-47e4-8829-8240cbc07bc0
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
container.html
6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F3EB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 20:24:17 GMT
expires
Thu, 16 Feb 2023 20:24:17 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usersync
rtb.gumgum.com/ Frame 2B53
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&khaos=KZQ05UC7-18-F2S3
  • https://rtb.gumgum.com/usersync?b=mag&i=KZQ05UC7-18-F2S3&gdpr=0&gdpr_consent=undefined
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=mag&i=KZQ05UC7-18-F2S3&gdpr=0&gdpr_consent=undefined
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:18 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://rtb.gumgum.com/usersync?b=mag&i=KZQ05UC7-18-F2S3&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
osd.js
www.googletagservices.com/activeview/js/current/ Frame E24C 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e757f9b4dbb6314fb1a2c99c2a9ee0c6dd07198bef376a29a7e72eb057998f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29707
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842079656558"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 20:24:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E24C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvquy5gz0xZRwoFffJH2ADa7PVYt3jicaSzOKG682vy1wodP8Q3gMsAc_1fv0RPYHEqXaFpLzRXY-8RW5tVK4gU9LuBPRw-G-0DaV9vQIj_0nzg7TBMJQurdUg7N0BKjP1PGqw4wgqZE4lR17UkEDzf2mJ-MVRvlGIanT9eGiWcH-wV6wIjWREaqBqQ__RgjkmEYQiw1sOg5u2AHeWNbFYr6jCsYh_HXZVvTVDCaaJC8y3LXt0Ms5f2ZjksKCSlSzFUFNm0K791iOSj5CPPhcA1SlwfFU4DzIgqc9YiwB72CqGnxjgzqlIgCrdAqmG0-siG8Hf5qc2opYOejTQonbZeSkyF&sai=AMfl-YQuf57yge1lujs0aVQ8RfHTl21jmgeAapAN-UP1xqa2rhIrR4g0Osvl9pdVw97DmBG7k-7j99cNJwrelOYz95BiHcOGtZg3xdVeSgj9O4g4Xg8ZGbfQzno9nRmh8ys&sig=Cg0ArKJSzDbJzOcunWEKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 20:24:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 16 Feb 2022 20:24:18 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame E24C 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:595::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e33f9d6f3bffce55b1095840b77bd6bcf2d02405a3dbe853fcbe082461a58137

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 14:31:05 GMT
Server
Microsoft-IIS/10.0
ETag
"80da5ad44123d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3291
truncated
/ Frame E24C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
869a18dd87b4583077da51c9108d88ac4cb6b5f0299f974393362f99fb1e22c3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
events
pixiedust.buzzfeed.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pixiedust.buzzfeed.com/events
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.40.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-40-137.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
bl-8d5d585-988ebaab.js
tagan.adlightning.com/buzzfeed/ Frame E8BD 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/buzzfeed/bl-8d5d585-988ebaab.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-87.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5e263f1cce4e24e66cce27409573e496bd332475b470bc41893c0097df0b78e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 16:31:11 GMT
content-encoding
gzip
age
13988
x-cache
Hit from cloudfront
content-length
23420
x-amz-meta-git_commit
8d5d585
last-modified
Wed, 16 Feb 2022 16:25:42 GMT
server
AmazonS3
etag
"a782f09f548f94de7b57153bbf8b6f76"
x-amz-version-id
Q4Q2qDOufYFC851aLkUUAFFw1Ba3rAXQ
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
3wZ_Wij0QbTUXtXs0rleIXIR0m8M6Kku9TM3E1tbQfodDiSPtGpmxQ==
b-7b120a5-f6b516c6.js
tagan.adlightning.com/buzzfeed/ Frame E8BD 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-87.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e8ef8ad4b51e6b8ab3e5e2e41d9c3d1a25fbf6397f08f326ebccf1dbf27485

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:56:30 GMT
content-encoding
gzip
age
440869
x-cache
Hit from cloudfront
content-length
28229
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 09 Aug 2021 17:02:25 GMT
server
AmazonS3
etag
"e868e92eca7ee7766a0ebca2380ca015"
x-amz-version-id
Cqc2qgliFPxFRwsBM8Vp7NrEAvzd4wi.
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
TUbeS8tjEHIedOaRktRwXTHUwwSt1XWaXos5Cg3ns45Q5OsLZJ2CVQ==
usync.js
eus.rubiconproject.com/ Frame 894F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e009af7aa3b52160130eb7157c1a7f60424fe9757266d0be870a3689815fe0b4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84159
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 17 Feb 2022 19:46:57 GMT
14979323472661874060
tpc.googlesyndication.com/simgad/ Frame 87D8 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14979323472661874060?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlpfVLaQO78o1h-J8-FI5moa_JX-w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
732fecbd090575bc7c1c135c2a9776276e8cfdd6dddc6fc7381ff6cb364e39c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 04:15:52 GMT
x-content-type-options
nosniff
age
490106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28856
x-xss-protection
0
last-modified
Sat, 15 May 2021 06:40:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 11 Feb 2023 04:15:52 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20220215/r20110914/ Frame 87D8 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220215/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:20:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9648
x-xss-protection
0
server
cafe
etag
2224892065184813991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 20:20:36 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/ Frame 87D8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd54241a6ef534d4fd55a95d52035292958c4a55c350f8bb38b396ef4f49c1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
server
cafe
etag
218260476562286327
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 20:22:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 87D8 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 20:24:18 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/ Frame 87D8 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cff67ddd98ac4518c2f0ea17302f9a63dd4e8c24f7375427a6b396fffa218d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7519
x-xss-protection
0
server
cafe
etag
5754846754200317394
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 20:21:42 GMT
l
www.google.com/ads/measurement/ Frame 87D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSG-1akfOF-dF4xYd9SJa0Yi8jo6CZVc38Ujed6HdJCsw-zvzdaio0NwZA0RumTEirkCdBe5f5tsWgk4dYsf1hwpT90FQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/ Frame 87D8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94c4acc687f95af2d926f6a71b900e3e141d29ce47a418f164dcfb97e1a173d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:31:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14545
x-xss-protection
0
server
cafe
etag
1442824382633639518
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:31:45 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 87D8 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CqRFocF0NYsWkNYm7hAXTj5zIDe7U7bJojeLT8IIOv-EeEAEgt-WEIWB9oAGl44XZA8gBAqgDAcgDyQSqBJ0CT9ClwAidMTntNU2hjgp8tDR-CPXDvLf1bN5dA8abJYWAY5phog1jVGX5mnWKJOgJhNiFXz-lvbYUF2HYlHdCwdwkFCxT3V9Uuxvv9DYA1AxXXBnf1NFDHOEm0RDt0QJScmROBa-qCFgKrJtbTSUuB2VLdzTmZjPu4B9EzWOW00qipkEsfVhi9A5WAVeV4qJrzlnL6yxADxQ6adg5j2pqX-g2l5USx1hLfY5ToTfVRk4IRXjc6tnpJ2BdxUM3Yk5Hed7fQDoH3C7oWgnKYHWBluPzdm8FU9Q8JSDM5nAVrRomambTMwZL2fQDknpF0CBzJ5zue9YezNuHZylzurYBwmBbSri_P3Tt-_1QNCAgLnd4ScSLWy3xPZVS4S5UwATihqimwAKSBQQIBBgBkgUECAUYBKAGAoAHgpWvfqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB0ggHCIBhEAEYAPIIDWJpZGRlci01MDYxNjWACgTICwHYEwzQFQGAFwGyFwgKBggAEgAYAA&sigh=SPXsekkVMdI&uach_m=[UACH]&pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 16 Feb 2022 20:24:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
bl-8d5d585-988ebaab.js
tagan.adlightning.com/buzzfeed/ Frame F3EB 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/buzzfeed/bl-8d5d585-988ebaab.js
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-87.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5e263f1cce4e24e66cce27409573e496bd332475b470bc41893c0097df0b78e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 16:31:11 GMT
content-encoding
gzip
age
13988
x-cache
Hit from cloudfront
content-length
23420
x-amz-meta-git_commit
8d5d585
last-modified
Wed, 16 Feb 2022 16:25:42 GMT
server
AmazonS3
etag
"a782f09f548f94de7b57153bbf8b6f76"
x-amz-version-id
Q4Q2qDOufYFC851aLkUUAFFw1Ba3rAXQ
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
yU8_gkogBbofJCR96J0T9T4y4njD9NJdjNRsuhtObgbkeITEKiAqGg==
b-7b120a5-f6b516c6.js
tagan.adlightning.com/buzzfeed/ Frame F3EB 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-87.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e8ef8ad4b51e6b8ab3e5e2e41d9c3d1a25fbf6397f08f326ebccf1dbf27485

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:56:30 GMT
content-encoding
gzip
age
440869
x-cache
Hit from cloudfront
content-length
28229
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 09 Aug 2021 17:02:25 GMT
server
AmazonS3
etag
"e868e92eca7ee7766a0ebca2380ca015"
x-amz-version-id
Cqc2qgliFPxFRwsBM8Vp7NrEAvzd4wi.
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
bquoJ6lPBJCEXuh88mN8AieUaMyytfIaYrueikCV2UO-5IAPmqVQqw==
css
fonts.googleapis.com/ Frame F3EB 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 18:46:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 20:24:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 20:24:18 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame F3EB 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 19:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2301
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 19:45:58 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame F3EB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite_fy2019.js
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:21:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7847
x-xss-protection
0
server
cafe
etag
11854797672689052815
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 20:21:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame F3EB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 20:22:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F3EB 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 20:24:18 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame F3EB 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:22:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6405
x-xss-protection
0
server
cafe
etag
2993485572248006277
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 20:22:48 GMT
l
www.google.com/ads/measurement/ Frame F3EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeal8gosrFlR6Dwbo5Y6A7oe9XeOF9_HD_6kOcZaLFIHPvKye1G08K6_2jShhUQBiiLF5u12TPLftSxIfu4U-f5jmYOg
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
6db0573cb067ea4557d3af56fc7062b8.js
www.gstatic.com/mysidia/ Frame F3EB 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 05:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
312758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11678
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:43:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 14 May 2022 05:31:41 GMT
dv-measurements2197.js
cdn.doubleverify.com/ Frame 55B2 		507 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2197.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:595::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
072300ef36efa54af8634dadd3451fbd96274e9708bfa568040192fb2e71c160

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Feb 2022 11:46:03 GMT
Server
Microsoft-IIS/10.0
ETag
"80cfe39b6122d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95342
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
cf-ray
6de97faddd153348-EWR
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
users
dmx.districtm.io/s/v1/ Frame 32F8 		0
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6de97fae4fc0cab0-YYZ
access-control-allow-headers
Origin, Content-Type
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202072236000/ Frame E8BD 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
182269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61519
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"609f9f524fc23ab6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame E8BD 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
182269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5708
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c9170e21c83610c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame E8BD 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
182269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29623
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f660f99fdfd5d6c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame E8BD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
182269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b0f41eb8e6d0a727"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame E8BD 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
182269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13623
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14164defe327400f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
css
fonts.googleapis.com/ Frame E8BD 		8 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 18:46:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 20:24:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 20:24:19 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E8BD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:24:30 GMT
x-content-type-options
nosniff
server
cafe
age
10788
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 17 Feb 2022 17:24:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E8BD 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 00:17:40 GMT
x-content-type-options
nosniff
server
cafe
age
72398
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 17 Feb 2022 00:17:40 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E8BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu_jccV0NYor3O5nUzwXY_4DACI6B3LlotaT0st0OloLNhYgWEAEgm6iHN2B9oAHp_fXPA8gBCeACAKgDAcgDCqoE1AJP0JKgBMQPg-fjNcAtBAFBEhVjXoNMKa_dIeQeq8evLaKz7unrp67HvDOfLemjn5Kw4CyGT7VQMqhwcgL8u4fJmoHJquGjDllN15ZM26Ptxm5BgtkbAk1-a0Nne7Nu5o6Qv8IBvSSTa8oXCx8sbMdX0MEtNnqGt0LlZ4y6LHeP05XGRlmlbn0L-D5thRjjSBn0ztf5gy_PpExXHSJddKG7dcjfCLHodm0Fzc3AHjTv3UqXJ5FQUIpuxZwvRsSgqkx3WymF_CuZn6DvgsMF_OF00zVS86_BP03wzgqVeMilzkt2FB4kTqvZlA5z0YRLKdJ2NtyR7DNlhpK7QgKrk7IjVYZpxXnmfkKapGMWR_Qd90-BwP7cDh4NB3MUtnYqoGls7dTB9NVWP-jwwpPDZjgTYGelA0Hx7Nvxf3LWTW9IWzOYHyRbCsI54fpdp9AJMAMUyjCJwASYr_OG5APgBAGSBQQIBBgBkgUECAUYBKAGLoAH8JeYqgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC-pSHSCAcIgGEQARgdgAoDyAsBuBOIJ9gTDIgUAdAVAYAXAbIXHgocCAASFHB1Yi05NjM2OTUzNzc3MTU1ODc2GN3RDQ&sigh=5Fxg2RfdLF8&uach_m=[UACH]&template_id=5000
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8981 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Wed, 16 Feb 2022 20:18:26 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
353
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
action_links.json
fr-actions.trackonomics.net/prod/www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement/ 		243 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fr-actions.trackonomics.net/prod/www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement/action_links.json
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-17.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6764fd6a3830178964bae23e8c618fcc6e78a24044feea5fa85cd5fddacfbca1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:18 GMT
via
1.1 978d7ccfdbed8c0e3015142e29dd5c5c.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
EWR53-P1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Error from cloudfront
content-type
application/xml
access-control-allow-origin
*
access-control-allow-methods
GET
x-amz-cf-id
pmVSV7wvFRcBdr6cW2WX6miHDYWhydhsq8Z-oW87Sc4f6j_uOtPFnQ==
i.png
trx-hub.com/i/m/ 		128 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5QBXCAW1gGdEToBjAUyJAGUwsAbCAC2hJAAaEGUrlG2EuRaNyHTkJEVY9MOQAOHPDhYAGAEwB6AIwA2Q-oP6ABAEkc9ROVx5rORiiqdGURtBAAvsLiEGAYkGBEoABCJABecVgYLKZmugAc+gDsigAKfuRkWABujLYAIilpmTnCYGQ8yCwAopycWIzWABJgbYHCEFjO+FFBItCcVFEg0IzwfrP+hCCKWFSwMAAesLPz0ItE8L1UjGOQMLBg6uqMOMnEY5p4jBvQYExEANqgNHQfyzwoOoqIRDIYUBCAHQAI3icXmEncnkhjnIhnQg3o3kMjDaHWKPF6nEM6mguCYAFowHdZigKcUsNA8LgsGAKcySPB4LMKScoN5xDgIAB+UTUWgMRgAXnYXF4-AAZGLxJJyFLZPIlcpVBotDgpQYTOZLPp9ABSSz2VEuC26JFeHwQPxayhO6BqgByHiotscOHgjJVtvaVAgil2Cz8LEU5zgSFQ6GwI2ISkov0lLFl3D4AmEyokWCkMjkXEUYp1miw2j0RjMFisdgcThcbm93l8-gCAQAusJ6CRQ05YCFIg9hKTEDdoBAAJ6wJIsXIAJQA8rlmkuACoATVgFUU-cH4jgC+WsISCIwsEQAGsAKymLI3vAQdLpA9JdTGFjn+GMCTXvej7Pq+759p++gsBSijpv8ICAhAwKguCUK-pe9ook46LTlgWKMDieKMASRIkmSDiMFSNIePSjLMjgrLsoWXI8nyEACrcIpirB0pZvKJAusOBZSOqJacAJFZ6gatbGlYtpWs2+C2va7ZugJbqet6vqIP6gYSMGaxhsIREcRsM43CwQykowVBUFg2nhnMkZLCswixAkp4gKkpgZNkeQFEUpT7ssXk+bU4ANE0yytO0nQ9H0fYxUKGxDMwywmvoFIGBSZibpYhD6AALIQxgAJyQroBW6AAWooTwvIMbGpSAuRkUw1gAIJUSg1hLow7w8NZ1isI67FCtYADqWC8NYABScx7DO1jNMCTq4NYABquGDOQG20SyYDWAA4kx3LMMIWAeRdGBmAVd4VQAzLod4lRVuhYAAVgQARAA
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-58.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:56:33 GMT
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
age
8867
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
128
x-amz-cf-id
gWtmTu6pCj9x6H6MpUkrNCTx-Jcg50fhGNyIdjkPhrI9ZlucI8Aa_g==
i.png
trx-hub.com/i/x/ 		128 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/x/i.png?q=N4IgDglgJiBcICMCuAvFAzAppqB9A9gNYCsAbAOyEDmALgBx0gA0IE0cr0AjKQCzEAGXgGYBxAJxCBEAFZVmIAB7QAznFDoATj35DREgcN4IZCDgAsaNMCtgB6OwHdnAOmRosOAHaZHKlwDG+AC2dgCGmjQQAQA2mHaxYUhQEGGE+JiaPpp2YJoQXgGYALRhXlCavsWYNjSYBcUICAHFBXWaAG4QvgpaOoIiYpLCxAFhEBZWNvZOru4Y2FA+foEh4ZHRcXaYMTHdHeZhu7n5hSVlFVVRNHEqxcEQezQRAJ7FKjT5YGA4xZ+pMWKVAgSHQWkwvW0fAG+mGo3MMHglmstgczkcblQC28vn8QVCESisXiOz2mAORxiJwKRVK5UqjmKMiQmje-yOpWQKhKNQ+9S8AH4EOgVPgWUUALyVGJhOpQYJlJBHSH9PRDQzEKD1SYombozEeRbLPFrQmbEm7faHY55GnnelXfIcrqaYFeVJAkFgypCkVizSS6WynAKrxKmIq6FqgwjTBUREgZHTNFzLGeJa41YEjbE7aW8nWqm2s50y6M7mdX7cxTh0oqFRJGI0YoyvxICDN4Gg8G+0XizBSnbB+WK5UAXzHQA
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-58.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 19:13:32 GMT
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:42 GMT
server
AmazonS3
age
4248
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
128
x-amz-cf-id
XKEkRcTrF-uFINYU2jUMvOAsFFJkULJKsgIOa50OG7J2A0Pf_DKa0A==
ecm3
s.amazon-adsystem.com/ Frame 32F8
Redirect Chain
  • https://dmx.districtm.io/s/v1/users/10002
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qVkRkRzF4VkhaRlptVm1kRUpvYTFwRFNYUlBSbTkzUmtkSiJ9.gekAoKmv2lhNPlffWpKAV9...
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qVkRkRzF4VkhaRlptVm1kRUpvYTFwRFNYUlBSbTkzUmtkSiJ9.gekAoKmv2lhNPlffWpKAV9_-BwVbkojBWSZd6s0X_D1N3Na5doQAIkj8Nvj9fxfuhKeMokxOSX9FWvkd7dCQ6w
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_rbd_n-emx_n-vmg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
P75M4FHK7XYJZPF7Q2DP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 16 Feb 2022 20:24:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qVkRkRzF4VkhaRlptVm1kRUpvYTFwRFNYUlBSbTkzUmtkSiJ9.gekAoKmv2lhNPlffWpKAV9_-BwVbkojBWSZd6s0X_D1N3Na5doQAIkj8Nvj9fxfuhKeMokxOSX9FWvkd7dCQ6w
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6de97faf18c0cab0-YYZ
access-control-allow-headers
Origin, Content-Type
content-length
0
truncated
/ Frame 87D8 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ab55209f2f17d121aea6f96f6ccc11bd19123a613697d556d839c67e5864299

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
match
cms-xch-chicago.33across.com/ Frame 894F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&khaos=KZQ05UC7-18-F2S3
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KZQ05UC7-18-F2S3&gdpr=0&gdpr_consent=undefined
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZQ05UC7-18-F2S3&ts=1645043059&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZQ05UC7-18-F2S3&ts=1645043059&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:20 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:19 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KZQ05UC7-18-F2S3&ts=1645043059&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
place.json
fr-actions.trackonomics.net/prod/pl/buzzfeed/www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement/ 		243 B
586 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fr-actions.trackonomics.net/prod/pl/buzzfeed/www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement/place.json
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-17.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
544ab4437a946a6c831665fe008da5393a0dfa0dddc11145826f38c2ba5927e1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:19 GMT
via
1.1 978d7ccfdbed8c0e3015142e29dd5c5c.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
EWR53-P1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Error from cloudfront
content-type
application/xml
access-control-allow-origin
*
access-control-allow-methods
GET
x-amz-cf-id
wD1QacK562iRQ_i67o6JW-5L48vMSW_ZRzx47eaqve7xWFPcnrW1-A==
gn
secure-dcr.imrworldwide.com/cgi-bin/ 		44 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=us-308174&ch=us-308174_c04_usnews_S&asn=usnews&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=og1bgxveuvbfyzgatkv1gewjslblv1645043056&prv=1&c6=vc,c04&ca=NA&c13=asid,P77672CB5-D3F4-4EBC-8161-08175209A620&c32=segA,editorial&c33=segB,bzfd&c34=segC,us&c15=apn,BuzzFeed%20News%20Webapp%20Static&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,kltclqwzpb4gg1p0xfxnsixwy4ezm1645043056&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16450430565745732&c30=bldv,6.0.0.615&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=17f959bc9f7&c3=st,c&c64=starttm,1645043058&adid=17f959bc9f7&c58=isLive,false&c59=sesid,&c61=createtm,1645043058&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&c66=mediaurl,&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&c62=sendTime,1645043058&rnd=781507
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.247.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-247-56.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:19 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/13970195915132728267/ Frame E8BD 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13970195915132728267/downsize_200k_v1?w=600&h=314
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eabfe9af04dadbac29b08e11b51df2f3a12062410b68b6f0663140fa5ae19a4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 05:51:36 GMT
x-content-type-options
nosniff
age
52363
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25344
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 22:10:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 Feb 2023 05:51:36 GMT
truncated
/ Frame E8BD 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E8BD 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E8BD 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19f40bd90cad97e5e897fe9878e53fe85d0803e078e32969774ba391afc56a9c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame E8BD 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.buzzfeednews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 18:11:09 GMT
x-content-type-options
nosniff
age
94390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 18:11:09 GMT
visit.js
tps.doubleverify.com/ Frame 55B2 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=813&ttfrms=41&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3FKK7665%3F6HD%5D4%40%3ETau2CE%3A4%3D6Tau6%3D%3D%3A6G92%3D%3DTauAC%3A%3F46%5C2%3F5C6H%5CG%3AC8%3A%3F%3A2%5C8%3AF77C6%5CD6EE%3D6%3E6%3FETbuFE%3E0D%40FC46Tbs%242%3A%3DE9CFTaeFE%3E0%3E65%3AF%3ETbs6%3E2%3A%3DTaeFE%3E042%3EA2%3A8%3FTbs_aTau%60eTaua_aaTada_x%3F4%40%3E%3A%3F8Tada_%3F6HD%3D6EE6CTaeFE%3E0E6C%3ETbs%7D6HDTada_4%40%3F7%3AC%3E65Tada_%3D%3ADEU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3FKK7665%3F6HD%5D4%40%3ETar9EEADTbpTauTauHHH%5D3FKK7665%3F6HD%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1645043059602848&jsCallback=dvCallback_1645043059602528&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2197&tgjsver=2197&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&fwc=0&fcl=2244&flt=19&fec=645&fcifrms=9&brh=2&sdf=2&dvp_epl=483&noc=4&ctx=24202625&cmp=DV687344&btreg=4706670853138236289402&btadsrv=4706670853138236289402&adsrv=104&unit=1x1&turl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement%3Futm_source%3DSailthru%26utm_medium%3Demail%26utm_campaign%3D02%2F16%2F2022%2520Incoming%2520newsletter%26utm_term%3DNews%2520confirmed%2520list&seltag=1&sadv=4582675880&ord=2331632616&litm=4706670853&scrt=138236289402&splc=/6556/bfnews.desktop/en/news/promo-inline1&adu=21721729487&spos=promo-inline1&c1=news&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_scripthash=1&t2te=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=10843168625.037363&dvp_tukv=30238157453.332104&dvp_uuid=12224745549.274664&dvp_tuid=777841718491
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.76 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb106.doubleverify.com
Software
/
Resource Hash
5ad7509b8cc9c097a9fab90c22277c50de495c9871eda1e39ecc5d00b8d36e62

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:17 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
02/15/2022 20:24:19
shopping
encrypted-tbn1.gstatic.com/ Frame F3EB 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQRywEZ4BPpHEgy6jFzAb6WoYO3HBJSVxyuuXh6kopPghg_yXNVc3Gba3PU5A&usqp=CAI
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a880f3013e466ede6d06458533b2b6c8dc9259dcb27dfc2142df9a34dc193ee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:40:55 GMT
x-content-type-options
nosniff
age
546204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38775
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 16:04:57 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 10 Feb 2023 12:40:55 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame F3EB 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSPPH7FGVJ_5GuM2DvjnmFt1PHfUSEfSGGQW47lBHVvNJWb39Fu-1VLFuTAAe0&usqp=CAI
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ef82fbc23b908eae33239c4d72b925ae1ea4d99cb91795759d9712c26ed0587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:18:15 GMT
x-content-type-options
nosniff
age
364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30009
x-xss-protection
0
last-modified
Sat, 05 Feb 2022 16:05:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 16 Feb 2023 20:18:15 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame F3EB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRyV4IXlO7Y3IOP4G1M2UETHo58DbvtnO0RZjjtzfPgXr_4oquM70vb_8DWE7o&usqp=CAI
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67beeabef8a2e2cab240d88e2b5d214c7387e4902189ac9ed1cd23ec17fca1d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 13:55:17 GMT
x-content-type-options
nosniff
age
23342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10942
x-xss-protection
0
last-modified
Sun, 26 Dec 2021 19:03:55 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 16 Feb 2023 13:55:17 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame F3EB 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSEEuuiaErrnvOtAE7toY3_H83msOTAJj9in_4TPIAlT5DLIIXKwecRCz3uag&usqp=CAI
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e83cb7b101f824599024cdc06ceb4b50404286f66d423dd5e5d6caf58a5c24d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 01:22:58 GMT
x-content-type-options
nosniff
age
586881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14628
x-xss-protection
0
last-modified
Sat, 22 Jan 2022 17:29:40 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 10 Feb 2023 01:22:58 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame F3EB 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQfqb6IMM-VPBcQV_qiapZ5-RqlvfM62bFAUotzOS1CghACK6_lwYLeZlW6nSw&usqp=CAI
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99d027e214c03513af637820c32a39e2d6b16b5790e8276c9132c50f37d657f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 23:38:40 GMT
x-content-type-options
nosniff
age
74739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Mon, 27 Dec 2021 15:24:38 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 15 Feb 2023 23:38:40 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame F3EB 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSXJaYbE6aPhkORCksljHpiz6KNSq7AJF4RXz4IpgRDWpE-G47YPigSu7SfpA&usqp=CAI
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be0d2ef318c65c37c17ccc5f76d95627708c8d04c172866c10726501db8d7f0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 21:38:09 GMT
x-content-type-options
nosniff
age
427570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28238
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 02:48:03 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 11 Feb 2023 21:38:09 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame F3EB 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTUV9aASWOkfVI3VViEY81FZlrEqzo5II7KO-1otSu4iZ-D0dvL&usqp=CAI
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fed393f873e036678e4595a74baf543c9f6f457f87d554487d354507390d1f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:25:40 GMT
x-content-type-options
nosniff
age
111519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21919
x-xss-protection
0
last-modified
Sun, 22 Oct 2017 23:09:33 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 15 Feb 2023 13:25:40 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F3EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4lXdcV0NYvjYIraOoPwPzvqmwAiygN6FZ9nUo871C5aCzYWIFhABIJuohzdgfaABoNO1wALIAQngAgCoAwHIA8sEqgTZAk_QduvqCGMWZ83OF48wAhkFe3I3IiKO5-NJmCw2t8vsei2hZHtxysKkhHTt8eLbnwFydlBIWKwBBYeZCwJATUf1GO574XwnX1Y60lycZtvZg1cNxvE69-CPZlZeRJcfMbPasN77rhEhLJJkFCK7ZsgPbCYzebFRzwvbl5jBWhOsYGgz1gb1ECNF4j3nf813fJpF8f9gFJA_PebIa2eXaSnKpJtqE3ZRixoldX325wY6Gnw1rG5iHdJwIST-VuNT7FCrBRgIkKS9rFoRN_pya0jNyHEBU77LTfTfYOsWwgWn5dmJLKnxAH1ZtJ4xdm0dCz5UzudLqFNiRyZn0VIveF3K3HBsB3sm18YhZzh-eRe2tUhcBMjVRGBFkvzH-4m0FB0KrpFDxjjp4VaUrRiv-29PyU0YRcc3jFwjyvyZO1o_HK-pOHYPbkUuIIVXgjnZ6mUKQDPoZOQ96sAE4e2T9JwD4AQBkgUECAQYAZIFBAgFGASgBi6AB8isyr8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEENqgFdIIBwiIYRABGB2ACgPICwHYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTYzNjk1Mzc3NzE1NTg3Nhjd0Q0&sigh=PO1QzLyRGvU&uach_m=[UACH]&template_id=494
Requested by
Host: 6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
URL: https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame F448 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E8BD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 17:24:30 GMT
x-content-type-options
nosniff
server
cafe
age
10790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 17 Feb 2022 17:24:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E8BD 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 00:17:40 GMT
x-content-type-options
nosniff
server
cafe
age
72400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 17 Feb 2022 00:17:40 GMT
truncated
/ Frame F3EB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c747fe976d3edef0ca13c9a36f91347f91e6af11b3d4fd257f2ee1101705f2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame F3EB 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 19:30:15 GMT
x-content-type-options
nosniff
age
3245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 19:30:15 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8981
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 16 Feb 2022 20:24:20 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 20:24:20 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 16 Feb 2022 20:24:20 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pxHkm2-HxYlJ2clKwIK610_mLBl57TmuFqT0_zZ6EhE.js
pagead2.googlesyndication.com/bg/ Frame B861 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/pxHkm2-HxYlJ2clKwIK610_mLBl57TmuFqT0_zZ6EhE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=1492355752&adsafe=medium&client=ca-pub-5722610347565274&format=728x90_as&ip=149.56.153.181&output=html&unviewed_position_start=1&url=https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement&sub_client=bidder-506165&hl=en&aceid=MDasFQDGGrQAYBu0AGQbtACZ5NMA-VU0AeJgNAGNYTQBgXA0AU1xNAH7cTQBJHI0AVFyNAFscjQBqHI0AchyNAFWczQBa3M0AXVzNAGCczQBg3M0AZxzNAGeczQBn3M0AaNzNAGrczQBrnM0AbFzNAG6czQBzHM0AdlzNAHbczQB3XM0Ad9zNAHhczQB4nM0AeZzNAHuczQB93M0AftzNAH-czQBAXQ0AQV0NAEGdDQBCHQ0AQt0NAEMdDQBD3Q0AUtzQQFTc0EBAXlBAYEdXAK8HVwC5h1cAvEdXALX9ogCQfeIAmj5iAInQqoCKEKqAilCqgL0UaoCdFWqAghfqgIfX6oCzWGqAs9rqgL9eKoCsZqqAoCbqgKBm6oCgpuqAvSdqgKzpKoCoqaqAqanqgKiqKoCTqyqAtiuqgIDr6oCuLCqAiO0qgK2tKoCU7qqAgK_qgJlv6oC7MGqAsjIqgLLzaoCB9GqAt7SqgLO06oCrdaqAtvWqgJv16oCqtmqAr7ZqgIC2qoCutqqAh3bqgJ83qoC7N6qAjPgqgJ74aoCY-OqAvPkqgIb5aoCoOWqArjpqgIH6qoCPeuqAnjrqgKO7KoCleyqArjsqgIz7aoCVu6qAnbuqgJ076oCqe-qAuDvqgIE8KoCJ_CqAjHwqgLM8KoC0_GqAtfxqgIY8qoCMvKqApPyqgLb8qoCwPOqAtDzqgLi86oCI_SqAoz0qgKh9KoCx_SqAr71qgI59qoCe_aqAsb3qgLw96oCJviqApXzFAOfssUFgwf5CNCGIwqPoTURJ5H7EgOs-xKItPsSWbX7ElnK-xJgyvsSBcv7Errc-xKa4PsSkuv7EiDs-xLG7PsS4e77Ehrv-xKc7_sSBvD7Ejfx-xJK8vsS6PL7Eizz-xIz8_sSW5_qFPdWaxo&awbid_c=AKAmf-CUSbl7En3nYnGih3sk3mKsQAsLDU79_m3VtRjoO4WWdq8Pz3NkGxDHULgTgYTzRSsbr6DfVx8rUw7OatUyboaBaxd_XOWqkGi3EBG2YKOjk9op509Afmogj61o-QkKjcuK2cDMez-Fy1f2FX7ZO61aGD43IASsLy9xlGKoRnsDBrc2CHQ&awbid_d=AKAmf-AjhsE5hK2btM9_JXL9lZKRnGzw7LJUe-NH7dkakJiTu_4YP5LTDTe9fS7lysZbcw9lhGuS50sExmwS-ds4BGX0qWvZ1nfkLfA8-vD9OXrh0h23WLZoFUAnsZIhA3zYntPZBlXZ6xp1kyBTGM68sD8ehJTxcNXzaiCZ4q8HK00JJT1fJwcjB0Uph654ziIVokYMKYZvpimBQA3rvFVf3XPIbJJNfJLE_u5OXEPF656OFLHMB07sotpHSCDygCRRlTDAgszWItRU46R0n75q3VNT1Yov4iliChRMvRPyUbh05QlHHEFA_aIgh0_Mhavy8yRUg7lJW1-_UE4-ozkgPT9iGr5oRD-B8A4nUVsRjL8FUeKAiO-mjsrXMGtUE-RLY-pZ8pJBNP8QLQvH7VmsEHHlyE7FiEZtvlIwz39jMuNXDkWF1Gt5SQt6DDOCn8Y7DDBHoTTUCQiT7E2gZPPbysdLqn5wflklC8riEjJQUzC-Ygta9sBYE4n7SYGygUned3m1pzE8kuvLpD3RUKvLm-W_bJZ0jI5fJp5Uxg_S9Or9-zD0lRVPB2z2REj5ZEwoTdkd_joX5sIsoyray9uywqh6xVHQjYCmk7paM0_XpiaRB7MA_v1j3gYfpRRNwCfZZtx2wOITIDaRsSfEevTCfla1B6T-bpG5c5YbWm-WcOKFGfGkylKFXoI2SWSWNUg-mPWtioRFc0fSjutbvSmfZCmE87lYUdXvF6yHLafmebh8QKPOrlINwHuJ9UiWBc3Ry25WsmXjpAGVDU4YynKqMcfphapAhLEpTMKhNlq0zI0H_yCEPwk-Jt8q6QwNaq6Rlbm2w426Vztnly3QxmuDKyZ2pRSa2EKRT-auRi9n7Rbkm2K5kjBcjGFtlpNmMRzw5h1SUn91ejF4bKuzObrsSUURpVBYlg&cid=CAASBORoEUM&exk=1170223298&rfl=https%3A%2F%2Fwww.buzzfeednews.com%2Farticle%2Fellievhall%2Fprince-andrew-virginia-giuffre-settlement&a_pr=13:Yg1dcAAAAADIzzuJ8NuaNAWVoeN9a-WzeAgG-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a711e49b6f87c58949d9c94ac082bad74fe62c1979ed39ae16a4f4ff367a1211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 05:23:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
572458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13734
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Feb 2023 05:23:22 GMT
amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
pagead2.googlesyndication.com/bg/ Frame B8E9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/b-7b120a5-f6b516c6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 01:40:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
153801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13572
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 01:40:59 GMT
link
t.skimresources.com/api/ 		22 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/link
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:20 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.buzzfeednews.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API", 299 - "Deprecated API"
alt-svc
clear
content-length
22
track.php
t.skimresources.com/api/ 		22 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/track.php
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:20 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.buzzfeednews.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API"
alt-svc
clear
content-length
22
ct.html
www.pinterest.ca/ Frame EAA4
Redirect Chain
  • https://www.pinterest.com/ct.html
  • https://www.pinterest.ca/ct.html
413 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.ca/ct.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.251.243 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-251-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a152deb882dd0461cce156950f66058192be0152aebd37f94003a4731b97cd5a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-7325c22487246e3f7bce228be2c179e7' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=8795717152127941; frame-ancestors *
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p
CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-7325c22487246e3f7bce228be2c179e7' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=8795717152127941; frame-ancestors *
content-security-policy-report-only
script-src 'nonce-7325c22487246e3f7bce228be2c179e7' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
link
<https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
118
pinterest-generated-by
coreapp-webapp-prod-0a03c2ca
content-encoding
gzip
pinterest-version
2373bd0
referrer-policy
origin
x-pinterest-rid
8795717152127941
date
Wed, 16 Feb 2022 20:24:20 GMT
content-length
279
akamai-grn
0.8723df17.1645043060.26cda208
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location
https://www.pinterest.ca/ct.html
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
100
pinterest-generated-by
coreapp-webapp-prod-0a03e002
content-encoding
gzip
pinterest-version
2373bd0
referrer-policy
origin
x-pinterest-rid
1038610579992508
date
Wed, 16 Feb 2022 20:24:20 GMT
akamai-grn
0.8723df17.1645043060.26cda1f9
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
m-outer-21b66fa0c573e809345fe202113a4338.html
js.stripe.com/v3/ Frame 6A5A 		240 B
550 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9a280ca12a2d4400a93d3a9faf5e18bb2f65091a76e4cfe41b78621baab826f2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

last-modified
Tue, 15 Feb 2022 21:02:56 GMT
etag
"21b66fa0c573e809345fe202113a4338"
content-type
text/html; charset=utf-8
cache-control
max-age=31536000
content-security-policy
default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
server
Fastly
content-encoding
br
accept-ranges
bytes
date
Wed, 16 Feb 2022 20:24:20 GMT
via
1.1 varnish
age
64
x-request-id
90bb9e00-2d21-483d-9076-86b61dabf41d
x-served-by
cache-yul12829-YUL
x-cache
HIT
x-cache-hits
76
vary
Accept-Encoding
timing-allow-origin
*
content-length
140
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021001&st=env
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c24b0fd65be374c11cb083a16115414ee9ac100e32579cbfe06b6ad668a56d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 20:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9755
x-xss-protection
0
csp-report
q.stripe.com/ Frame 6A5A 		0
357 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 16 Feb 2022 20:24:20 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
2
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
m-outer-5c4150bc004c99291dfd234a82c582e0.js
js.stripe.com/v3/fingerprinted/js/ Frame 6A5A 		1 KB
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-5c4150bc004c99291dfd234a82c582e0.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
119
x-cache
HIT
content-length
645
etag
"d0c7e21ec457b6a134a496f107c3ca93"
x-request-id
b8103288-0862-4650-86c2-bb0df1c33cca
x-served-by
cache-yul12829-YUL
access-control-allow-origin
*
last-modified
Tue, 15 Feb 2022 21:03:02 GMT
server
Fastly
date
Wed, 16 Feb 2022 20:24:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
298
inner.html
m.stripe.network/ Frame 4B65 		932 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-5c4150bc004c99291dfd234a82c582e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-81.ewr53.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
content-length
932
last-modified
Fri, 28 Jan 2022 20:07:53 GMT
accept-ranges
bytes
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
date
Wed, 16 Feb 2022 20:22:02 GMT
cache-control
max-age=300, public
etag
"f6254e6dd0cb06228801a1c8baf0939f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
UWtJUU7H4B7nuwyP47GNCV9SyKBYWDRDsySj98TbWqmhsTlutqcTug==
age
139
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 20:24:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5952 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 08:39:37 GMT
expires
Thu, 16 Feb 2023 08:39:37 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
42283
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A9FC 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e0e0d4639af8ecba90af219240c0653017e48f615eafde2b40b4ba50e0ca9d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0Y+kJ+KTb3b2bxTAwBbAYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 16 Feb 2022 20:24:20 GMT
date
Wed, 16 Feb 2022 20:24:20 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-0Y+kJ+KTb3b2bxTAwBbAYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csp-report
q.stripe.com/ Frame 4B65 		0
130 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 16 Feb 2022 20:24:20 GMT
x-envoy-upstream-service-time
3
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
out-4.5.41.js
m.stripe.network/ Frame 4B65 		85 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.41.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-81.ewr53.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
61
x-cache
Hit from cloudfront
date
Wed, 16 Feb 2022 20:23:21 GMT
last-modified
Fri, 28 Jan 2022 20:07:53 GMT
server
Cloudfront
etag
W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
EWR53-P1
timing-allow-origin
*
x-amz-cf-id
dHv3iE2pmpDfXVO_kIkAzgsKPHffULJA8DgjRwVJ1skSCfjVOOsgzA==
6
m.stripe.com/ Frame 4B65 		156 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.230.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-230-186.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
68d3b3695e9f762feacb3392df8a5fcea37febe2c95acff9b0b21a6b4cf492eb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 20:24:21 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
k5pT0KbHUu3hEt9efW2jJzl2Td-_ix6W4xkPXjNBIu0.js
pagead2.googlesyndication.com/bg/ Frame 5952 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/k5pT0KbHUu3hEt9efW2jJzl2Td-_ix6W4xkPXjNBIu0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
939a53d0a6c752ede112df5e7d6da32739764ddfbf8b1e96e3190f5e334122ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 01:40:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
153807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13550
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 01:40:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A9FC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021001&jk=3670350196294164&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
/
www.pinterest.ca/_/_/csp_report/ Frame EAA4 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.ca/_/_/csp_report/?rid=8795717152127941
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.251.243 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-251-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-119530aefc955fb504c041c31a52ac45' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=9923933778240381; frame-ancestors 'self' , script-src 'nonce-119530aefc955fb504c041c31a52ac45' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=9923933778240381
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-119530aefc955fb504c041c31a52ac45' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=9923933778240381; frame-ancestors 'self' , script-src 'nonce-119530aefc955fb504c041c31a52ac45' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=9923933778240381
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.8723df17.1645043060.26cda217
content-security-policy-report-only
script-src 'nonce-119530aefc955fb504c041c31a52ac45' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
50
vary
User-Agent, Accept-Encoding
x-pinterest-rid
9923933778240381
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
2373bd0
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Wed, 16 Feb 2022 20:24:21 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03db66
/
www.pinterest.ca/_/_/csp_report/ Frame EAA4 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.ca/_/_/csp_report/?reportonly
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.251.243 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-251-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-194f05ded1aa2a3025737eb94bc6d0f4' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6520839459796448; frame-ancestors 'self' , script-src 'nonce-194f05ded1aa2a3025737eb94bc6d0f4' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=6520839459796448
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-194f05ded1aa2a3025737eb94bc6d0f4' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6520839459796448; frame-ancestors 'self' , script-src 'nonce-194f05ded1aa2a3025737eb94bc6d0f4' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=6520839459796448
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.8723df17.1645043060.26cda219
content-security-policy-report-only
script-src 'nonce-194f05ded1aa2a3025737eb94bc6d0f4' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
32
vary
User-Agent, Accept-Encoding
x-pinterest-rid
6520839459796448
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
2373bd0
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Wed, 16 Feb 2022 20:24:21 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03fa29
/
www.pinterest.ca/_/_/csp_report/ Frame EAA4 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.ca/_/_/csp_report/?reportonly
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.251.243 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-251-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-4375de784d7a9867aef9e3bb66fc9c8a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6877853628481009; frame-ancestors 'self' , script-src 'nonce-4375de784d7a9867aef9e3bb66fc9c8a' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=6877853628481009
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-4375de784d7a9867aef9e3bb66fc9c8a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6877853628481009; frame-ancestors 'self' , script-src 'nonce-4375de784d7a9867aef9e3bb66fc9c8a' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=6877853628481009
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.8723df17.1645043060.26cda21a
content-security-policy-report-only
script-src 'nonce-4375de784d7a9867aef9e3bb66fc9c8a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
67
vary
User-Agent, Accept-Encoding
x-pinterest-rid
6877853628481009
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
2373bd0
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Wed, 16 Feb 2022 20:24:21 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03ebee
PugMaster
image6.pubmatic.com/AdServer/ Frame 9DA4 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14304131&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1b5def6f25ce8f54cbbe30878cbc30176df2f154a9432aa421efec1efeed071a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:20 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generate_204
tpc.googlesyndication.com/ Frame 5952 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?m5DWoQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 23EE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3310620d-5d72-4000-add8-9f18524c05bb&gdpr=0&gdpr_consent=
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3310620d-5d72-4000-add8-9f18524c05bb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 20:24:21 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug017:0:503
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 16 Feb 2022 20:24:21 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master cdg-pixel-x16 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3310620d-5d72-4000-add8-9f18524c05bb&gdpr=0&gdpr_consent=
Expires
Wed, 16 Feb 2022 20:24:20 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5A6A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEX1gwN0VHcnNBQUhyeEo4V2pjUQ&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD_X07EGrsAAHrxJ8WjcQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAD_X07EGrsAAHrxJ8WjcQ&pid=558502&do=add
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAD_X07EGrsAAHrxJ8WjcQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD_X07EGrsAAHrxJ8WjcQ
42 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD_X07EGrsAAHrxJ8WjcQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 20:24:21 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug006:0:484
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 16 Feb 2022 20:24:21 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD_X07EGrsAAHrxJ8WjcQ
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync.aspx
dis.criteo.com/dis/ Frame CA07 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 16 Feb 2022 20:24:20 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Wed, 16 Feb 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
531766
strict-transport-security
max-age=31536000; preload;
Pug
image2.pubmatic.com/AdServer/ Frame E9A3
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_7edf3424e5964fe0bc833
42 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_7edf3424e5964fe0bc833
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 16 Feb 2022 16:50:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug022:0:343
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_7edf3424e5964fe0bc833
content-type
image/gif
content-length
0
date
Wed, 16 Feb 2022 20:24:20 GMT
server
a
usersync
rtb.gumgum.com/ Frame 791D 		35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=pbm&i=DDEC82A8-7793-40F5-9468-CD25DF98A6EA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.234.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-234-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 16 Feb 2022 20:24:21 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*
33141
tags.bluekai.com/site/ Frame 9DA4
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=DDEC82A8-7793-40F5-9468-CD25DF98A6EA
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=44282d203f9f42a2e7e7a76349051562
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=ba33a6a68c4cf933
62 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=ba33a6a68c4cf933
Protocol
HTTP/1.1
Server
23.209.184.224 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-184-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:21 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=ba33a6a68c4cf933
content-length
0
p.gif
visitor.fiftyt.com/ Frame 9DA4
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&gdpr=&fbounce=1
0
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&gdpr=&fbounce=1
Protocol
H2
Server
35.201.96.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
126.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:21 GMT
via
1.1 google
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
clear
content-length
0
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date
Wed, 16 Feb 2022 20:24:21 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&gdpr=&fbounce=1
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
144
g.pixel
aa.agkn.com/adscores/ Frame 9DA4 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-93.ewr53.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:21 GMT
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR53-P1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
4VIlFKqzZn7e7CghfC3obU97Ys8xzmIsuCF44IEh8rXU9Kri9TUELg==
expires
0
/
io.narrative.io/ Frame 9DA4
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:DDEC82A8-7793-40F5-9468-CD25DF98A6EA
  • https://io.narrative.io/?io.narrative.guid.v2=6c7e3790-8f66-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:DDEC82A8-7793-40F5-9468-CD25DF98A6EA
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=6c7e3790-8f66-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:DDEC82A8-7793-40F5-9468-CD25DF98A6EA
Protocol
HTTP/1.1
Server
44.198.222.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-222-213.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:21 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=6c7e3790-8f66-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:DDEC82A8-7793-40F5-9468-CD25DF98A6EA
Date
Wed, 16 Feb 2022 20:24:21 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
DDEC82A8-7793-40F5-9468-CD25DF98A6EA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9DA4 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/DDEC82A8-7793-40F5-9468-CD25DF98A6EA?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:efb6:c060:3207:6cbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 9DA4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LM53lXNE2uXowYFhEN06bxkY.MC3xYc-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LM53lXNE2uXowYFhEN06bxkY.MC3xYc-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LM53lXNE2uXowYFhEN06bxkY.MC3xYc-~A&gdpr=0&gdpr_consent=
date
Wed, 16 Feb 2022 20:24:21 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9DA4
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=26e85a5e10561215&is_secure=true&networkId=17100&version=1&nuid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbUjPkon_CwN-sW0BAAAAAAA&expiration=1645129461&nuid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&...
42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbUjPkon_CwN-sW0BAAAAAAA&expiration=1645129461&nuid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:21 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug005:0:445
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbUjPkon_CwN-sW0BAAAAAAA&expiration=1645129461&nuid=DDEC82A8-7793-40F5-9468-CD25DF98A6EA&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9DA4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=6a6bd311-8f66-11ec-8001-f99ddf8e8f45&gdpr=0&gdpr_consent=
1 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=6a6bd311-8f66-11ec-8001-f99ddf8e8f45&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:21 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug014:0:926
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=6a6bd311-8f66-11ec-8001-f99ddf8e8f45&gdpr=0&gdpr_consent=
Date
Wed, 16 Feb 2022 20:24:20 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
6c70f1b7-8f66-11ec-a067-9f07980f3cf4
Pug
image2.pubmatic.com/AdServer/ Frame 9DA4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5639511748561466636&gdpr=0&gdpr_consent=
42 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5639511748561466636&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:21 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug005:0:521
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:21 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 562.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
5451816e-9296-44d1-aa9a-b51a74dbc4cd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5639511748561466636&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 9DA4 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.70.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-70-15.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
activeview
pagead2.googlesyndication.com/pcs/ Frame E8BD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviAG6w6CHONzkzePm1Y7wtdixCMcpBZ2q4VkG1Oy_7vKN6xMVQCHNjYSjR06vvI5MkmKTYEd9RXShhu-zcDtFllBETGRWCGN98QJXwZIj1hs_e8lE&sai=AMfl-YS4UmkH6WX-EpH1XIVO4xkEcKenRERNJ3DQQF_d2S1TF9ZZC_-UZ3WQgeKpdcSr7cvLBMKH_RsuzELuuhonhDd8em1xbljx9uW_iRVRTw&sig=Cg0ArKJSzC9kxYAoC3oFEAE&cid=CAQSLgCNIrLMrHov7HQrv4CVcvpdCfOhKWLL4zYN4wSi-NeRe2YsFjpJB3Jr6lMdJSI&id=ampim&o=0,16&d=1600,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=1646&tls=2647&g=100&h=100&tt=2647&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1639429597
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F3EB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCensxtsDjSLNanHw2UJwjIJGySUn8UmFSKlh0xvUayRUJZEdx2v-uc8veS2DMN7WXNGRdJbboPUBlhb10XPnql6jkB-OC7ABTi2ng4c6tA5HcWQ8&sai=AMfl-YSTVkc6830seSoNyLcvP1gaiE2Ss0f9mgYGESsUYvbEFu95PwoXC74LjbGgjtNyoVFF859nPeMzLixEnRqFR6RwctjtzOuGozfv6rLTM3EaKxRclk65TD-NJIR25Yo&sig=Cg0ArKJSzJ2BpkmybXDFEAE&id=lidar2&mcvt=1008&p=556,1058,1156,1358&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1173126773&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645043058501&rpt=1743&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021001&jk=3670350196294164&bg=!oaKloubNAAbf-5Dq3_s7ACkAdvg8Wj5KKR9FI9qzZzryVppIGzgco8wtMkJ9OpCyT3Tdr9u3qBoeNQIAAACJUgAAAANoAQcKAMTpxKMioNOL4pcOYvrjWpwJ4OijdQEAUCTgUd_2QpoYfvAUf49sEZrtON0vw_boVLgk4fXKTQwcwTuP4kt5SRd8ZdpqnA-Es0rwclvIn3WMTy_CTbOrOjkYmE2EyDV9KwvZdKPkjQdlbaimak8pAbvA_Bvb8U8rM8mNLULVjxvCM1aWjsy8leMsWipAInKHXrJ_0mik59c7Bd-sL4dgdMGEAPoeKQbj4pMFVRXsZg_MzeiqkT013ugQs7V2G25WzfIEn_wCmQK-8don-Gvtq_O8uGIO1MWi6d4tqBEbou2re9Jx6A3DIkwsXtD2lbUA52WVTIltC5UmncXVqKJF289I2ryBsQ_Erzm99iEtLi73QcGUmsYqaJQsgqgPfF0bFw4cWBp1Z4hmeA0mR_jJH3iNM-U1PxKLTuQXafxQlBQP_CFSB8VdMAglUs601HzQoM9VpADD9mOACQTGoOIG8LEHoIcnGY_PsL4_grFVohFnK27yOmIRpN_Y4H77ex60xvp3RrasJrMSSCcbBuiyGldjhWZ3QG87QByjZVGr10kGHKTHMBzB-NFY4HkHhptKGgfF_Twirn__nf_uBu30dZwBDumJgB-I0p9PVyZTeAB840U72T075ao0pGFnBzEDgtxSy9-58YQxQlDfeHcpwsDjUiVrvqDyba-wMS3ykdghlbLWDXA9eL0TsaUQ-TX-utHk9B_Wo9q9oxPNsxjl3gqb9uRSYFpv2ZK5RwqdBe1p8facPRtvNdbL7yeefEnX0K8p8JX_LW43oJ3_hJobehnp1AI4mtFseE1HZ_AIkEQp4c2mHU5_aTPwY3aFFfNN_b7R6pQqdlNVhpUVwnN3AuamGk5JElYBX_RP6B5zqh0cXP5Zgx4XJ2rCC-6PvSl3StPrVT-RPqBT_-WxEG_Ct80HlA9GTs-APzKWT-jHeYigCH4NHkzNGRzUH0szNASx_n48wNq6Xacw0nBIpWI8Hheh8mo_50hoc5Nlmofs9l_Y8g6ocwgujUDOKM_uEnk3T15VmZEfr_N0CUsiGgMd8v_t_nocH47mqPwLvcuc4c1GvZ_3_5KbUTQYCwyrH3jHtOoqa7uTQqo2pPCZchNvznFbBJhqwEkmdN0_ksVT8ACplhDdCIh3PoHQ99x3jNXQ9PK9Kp9ADPhju-HO6ZxtwkhTzam-DPJ4S7MT8uYYC3vQpyeYcz_i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-nyc.doubleverify.com/ Frame 55B2 		0
237 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-nyc.doubleverify.com/event.png?impid=b4e5c110e72f4d4182fac447faa93de1&gdpr=&gdpr_consent=&dvp_gdv2_Func=1&dvp_gdv2_Applies=0&dvp_gdv2_Succ=1&dvp_gdv2_Dur=0&dvp_gdv2_Doms=0&dvp_gdv2_Dome=0&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&dvp_atali=1&vdur=69&eoid=8&msrjs=2197&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=0&tetms=17&msltms=62&vltms=69&sei=290&vetms=465&engms=1&engisel=1&ttfurm=2573&cbust=1645043062140468
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2197.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.84 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb114.doubleverify.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.buzzfeednews.com
Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
02/15/2022 20:24:22
pixel.gif
load77.exelator.com/ Frame 0B68
Redirect Chain
  • https://loadus.exelator.com/getid?p=1480&g=1&j=0&asid=P77672CB5-D3F4-4EBC-8161-08175209A620
  • https://load77.exelator.com/pixel.gif
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Protocol
H2
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-nzt
AZySJBbL5vz/SEULAA
x-accel-expires
@1645341230
date
Wed, 16 Feb 2022 20:24:22 GMT
etag
"59f0c3fc-2b"
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
x-77-nzt-ray
YJHsUtWU82Q
x-77-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-cache
HIT
x-age
738632
accept-ranges
bytes
x-77-pop
newyorkUSNY
content-length
43

Redirect headers

date
Wed, 16 Feb 2022 20:24:22 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
insync
thrtle.com/ Frame 0B68 		43 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10071&vxii_pdid=6a35ce30-8f66-11ec-ad2a-1744ab9e2f8f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.151.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-151-157.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
server
p3p
CP="NOI OUR BUS UNI COM NAV"
content-length
43
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/gif
envelope
api.rlcdn.com/api/identity/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13577
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/pages/_app-dc83a9f42ded8aba4257.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buzzfeednews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.buzzfeednews.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1183 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static/js/advertiser/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.160.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 17 Feb 2022 20:24:24 GMT
Date
Wed, 16 Feb 2022 20:24:22 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FA68 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static/js/advertiser/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.160.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 17 Feb 2022 20:24:24 GMT
Date
Wed, 16 Feb 2022 20:24:22 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 51EC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static/js/advertiser/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Feb 2022 20:24:22 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame C73B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static/js/advertiser/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 16 Feb 2022 20:24:22 GMT
Connection
keep-alive
sync
eb2.3lift.com/ Frame 7434 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static/js/advertiser/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
d4ab83418e9b970fcd64d5ca286490d8038de6a2c3a254cb3d412fea7cca59b3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
content-type
text/html; charset=utf-8
content-length
460
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
ixmatch.html
js-sec.indexww.com/um/ Frame A071 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static/js/advertiser/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 16 Feb 2022 20:24:22 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 20C8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static/js/advertiser/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 16 Feb 2022 20:24:22 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 809D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.buzzfeednews.com
URL: https://www.buzzfeednews.com/static/js/advertiser/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.160.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 17 Feb 2022 20:24:24 GMT
Date
Wed, 16 Feb 2022 20:24:22 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=themediagrid
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3440646926031390032&ssp=themediagrid
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=3440646926031390032&ssp=themediagrid
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:22 GMT
server
nginx
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=3440646926031390032&ssp=themediagrid
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usync.js
eus.rubiconproject.com/ Frame 51EC 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e009af7aa3b52160130eb7157c1a7f60424fe9757266d0be870a3689815fe0b4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84155
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 17 Feb 2022 19:46:57 GMT
xuid
eb2.3lift.com/ Frame 7434
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=92950dbd-51f7-47e4-8829-8240cbc07bc0&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=92950dbd-51f7-47e4-8829-8240cbc07bc0&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=92950dbd-51f7-47e4-8829-8240cbc07bc0&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuidmid=7976&xuid=O2356Yufp&dongle=u6nf
eb2.3lift.com/ Frame 7434
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=O2356Yufp&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=O2356Yufp&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=O2356Yufp&dongle=u6nf
date
Wed, 16 Feb 2022 20:24:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 7434
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJkiqGWdpQ1VxLvzBnvRaW4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJkiqGWdpQ1VxLvzBnvRaW4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJkiqGWdpQ1VxLvzBnvRaW4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7434
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY5MDY1MjY0OTY4OTQwNDk2NDQ3OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY5MDY1MjY0OTY4OTQwNDk2NDQ3OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY5MDY1MjY0OTY4OTQwNDk2NDQ3OA%3D%3D
date
Wed, 16 Feb 2022 20:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 7434
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1690652649689404964478&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1690652649689404964478&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7cfd324b-2035-4c6d-a002-61534655a34b&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7cfd324b-2035-4c6d-a002-61534655a34b&_noobservation=1&_expected_cookie=96244d5...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7cfd324b-2035-4c6d-a002-61534655a34b&_noobservation=1&_expected_cookie=96244d582c86b3e04e94ebcd830b97ad
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6de97fc51c7a2bb3-ORD
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7cfd324b-2035-4c6d-a002-61534655a34b&_noobservation=1&_expected_cookie=96244d582c86b3e04e94ebcd830b97ad
date
Wed, 16 Feb 2022 20:24:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6de97fc4ab582bb3-ORD
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 7434
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1690652649689404964478?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-QqZGYX9E2oS.Xm6okgC0pl8WPvjRxEzAg.kRzXfqkw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-QqZGYX9E2oS.Xm6okgC0pl8WPvjRxEzAg.kRzXfqkw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 16 Feb 2022 20:24:22 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-QqZGYX9E2oS.Xm6okgC0pl8WPvjRxEzAg.kRzXfqkw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
c.gif
c.bing.com/ Frame 7434 		42 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1690652649689404964478&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:21 GMT
etag
"89b446b6cf8d81:0"
last-modified
Thu, 13 Jan 2022 22:48:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2FB0706F3EEA48E581F9996889E7A84A Ref B: YTO01EDGE0811 Ref C: 2022-02-16T20:24:22Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 7434 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1690652649689404964478
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 7434
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1690652649689404964478&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=28b0e443-ac70-4b50-9cfc-d5e50f499f01
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=166b8047-c9cd-4fd0-9092-46e681bc28a3&expires=10&ssp=triplelift&bsw_param=28b0e443-ac70-4b50-9cfc-d5e50f499f01
  • https://eb2.3lift.com/xuid?mid=2409&xuid=28b0e443-ac70-4b50-9cfc-d5e50f499f01&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=28b0e443-ac70-4b50-9cfc-d5e50f499f01&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=28b0e443-ac70-4b50-9cfc-d5e50f499f01&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 16 Feb 2022 20:24:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 7434
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=51mZLd4len9qzOddwWTe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GUYW2WSMMQ2GY...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=51mZLd4len9qzOddwWTe
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=51mZLd4len9qzOddwWTe
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=51mZLd4len9qzOddwWTe
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1183 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.123 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
562.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 562.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
bf7d286f-9f11-4589-b0e3-a19e8ac01795
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FA68 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.123 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
562.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 562.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
bd88d287-9a70-49b3-af43-e73bcbfd4e2b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 53A9 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9ee13051b0d1372a52dca4350801ea7fec9ab61d9b8b96cfeb4a4fcd6fa66c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|130|4|218|57|195|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 16 Feb 2022 20:24:22 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Content-Length
1446
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 759A 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ceb82a3be090232b169e369bf77ca2544d23098ea211cb6d6d6e420b7af42db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|88|4|156|26|17|111
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 16 Feb 2022 20:24:22 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Content-Length
1513
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame EA3D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b77e7fd4c21e7e07e0b54923cfb766f06cb1ad5097631bb6d890b66435795e6b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|88|4|17|3|64|131
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 16 Feb 2022 20:24:22 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Content-Length
1729
Connection
keep-alive
async_usersync
ib.adnxs.com/ Frame 809D 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.123 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
562.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 562.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
d6988f5b-b908-4b57-b6b5-44febc5afeaf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Yg1dcdbZopM-g_rSh9vKSgAAACAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 53A9 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yg1dcdbZopM-g_rSh9vKSgAAACAAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:efb6:c060:3207:6cbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 53A9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5639511748561466636
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5639511748561466636
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
a5a9b43e-f5ea-4fa9-a732-81906f427705
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5639511748561466636
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 53A9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD_X07EGrsAAHrxJ8WjcQ&expiration=1646252662
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD_X07EGrsAAHrxJ8WjcQ&expiration=1646252662
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD_X07EGrsAAHrxJ8WjcQ&expiration=1646252662
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame 53A9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7190464996333120856
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7190464996333120856
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7190464996333120856
pragma
no-cache
date
Wed, 16 Feb 2022 20:24:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
demconf.jpg
dpm.demdex.net/ Frame 53A9
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yg1dcdbZopM.g-rSh9vKSgAA%26032?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yg1dcdbZopM.g-rSh9vKSgAA%26032
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yg1dcdbZopM.g-rSh9vKSgAA%26032
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
54.211.181.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-181-31.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v028-071f09860.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fzhmx4cOQ2s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-2-v028-0c287ce2d.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
xcKLmnk6QM0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yg1dcdbZopM.g-rSh9vKSgAA%26032
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 53A9
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=970314629024472183
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=970314629024472183
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=970314629024472183
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 53A9
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-889f3425-b7cf-4742-b086-81d84d02d966
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-889f3425-b7cf-4742-b086-81d84d02d966
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-889f3425-b7cf-4742-b086-81d84d02d966
date
Wed, 16 Feb 2022 20:24:22 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 53A9
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=6d63a21c-8f66-11ec-a808-2ee2c4333855
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=6d63a21c-8f66-11ec-a808-2ee2c4333855
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=6d63a21c-8f66-11ec-a808-2ee2c4333855
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-1
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 53A9 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Yg1dcdbZopM.g-rSh9vKSgAA%26032
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:22 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3086
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 21:15:48 GMT
Yg1dcdbZopM-g_rSh9vKSgAAACAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 759A 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yg1dcdbZopM-g_rSh9vKSgAAACAAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:efb6:c060:3207:6cbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 759A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5639511748561466636
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5639511748561466636
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
8ab058f2-4455-4ce1-8ccd-fd247b33fdb4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5639511748561466636
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 759A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yg1dcQAGuf2ScwBB
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yg1dcQAGuf2ScwBB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:22 GMT
via
1.1 varnish
server
Varnish
x-timer
S1645043063.502861,VS0,VE0
x-served-by
cache-yul12831-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yg1dcQAGuf2ScwBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 759A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7190464996333120856
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7190464996333120856
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7190464996333120856
pragma
no-cache
date
Wed, 16 Feb 2022 20:24:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum.casalemedia.com/ Frame 759A
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=2cd2b6da-270b-4969-b3d9-92a8e083cac2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=2cd2b6da-270b-4969-b3d9-92a8e083cac2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

X-ServerName
Track004-dc3
Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:21 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=2cd2b6da-270b-4969-b3d9-92a8e083cac2
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
rum
dsum-sec.casalemedia.com/ Frame 759A
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Yg1dcdbZopM.g-rSh9vKSgAA%26032
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f281de26-454c-47ba-9028-fe73b2cd244d-tuct906e2f6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f281de26-454c-47ba-9028-fe73b2cd244d-tuct906e2f6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f281de26-454c-47ba-9028-fe73b2cd244d-tuct906e2f6
date
Wed, 16 Feb 2022 20:24:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17389
crum
dsum-sec.casalemedia.com/ Frame 759A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=51mZLd4len9qzOddwWTe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NJRNVNEY...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=51mZLd4len9qzOddwWTe
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=51mZLd4len9qzOddwWTe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
P3p
CP="We do not support P3P header."
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=51mZLd4len9qzOddwWTe
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 759A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3440646926031390032&expiration=1646252662
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3440646926031390032&expiration=1646252662
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:22 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3440646926031390032&expiration=1646252662
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 759A 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Yg1dcdbZopM.g-rSh9vKSgAA%26032
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:22 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3086
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 21:15:48 GMT
crum
dsum-sec.casalemedia.com/ Frame EA3D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5639511748561466636
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5639511748561466636
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
8797191b-dd30-4cc7-8951-3737adc4a731
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5639511748561466636
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Yg1dcdbZopM-g_rSh9vKSgAAACAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EA3D 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yg1dcdbZopM-g_rSh9vKSgAAACAAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:efb6:c060:3207:6cbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:22 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame EA3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yg1dcQAGuf2ScwBB
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yg1dcQAGuf2ScwBB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:22 GMT
via
1.1 varnish
server
Varnish
x-timer
S1645043063.506544,VS0,VE0
x-served-by
cache-yul12831-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yg1dcQAGuf2ScwBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame EA3D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7190464996333120856
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7190464996333120856
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7190464996333120856
pragma
no-cache
date
Wed, 16 Feb 2022 20:24:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame EA3D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=51mZLd4len9qzOddwWTe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NJRNVNEY...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=51mZLd4len9qzOddwWTe
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=51mZLd4len9qzOddwWTe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
P3p
CP="We do not support P3P header."
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=51mZLd4len9qzOddwWTe
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EA3D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3310620d-5d72-4000-add8-9f18524c05bb
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3310620d-5d72-4000-add8-9f18524c05bb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3310620d-5d72-4000-add8-9f18524c05bb
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Feb 2022 20:24:21 GMT
rum
dsum-sec.casalemedia.com/ Frame EA3D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341&expiration=1647635062
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341&expiration=1647635062
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=5f812818-9814-415e-bf32-764b50ea5c8a-620d5d72-4341&expiration=1647635062
date
Wed, 16 Feb 2022 20:24:22 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
crum
dsum-sec.casalemedia.com/ Frame EA3D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662310837142294
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662310837142294
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 20:24:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:24:22 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
101
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6de97fc56f084bd0-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662310837142294
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame EA3D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Yg1dcdbZopM.g-rSh9vKSgAA%26032
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.buzzfeednews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 20:24:22 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3086
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 21:15:48 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9DA4 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:24:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
event.png
tpsc-nyc.doubleverify.com/ Frame 55B2 		0
237 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-nyc.doubleverify.com/event.png?impid=b4e5c110e72f4d4182fac447faa93de1&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=10&ismms=68&isumms=68&isvelg=1&nvr=2&isgmmims=68&isgmv4mims=68&elmtp=1&isbxdms=3070&b0=3292&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=3292&sftb=3292&msrdp=1&naral=640&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=66&dvp_hdnAd=0&dvp_dpr=1&cbust=1645043063139700
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2197.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.84 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb114.doubleverify.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.buzzfeednews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.buzzfeednews.com
Pragma
no-cache
Date
Wed, 16 Feb 2022 20:24:23 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
02/15/2022 20:24:23

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bas.buzzfeed.com
URL
https://bas.buzzfeed.com/v1/users/f3f6f6d4-5473-43ad-90c6-b1e558305efe

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 function| structuredClone function| __trackAbandons object| BZFD function| bfa function| __tcfapi function| __uspapi function| cnx object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E object| SENTRY_RELEASE object| __SENTRY__ object| __core-js_shared__ object| core function| __NEXT_PRELOADREADY function| _ string| GoogleAnalyticsObject function| buzzfeed_ga function| pintrk function| snaptr function| obApi object| subbuzzJsonp object| clientEventTracking function| fbq function| _fbq object| __BUILD_MANIFEST object| __SSG_MANIFEST function| setImmediate function| clearImmediate object| BF object| snaptrContext boolean| triedToSendCookieToNative object| WebJSBridge boolean| noskimproducts string| skimwords_hover_name number| skimwords_horizontal_distance number| skimwords_vertical_distance boolean| nounlinked boolean| skimlinks_audience_optout boolean| skimlinks_cookie_sync_optout object| skimlinks_exclude string| skimlinks_site number| skimlinks_replace_timeout boolean| skimwords_instant boolean| noskimwords boolean| noskoupon string| skimlinks_pub_id function| skimlinksApplyHandlers function| skimlinksApplySecondaryHandlers function| skimlinksApplyHandlersAlt function| skimlinksODPCallback function| skimlinksRewriteUrl function| skim_init boolean| skimInitAlreadyCalled boolean| skimlinksInitialized number| skimlinks_requests_in_flight object| trx function| md5 object| NOLCMB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Sailthru object| CLIENT_EVENT_TRACKING object| bfp_related_links object| bfp_newsletter_signup object| webpackChunk_shopbonsai_widget_elements object| SENTRY_RELEASES object| BonsaiWidget object| COMSCORE function| udm_ object| _comscore object| ns_p function| quantserve function| __qc object| _qevents object| ezt object| _qoptions function| qtrack object| NOLBUNDLE string| quizEnergyExperiment object| googletag object| ggeac object| google_js_reporting_queue object| FontAwesomeConfig object| ___FONT_AWESOME___ object| BF_Scout undefined| google_measure_js_timing object| ADRIZER function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| __webpackStripeJSv3Jsonp function| Stripe function| __tcfapiui object| apstag function| pbjsChunk object| pbjs object| _pbjsGlobals object| Scroll object| q83MvS2 function| q83MvS3 object| xop boolean| apstagLOADED object| MxDZGM2 function| MxDZGM3 function| xblocker object| sMNgIz function| sMNgIX function| xblacklist object| googleToken object| googleIMState function| processGoogleToken boolean| creativeVendorLibraryLoaded object| AWIN number| google_unique_id object| JSON3 object| lanternTracker boolean| DFPSFMessageEnabled object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

181 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.3lift.com/sync Name: sync
Value: CgoIgQIQzKvUofAvCgoI4gEQzKvUofAvCgoI5gEQzKvUofAvCgoIhwIQzKvUofAvCgkICRDMq9Sh8C8KCQg6EMyr1KHwLwoJCAsQzKvUofAvCgoIjAIQzKvUofAvCgoIngIQzKvUofAvCgkIXxDMq9Sh8C8=
.mrtnsvr.com/sync Name: userId
Value: O2356Yufp
.buzzfeed.com/ Name: sailthru_hid
Value: 68d5ccb3648de3c07b9f1c065675f1ca606f64a72447d271f06461d29a61143277f666754249ab545c82b253
.buzzfeed.com/ Name: sailthru_bid
Value: 26727723.198387
www.buzzfeednews.com/ Name: next-i18next
Value: en
.www.buzzfeednews.com/ Name: bf-geo-country
Value: CA
.buzzfeednews.com/ Name: _ga
Value: GA1.2.1526230868.1645043056
.buzzfeednews.com/ Name: _gid
Value: GA1.2.1125824906.1645043056
.buzzfeednews.com/ Name: _gat
Value: 1
www.buzzfeednews.com/ Name: sailthru_pageviews
Value: 1
.buzzfeednews.com/ Name: bf_visit
Value: u%3D.wijE489zg9%26uuid%3Df3f6f6d4-5473-43ad-90c6-b1e558305efe%26v%3D2
.buzzfeednews.com/ Name: bf-xdomain-session-uuid
Value: abb320e3-2d9a-481c-8c0e-67aa5fb96f01
www.buzzfeed.com/ Name: bf_visit
Value: u%3D.wijE489zg9%26uuid%3Df3f6f6d4-5473-43ad-90c6-b1e558305efe%26v%3D2
www.buzzfeed.com/ Name: bf-xdomain-session-uuid
Value: abb320e3-2d9a-481c-8c0e-67aa5fb96f01
.buzzfeednews.com/ Name: _scid
Value: 193953ab-75a5-463e-96c3-95ef0fe3d446
www.buzzfeednews.com/ Name: outbrain_cid_fetch
Value: true
.scorecardresearch.com/ Name: UID
Value: 1DE0199de1304ed774130841645043056
www.buzzfeednews.com/ Name: sailthru_content
Value: acedd9b14bf4253a31adcd3cd36f727c
www.buzzfeednews.com/ Name: sailthru_visitor
Value: 8f605f93-4e98-43f4-8fe8-939ac82aaf54
.www.buzzfeednews.com/ Name: shopping_package_all_bpager_metadata
Value: %7B%22id%22%3A776%2C%22version%22%3A2%2C%22resolved%22%3Afalse%2C%22is_feature_flag%22%3Atrue%2C%22value%22%3A%22on%22%2C%22variant_id%22%3A1%2C%22payload%22%3Anull%7D
.www.buzzfeednews.com/ Name: bonsai_shopping_cart_metadata
Value: %7B%22id%22%3A962%2C%22version%22%3A1%2C%22resolved%22%3Afalse%2C%22is_feature_flag%22%3Atrue%2C%22value%22%3A%22on%22%2C%22variant_id%22%3A1%2C%22payload%22%3Anull%7D
.www.buzzfeednews.com/ Name: commerce_ad_affiliate_metadata
Value: %7B%22id%22%3A901%2C%22version%22%3A2%2C%22resolved%22%3Atrue%2C%22is_feature_flag%22%3Afalse%2C%22value%22%3A%22top%22%2C%22variant_id%22%3A2%2C%22payload%22%3Anull%7D
.www.buzzfeednews.com/ Name: commerce_ad_recirc_metadata
Value: %7B%22id%22%3A900%2C%22version%22%3A2%2C%22resolved%22%3Atrue%2C%22is_feature_flag%22%3Afalse%2C%22value%22%3A%22top%22%2C%22variant_id%22%3A2%2C%22payload%22%3Anull%7D
.www.buzzfeednews.com/ Name: SITE-7528-TPAU_with_images_metadata
Value: %7B%22id%22%3A974%2C%22version%22%3A3%2C%22resolved%22%3Afalse%2C%22is_feature_flag%22%3Afalse%2C%22value%22%3A%22control%22%2C%22variant_id%22%3A1%2C%22payload%22%3Anull%7D
.www.buzzfeednews.com/ Name: SITE-7524_wishlist_onsite_reminder_metadata
Value: %7B%22id%22%3A994%2C%22version%22%3A2%2C%22resolved%22%3Atrue%2C%22is_feature_flag%22%3Afalse%2C%22value%22%3A%22variant_2%22%2C%22variant_id%22%3A3%2C%22payload%22%3Anull%7D
.buzzfeednews.com/ Name: _pin_unauth
Value: dWlkPU1tSmhabUk0WkRRdFlUazFNeTAwWVdRMUxUa3dOR1l0TURreE5Ea3dORE13WW1aaQ
www.buzzfeednews.com/ Name: ADRIZER_SOURCE
Value: {%22value%22:%22Sailthru%22%2C%22expires%22:%222022-02-18T20:24:16.542Z%22}
www.buzzfeednews.com/ Name: ADRIZER_WIDGET
Value: {%22value%22:%22News%20confirmed%20list%22%2C%22expires%22:%222022-02-18T20:24:16.542Z%22}
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwRHAIAgEwIqYOeLhQLpB0CosPt/sa7uKrNjyeKtwGyS8lvTwFedYZvpV4tVJAwds3l/xAUZJmipAAAAA
.tapad.com/ Name: TapAd_TS
Value: 1645043056608
.tapad.com/ Name: TapAd_DID
Value: df384afa-93cd-4cba-889a-7302d9cbf2a5
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
www.buzzfeednews.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.buzzfeednews.com/ Name: amp_08fce9
Value: Q9XQFUo1wItJu6zImbwuj0...1fs23a051.1fs23a054.0.1.1
.quantserve.com/ Name: mc
Value: 620d5d70-c9425-2a75e-cb2d1
.teads.tv/ Name: tt_viewer
Value: 22f5c8a4-73fe-4fc4-bacc-7c67aa04866c
.adnxs.com/ Name: icu
Value: ChgIyohtEAoYASABKAEw8Lq1kAY4AUABSAEQ8Lq1kAYYAA..
.kargo.com/ Name: ktcid
Value: 6767d167-be87-0c24-1f49-34d21c27e423
.adnxs.com/ Name: uuid2
Value: 5639511748561466636
.rubiconproject.com/ Name: khaos
Value: KZQ05UC7-18-F2S3
.yahoo.com/ Name: A3
Value: d=AQABBHBdDWICEK_6UnXi19LYxeC-inCycwgFEgEBAQGuDmIXYgAAAAAA_eMAAA&S=AQAAAgfeRzKPo96gQwxcf_ismUY
.buzzfeednews.com/ Name: __qca
Value: P0-1424883153-1645043056166
.buzzfeednews.com/ Name: _sctr
Value: 1|1644969600000
.imrworldwide.com/ Name: SSCVER
Value: v1
.imrworldwide.com/ Name: IMRID
Value: 6a35ce30-8f66-11ec-ad2a-1744ab9e2f8f
.buzzfeednews.com/ Name: _fbp
Value: fb.1.1645043057316.825303734
.amazon-adsystem.com/ Name: ad-id
Value: AxT7prqaK0SeugEVh4gqFy8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.facebook.com/ Name: fr
Value: 0vGx9ewnqMCxIEPLh..BiDV1x...1.0.BiDV1x.
.openx.net/ Name: i
Value: 534452f7-840d-09ba-0901-64a509b28481|1645043057
.gumgum.com/ Name: vst
Value: u_c13fd124-8843-428d-a6ac-470087e870f9
.3lift.com/ Name: tluid
Value: 1690652649689404964478
.sharethrough.com/ Name: stx_user_id
Value: 5b90ca22-f278-4c3a-9b58-9ddcda50c05a
.casalemedia.com/ Name: CMID
Value: Yg1dcdbZopM.g-rSh9vKSgAA
.casalemedia.com/ Name: CMPS
Value: 463
.openx.net/ Name: pd
Value: v2|1645043057|vMgakWgyiK
.bidswitch.net/ Name: tuuid
Value: 28b0e443-ac70-4b50-9cfc-d5e50f499f01
.bidswitch.net/ Name: c
Value: 1645043057
.bidswitch.net/ Name: tuuid_lu
Value: 1645043057
.emxdgt.com/ Name: uid
Value: 64381645043057522864a8
.casalemedia.com/ Name: CMPRO
Value: 032
.turn.com/ Name: uid
Value: 7190464996333120856
.outbrain.com/ Name: obuid
Value: 1e34dd2d-6bc3-4d76-bcdc-bf3fdc991914
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yg1dcQAGuf2ScwBB
.technoratimedia.com/ Name: tads_uid
Value: 4535EB670A3D44EC81DC67635947A6DC
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220216152417-0500
.technoratimedia.com/ Name: tads_zora
Value: 2
.emxdgt.com/ Name: apn_id
Value: 5639511748561466636
.deepintent.com/ Name: CDIUSER
Value: di_7edf3424e5964fe0bc833
.pubmatic.com/ Name: KADUSERCOOKIE
Value: DDEC82A8-7793-40F5-9468-CD25DF98A6EA
.zemanta.com/ Name: zuid
Value: 51mZLd4len9qzOddwWTe
.ipredictive.com/ Name: cu
Value: 6a6bd311-8f66-11ec-8001-f99ddf8e8f45|1645043057653
.quantserve.com/ Name: d
Value: ECEBDQG6Jcv7kwA
.adsrvr.org/ Name: TDID
Value: 92950dbd-51f7-47e4-8829-8240cbc07bc0
.doubleclick.net/ Name: IDE
Value: AHWqTUnWFJF4M4zRzxRcHPg9rREi3D5Qu3pGd0u6W5pIqPoaUrf3gMsFUhvi6u9ePlM
.33across.com/ Name: 33x_ps
Value: u%3D211578107144626%3As1%3D1645043057662%3Ats%3D1645043057662
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1b3efdc9-882c-42be-6142-dcb4a53f265e.bbDPm8cuEAcvDPnQYHgeyhbrzYNp8g8LFVKp3Fh2wjc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGz79yYgsQr5hQty0pT8mXpU4mbU.%2BA0cHUs7qVHfJrFJMoM9TYSxYIEbOndRqA%2FaooELPsM
.creative-serving.com/ Name: tuuid
Value: 98fd7e62-7e6b-49d9-ac02-3e38fdc6affd
.creative-serving.com/ Name: c
Value: 1645043057
.creative-serving.com/ Name: tuuid_lu
Value: 1645043057
.360yield.com/ Name: tuuid
Value: 63f04982-c22c-4831-9c6e-b165c99e2035
.360yield.com/ Name: tuuid_lu
Value: 1645043057
.tynt.com/ Name: uid
Value: EO05xmINXXF6+KHpBy1PBA==
.dyntrk.com/ Name: dyn_u
Value: 04030002_620d5d71c17f3
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1645043057819%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1645043057819%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1645043057819%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1645043057819%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1645043057819%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1645043057819%7D%5D
.eqads.com/ Name: EQUser
Value: UID=4a57c573-731e-4563-82f0-5eb8991287e5
.openx.net/ Name: univ_id
Value: 537072971|92950dbd-51f7-47e4-8829-8240cbc07bc0|1645043057835298
.contextweb.com/ Name: V
Value: ZYQOlJfck3eO
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 3b1e0a98a17da79c
.creativecdn.com/ Name: u
Value: NR4AKcf3CbLuD4z1iPY1
.creativecdn.com/ Name: ts
Value: 1645043057
.acuityplatform.com/ Name: auid
Value: 647644618866
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Yg1dcQAGuf2ScwBB&KRTB&22978-Yg1dcQAGuf2ScwBB&KRTB&23194-Yg1dcQAGuf2ScwBB&KRTB&23209-Yg1dcQAGuf2ScwBB
.pubmatic.com/ Name: PUBMDCID
Value: 2
.adform.net/ Name: uid
Value: 3440646926031390032
.simpli.fi/ Name: suid
Value: CD4BEB1BB7CE40A6BE53C58FFAD6B19B
.smartadserver.com/ Name: pid
Value: 1796045720203520033
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-92950dbd-51f7-47e4-8829-8240cbc07bc0&KRTB&22918-92950dbd-51f7-47e4-8829-8240cbc07bc0&KRTB&23031-92950dbd-51f7-47e4-8829-8240cbc07bc0
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7190464996333120856
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBP0EGUCaamGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT9BBlAmmo90aGlyZFBhcnR5VXNlcklkIfuCMTM3+kIkBJJDJQE/QQZQK4BEJQE/QQZQK4BFIfv7hnZlcnNpb27C+w=="
.rlcdn.com/ Name: pxrc
Value: CPK6tZAGEgUI6AcQABIFCOhHEAA=
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELnC9jDFj7sh4VYH_kfw-J0&KRTB&16514-CAESELnC9jDFj7sh4VYH_kfw-J0&KRTB&23025-CAESELnC9jDFj7sh4VYH_kfw-J0
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:CD4BEB1BB7CE40A6BE53C58FFAD6B19B
.mathtag.com/ Name: uuid
Value: 3310620d-5d72-4000-add8-9f18524c05bb
.sitescout.com/ Name: ssi
Value: 5f812818-9814-415e-bf32-764b50ea5c8a#1645043058084
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjQ3MDY0MTOyNDAyMTE3MrQwFuIz1DXIS3V1DSr38fQLDZLiNTQzMTUwMTYwtTCwNAQAfMo3yzMAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjQ3MDY0MTOyNDAyMTE3MrQwFuIz1DXIS3V1DSr38fQLDQIA6k9VTyQAAAA
.socdm.com/ Name: SOC
Value: Yg1dcsCo8X4AAO8jHxkAAAAA
.zemanta.com/ Name: obuid
Value: 9tAi24gOl655lBFBTrvHyf3D9Ubo7-5MjIDaCUzozNpkmTjhC7DNQhWHDV5dYoOg
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-31cfac64-326a-4696-bd02-aeb5ffefd739-005%22%2C%22nxtrdr%22%3Afalse%7D
.outbrain.com/ Name: zmnta
Value: 51mZLd4len9qzOddwWTe
.pippio.com/ Name: did
Value: VkKyQxZ0zM4LRbwi
.pippio.com/ Name: didts
Value: 1645043058
.pippio.com/ Name: nnls
Value:
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-31cfac64-326a-4696-bd02-aeb5ffefd739-005%22%7D
.buzzfeednews.com/ Name: __gads
Value: ID=821d6ae4c9201f63:T=1645043057:S=ALNI_Ma5Vv92PKsHUujv6MFrYuGpzIgztA
.pippio.com/ Name: pxrc
Value: CPK6tZAGEgQIAhAAEgYI7OsBEAA=
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2JNQWJJR0d6STFRM1J0Y1ZSMlJXWmxablJDYUd0YVEwbDBUMFp2ZDBaSFNib0dOd2lSVGhJeU5XWTRNVEk0TVRndE9UZ3hOQzAwTVRWbExXSm1Nekl0TnpZMFlqVXdaV0UxWXpoaExUWXlNR1ExWkRjeUxUUXpOREc2QmhFSXBrNFNERFkwTnpZME5EWXhPRGcyTnJvR0F3aXFUcm9HQXdpdVRyb0dBd2l3VHJvR0Z3aklUaElTT1Rjd016RTBOakk1TURJME5EY3lNVGd6dWdZeENNbE9FaXg1TFc5bFltaFhhVnBGTW5WSVVWaDNjRUpKYlUwd1VERlhWRlJITmw5cE5UbHFTUzVCY1VGNU5DMStRUT09IiwiaWF0IjoxNjQ1MDQzMDU4fQ.kh4-BrrYzsR6u8sYMxJi9bpwTHtksXzw1Jh9m7fYN-ahurTCP5pCWk6WrZ_R_xz3aPbkjMm5R6jcJN3CiJi2Nw
.linksynergy.com/ Name: rmuid
Value: 327ef1ed-ab46-4a14-a7dd-7e7b41575d0c
.linksynergy.com/ Name: icts
Value: 2022-02-16T20:24:19Z
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bH4xDga6EnXZu1WuCoMxA8a+JUixCbOKdrjeqIaFd0ZTJRt8k7uQbMVzLYmhJ/ZHSxjGUsDQaB7wahlVkImCxpOzG6FmltYou1DL1zCkHcNhPFdJMTEemOR3OlDu/ORdD8=
.rlcdn.com/ Name: rlas3
Value: h8tPoPDwfO1AvzMCTVbk3gpTrWrlRf6IgFdWAQWYXmI=
.doubleclick.net/ Name: DSID
Value: NO_DATA
www.pinterest.ca/ Name: _pinterest_sess
Value: TWc9PSZuS2NTNEZIZFR6Y3B2ekFvNFNmbHFSakk0ZFBmMmQvTnRSZmR5ZVV2OW5XZzVHelFtV2dNNU8zRE9ZdUFUSXZ3SmRvU09sUzBXelVCQlBHdTk0c1psT2RnTDJudzJ6eWNLODEwa1RINW9sUT0mK2FTbS9rMWpZOUhoUXgyZldFUWJnZldTV2dRPQ==
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1646179200%3A219_221_228_236_201_197%7C1645574400%3A164%7C1645056000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1645574400%3A223_2_15%7C1646179200%3A3_13_54_7_104_22_178_220_71_231_21_166%7C1646265600%3A35
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220220216%22%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~239w:191l~239w:190u~239w:18z8~239w"
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_7edf3424e5964fe0bc833
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5639511748561466636&KRTB&23339-5639511748561466636
.pubmatic.com/ Name: PugT
Value: 1645043061
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-6a6bd311-8f66-11ec-8001-f99ddf8e8f45&KRTB&23011-6a6bd311-8f66-11ec-8001-f99ddf8e8f45
.fiftyt.com/ Name: fifid
Value: f513456d-f14f-43b9-6252-3ef2b5bcc42e
.fiftyt.com/ Name: cs
Value: MTY0NTA0MzA2MXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fA3-YFuW-oeTej45CkkRssvuVTVHooMVrnm0GVocNQPn
.pubmatic.com/ Name: SPugT
Value: 1645043061
m.stripe.com/ Name: m
Value: 5a0e9f39-7bbc-48f2-a0d5-e8b952003ad90b97ac
.www.buzzfeednews.com/ Name: __stripe_mid
Value: 0296a703-7eea-4363-b5fa-3900c92626b716a758
.www.buzzfeednews.com/ Name: __stripe_sid
Value: 7e2732b8-63e8-4c72-833e-a3006a451da148046e
.dotomi.com/ Name: DotomiTest
Value: 26e85a5e10561215
.fiftyt.com/ Name: fppm
Value: 20220216202421
io.narrative.io/ Name: io.narrative.guid.v2
Value: 6c7e3790-8f66-11ec-8734-065a0b8073db
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:3310620d-5d72-4000-add8-9f18524c05bb&KRTB&16736-uid:3310620d-5d72-4000-add8-9f18524c05bb&KRTB&23019-uid:3310620d-5d72-4000-add8-9f18524c05bb&KRTB&23208-uid:3310620d-5d72-4000-add8-9f18524c05bb
.bidr.io/ Name: bito
Value: AAD_X07EGrsAAHrxJ8WjcQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGbUjPkon_CwN-sW0BAAAAAAA&KRTB&22713-AAAGbUjPkon_CwN-sW0BAAAAAAA&KRTB&22715-AAAGbUjPkon_CwN-sW0BAAAAAAA
.agkn.com/ Name: ab
Value: 0001%3A%2FpG6xPXWqWtBMnB6TjWHn5bEBQfkl4Rl
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1c7r|7dN.0.AAD_X07EGrsAAHrxJ8WjcQ|7bq.0.1
.onaudience.com/ Name: cookie
Value: 7bb29165f7c1a34f
.onaudience.com/ Name: done_redirects161
Value: 1
.technoratimedia.com/ Name: tads_uidp_73
Value: AAD_X07EGrsAAHrxJ8WjcQ
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAD_X07EGrsAAHrxJ8WjcQ
.exelator.com/ Name: EE
Value: "44282d203f9f42a2e7e7a76349051562"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHExMjCKMXIwDjNMs3EKNEo1TzVPNHczNjE0sDU0NTMaHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJiSX5RZvoiZ8fFRSlpDItKik8F72%252BSBgAwaijY"
.onaudience.com/ Name: done_redirects109
Value: 1
www.buzzfeednews.com/ Name: _lr_retry_request
Value: true
www.buzzfeednews.com/ Name: _lr_env_src_ats
Value: false
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIgrXO74rluDoQBRIWCgdydWJpY29uEgsIvt6b8IrluDoQBRIXCghwdWJtYXRpYxILCPaDz_CK5bg6EAUSFgoHc3Z4OXQ1MBILCL7fzZqL5bg6EAUYASABKAIyCwi-19DHoeW4OhAFOAFaB3N2eDl0NTBgAg..
.bing.com/ Name: MUID
Value: 009322D6A03566E42802339BA11F6709
.c.bing.com/ Name: MR
Value: 0
.linkedin.com/ Name: li_sugr
Value: 7cfd324b-2035-4c6d-a002-61534655a34b
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&1202aea5-8b9a-439a-8c34-6c42b6396648"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2296:u=1:x=1:i=1645043062:t=1645129462:v=2:sig=AQG-lFF66h5SZ7aWH5ZIveLsKpu2ES7u"
.casalemedia.com/ Name: CMST
Value: Yg1dcWINXXYA
.smadex.com/ Name: smxtrack
Value: 166b8047-c9cd-4fd0-9092-46e681bc28a3
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmJqYGJsYGZkYmbQJAjnm1oYWBoCALJicRQgAAAA
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY0NTA0MzA2MjUxMywiNCI6MTY0NTA0MzA2MjUxMywiMzkiOjE2NDUwNDMwNjI1MTN9
.adsymptotic.com/ Name: U
Value: 96244d582c86b3e04e94ebcd830b97ad
.demdex.net/ Name: demdex
Value: 21398160323446870503747146259653069334
.taboola.com/ Name: t_gid
Value: f281de26-454c-47ba-9028-fe73b2cd244d-tuct906e2f6
.dpm.demdex.net/ Name: dpm
Value: 21398160323446870503747146259653069334
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ324H5r8fncCJ1T8CHI4HQ41JEMIR75oiI64K4bMYB-qnoosImr2uIxGMZQC4TM1
.adgrx.com/ Name: ADGRX_UID
Value: 6d63a21c-8f66-11ec-a808-2ee2c4333855
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: aLnr6ipkijdDifqAaAclqOitY81vOhBLxcyW5aAUOy4GS4jZbw8g9fg3C28T2OiWRvXCYoj6q
.casalemedia.com/ Name: CMRUM3
Value: 1a620d5d762760f281de26-454c-47ba-9028-fe73b2cd244d-tuct906e2f6&2e620d5d7605a0&83620d5d76276018072662310837142294&69620d5d7105a00&49620d5d7605a0&e6620d5d712760&f1620d5d7105a0&58620d5d762760Yg1dcQAGuf2ScwBB&c4620d5d72276004030002_620d5d71c17f3&04620d5d7627607190464996333120856&03620d5d7627603310620d-5d72-4000-add8-9f18524c05bb&28620d5d7227604a57c573-731e-4563-82f0-5eb8991287e5&27620d5d71276092950dbd-51f7-47e4-8829-8240cbc07bc0&2d620d5d7205a0CAESEGF_0DjEv2ysxzhHV5n0nzY&40620d5d7605a0&0a620d5d722760647644618866&11620d5d76276051mZLd4len9qzOddwWTe

18 Console Messages

Source Level URL
Text
security error URL: https://www.buzzfeednews.com/static-assets/bf-bpage-ui/_next/static/chunks/868-9c8d4c139440e5a34bc5.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dev.buzzfeed.io') does not match the recipient window's origin ('https://www.buzzfeed.com').
javascript error URL: https://www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement?utm_source=Sailthru&utm_medium=email&utm_campaign=02/16/2022%20Incoming%20newsletter&utm_term=News%20confirmed%20list
Message:
Access to fetch at 'https://bas.buzzfeed.com/v1/users/f3f6f6d4-5473-43ad-90c6-b1e558305efe' from origin 'https://www.buzzfeednews.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'bas.buzzfeed.com'. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://bas.buzzfeed.com/v1/users/f3f6f6d4-5473-43ad-90c6-b1e558305efe
Message:
Failed to load resource: net::ERR_FAILED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://fr-actions.trackonomics.net/prod/www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement/action_links.json
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://fr-actions.trackonomics.net/prod/pl/buzzfeed/www.buzzfeednews.com/article/ellievhall/prince-andrew-virginia-giuffre-settlement/place.json
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-7325c22487246e3f7bce228be2c179e7' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13577
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=O2356Yufp&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
6f3a019eeabc084f1650e2acebe02868.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
a3604.casalemedia.com
aa.agkn.com
abeagle-public.buzzfeed.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.pubmatic.com
adservice.google.ca
adservice.google.com
ak.sail-horizon.com
amplify.outbrain.com
api.amplitude.com
api.rlcdn.com
api.sail-personalize.com
api.widget.shopbonsai.ca
b1sync.zemanta.com
bas.buzzfeed.com
bh.contextweb.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
cd.connatix.com
cdn-gl.imrworldwide.com
cdn-magiclinks.trackonomics.net
cdn.ampproject.org
cdn.districtm.io
cdn.doubleverify.com
cds.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
cms-xch-chicago.33across.com
cms-xch.33across.com
connect.facebook.net
creativecdn.com
cs.emxdgt.com
ct.pinterest.com
d.adroll.com
de.tynt.com
dis.criteo.com
dmx.districtm.io
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
elements.widget.shopbonsai.ca
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fbcapi.buzzfeed.com
fonts.googleapis.com
fonts.gstatic.com
fr-actions.trackonomics.net
googleads.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
hde.tynt.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.buzzfeed.com
io.narrative.io
js-sec.indexww.com
js.stripe.com
krk.kargo.com
lantern.roeyecdn.com
link.buzzfeed.com
load77.exelator.com
loada.exelator.com
loadm.exelator.com
loadus.exelator.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
nep.advangelists.com
o1085221.ingest.sentry.io
og1bgxveuvbfyzgatkv1gewjslblv1645043056.nuid.imrworldwide.com
p.adsymptotic.com
p.rfihub.com
p.skimresources.com
p.typekit.net
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixiedust.buzzfeed.com
polyfill.io
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
q.stripe.com
quantcast.mgr.consensu.org
r.skimresources.com
rtb.adentifi.com
rtb.gumgum.com
rules.quantcount.com
run.adrizer.com
s.ad.smaato.net
s.amazon-adsystem.com
s.pinimg.com
s.skimresources.com
s.tribalfusion.com
sb.scorecardresearch.com
sc-static.net
secure-assets.rubiconproject.com
secure-dcr.imrworldwide.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sentry.io
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.scroll.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.skimresources.com
tagan.adlightning.com
tags.bluekai.com
tags.rd.linksynergy.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-nyc.doubleverify.com
tr.outbrain.com
tr.snapchat.com
trx-hub.com
u.openx.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
visitor.fiftyt.com
www.buzzfeed.com
www.buzzfeednews.com
www.dwin2.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.pinterest.ca
www.pinterest.com
x.bidswitch.net
bas.buzzfeed.com
100.25.247.56
104.16.190.66
104.16.220.11
104.16.68.69
104.18.100.194
104.36.115.109
104.36.115.114
107.178.246.49
107.178.254.65
124.146.215.42
129.159.70.95
141.226.224.48
142.250.80.98
142.251.40.130
15.197.193.217
151.101.128.176
151.101.130.114
151.101.2.49
151.101.66.114
151.101.66.137
151.139.128.11
169.55.104.49
173.231.184.20
18.213.10.151
185.167.164.39
185.184.8.65
185.29.134.244
192.132.33.46
192.184.68.195
198.148.27.140
199.127.204.147
199.187.193.177
199.232.198.217
199.38.167.129
204.154.110.76
204.154.110.84
209.204.233.176
216.152.140.200
23.192.31.127
23.200.173.61
23.209.184.224
23.34.251.243
23.52.160.130
23.52.161.180
23.52.162.190
23.52.162.21
23.66.229.102
2600:1400:d:49d::1931
2600:1400:d:595::4469
2600:141b:13::17d7:82cb
2600:141b:13::17d7:82db
2600:1f18:4e9:5a02:efb6:c060:3207:6cbc
2600:9000:2209:1c00:9:46dc:4700:93a1
2600:9000:2209:200:1d:667e:2a40:93a1
2600:9000:2209:3600:1b:5138:8a40:93a1
2600:9000:2209:4000:1f:af3f:8a40:93a1
2600:9000:2209:4000:6:44e3:f8c0:93a1
2600:9000:2209:5200:2:42d9:3100:93a1
2600:9000:2209:7800:1d:8c8c:47c0:93a1
2600:9000:2209:de00:f:1dcc:7540:93a1
2602:803:c002:200::32
2606:4700::6812:d05
2606:ae80:1451:18::1720
2607:f8b0:4006:807::200e
2607:f8b0:4006:809::2003
2607:f8b0:4006:809::200e
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2004
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2003
2607:f8b0:4023:1407::9b
2620:112:f002:bbbb::21
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:c400::11
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:e00::282
3.208.223.190
3.208.70.15
3.210.151.157
3.210.40.137
3.223.147.57
3.226.166.212
3.227.228.140
3.228.147.119
3.92.156.8
34.102.163.6
34.117.239.71
34.120.155.137
34.120.195.249
34.120.70.128
34.199.144.90
34.229.3.43
34.238.134.115
34.98.67.3
35.162.230.186
35.174.143.115
35.186.226.184
35.188.42.15
35.190.59.101
35.190.60.146
35.190.91.160
35.201.67.47
35.201.96.126
35.211.165.199
35.211.178.172
35.238.176.72
35.244.159.8
35.71.139.29
38.91.45.7
44.198.222.213
50.16.141.46
51.161.117.181
51.210.112.236
52.0.156.250
52.25.1.59
52.46.130.91
52.72.112.178
52.85.61.17
52.85.61.5
52.85.61.58
52.85.61.81
52.85.61.83
52.85.61.87
52.85.61.89
52.85.61.93
52.85.63.179
54.164.234.113
54.175.87.114
54.187.159.182
54.210.154.62
54.211.181.31
54.230.240.249
54.234.88.163
54.236.183.237
54.236.195.76
67.202.105.22
67.202.105.31
68.67.160.75
68.67.179.123
69.90.254.78
70.42.32.159
70.42.32.63
74.119.119.150
75.2.40.13
8.28.7.81
8.28.7.83
8.28.7.84
8.43.72.97
8.43.72.98
017592c0fe8453a1ce3c7ced6be031483d2010a2f5217669b1fa46a3c002e2b9
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
072300ef36efa54af8634dadd3451fbd96274e9708bfa568040192fb2e71c160
08541704050151b92161b88903be31ae1b92cbd49fe5ffc193e84567fde12d69
09ed6fc1d861ff18f230dfb3384d2283eea8c0a2a0bc94c0b87b4bbb000c868a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b2dbff9395fc956aa6e4fb273fae27e233256fb02380540ce561077b508c3b2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0c950c60ffc4cf6c848bceff4714be3c3c005c6f3aceb2bc3952d61918424d
0e4c89e6082c9d40b6157c764105039b62783ebfbdae1bcf4d75b748ec6a83c3
100d6bb71d1d0941f44f09dd281ee1e7ead7374ee4cef777b6fcfff0b9eeec6f
10b0639973fc0fbf08970e1b36ece38b05e6316fef61ea055855add4a1e25074
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14070d68f42e59c4eb8fb31fdbba14cbbc20b7d4e51a45484b62ce593b5234c6
1423e319f58962f96f4c57e58e9621e900c96d2a1cfdf70f22ffb691d4520a65
147cb20320f6928dd1316164176f7160213b538297f938c575a5489f19d67760
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19f40bd90cad97e5e897fe9878e53fe85d0803e078e32969774ba391afc56a9c
1ab55209f2f17d121aea6f96f6ccc11bd19123a613697d556d839c67e5864299
1b5def6f25ce8f54cbbe30878cbc30176df2f154a9432aa421efec1efeed071a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c765136a1e8dba67e0f61ab5aa4d4249a6d6ec97d4cd03e4621900fac15edd5
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f74e1662a6e10a62b8a171b430182228375912b5b95bb4dedb5125615b3e38a
20bb133b91d5f4256eb3a152725d6a016a4e93cb07d0d0a527b6ed7c4556b2b3
238a7b88a5b7237a3fde744d5b7a0d8deafbe118e52453771e9e1872cac1b41f
24f0bcb8a4b959ef654784359129e617a912fd8ea5c8b41b0bd7f2c1c1439b20
26eecf4355394d98fd96429e58f7349a20d853f35b8b1b5875449171139cfa9e
2718404ddccc24c361b62527821860f0d72ad13fb138f176dce5d958eae9d6d7
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea
28fab11290254b488e704d826293b90a29f69601b8e4c02c2464079efd22faff
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d0e92c6844d02323ba258e3d5d41307cced37b825c3d6292fc3e0c314708ad2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecf2ed1b3fcc3019424b69188b3a8138ed9544e4a48b539b850fd047cf8f26e
2f500750e7a32b1b40ab4da311a014d525b51b36ce845997a6625682c47af0ce
317f23558b3b9647275ff1bc158ea385849267feed509c13b039b7245d567af0
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
33cb68becf4ba2fca669a70dfbde95a280f9a060f075aca854a9672a55c5770e
35b63b256d21f417be9b975bf634e27de05b1f607aa03fa7b4b3ffc0220e8fd8
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
371bd3e84d9d2f550b77f8506ac123fe92212db736c0a5a748f9502e6d05ec3f
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
377c8f32cae6c35e53db18ca8393c34d158aa25838fd191527336c3f71d93f21
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3969aafa076888c24022efef76d4bfcc951cbc17432cf3e8a976917cc64bd405
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
39a5afdd67e127ea78c2fd5799e619730d811aca742f77a289a580ae89730ff3
3ae3a82b997842614b83f070d02ea44711b24974fb99693acaa6181b6c053c0e
3b881e30c716a68c7c8da68353acedc954785313420f4ccdff520cfc825673bd
3d2df3ed93fe9b3cb66cae080ceb0cb30dfbedc1efed29de5e05b646238ea8af
3d4ee6a6585f129f667fecc152b7805c56de8d441b173649120da09daaef6baa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e0e0d4639af8ecba90af219240c0653017e48f615eafde2b40b4ba50e0ca9d1
3e3a4755aad2ad8685422ae569f69527f6e9cc6f8d416cf796bfab2612da055b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46f9ff2dd6e5d9c069a23ba0316c0641c0cfbf490be056bae39679a853afc71a
482b2c1223925efafceb4478297480ded9f9b36bc3f17b0ef42756d020197886
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49a12cd6ce103cc5842e3db91b19a38e8ede34f0ab0bc32a18c90159627199df
4b6d3389e5b50e9731cd23dd520b5cdfce3062f8db5b2634b4e8425e0147952d
4c742c4f4f0d514c824d52954779b38d7284ad5ace5edba5c267035a37f5c6f2
4d4691df914a517fb66e887222f04545dce0a0d5c2603f48735d3ddbf9cf917a
4d907327cac9484a2d0745255b4d07e622b5b8430344794cbc29aae8dd17f222
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e757f9b4dbb6314fb1a2c99c2a9ee0c6dd07198bef376a29a7e72eb057998f4
4f4017a2564e50cb2816206d9876dccaa319d1d696fd56aa1e3af6f9de6ed487
52fde6814d26601698a78c499c2e90268f3cde533d85c26e27fae6806012dff3
5423a8b64392927336c6ed24e4504d9655370ae2fb885954a1bbf519e0da8100
544ab4437a946a6c831665fe008da5393a0dfa0dddc11145826f38c2ba5927e1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554af7a6f37306d9596b3232a22577b4a1779d1f491786029c1197da5a47819d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bb26b7fea2eee85c2343ff3a0509d7991f95e3d94f9d8ad6227be51abdfc8f
59d12d17ce216c478913590ef1d7cc3ea1fa95420fec3df6b97fc233c76f3bdb
5ad7509b8cc9c097a9fab90c22277c50de495c9871eda1e39ecc5d00b8d36e62
5c24b0fd65be374c11cb083a16115414ee9ac100e32579cbfe06b6ad668a56d8
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e
5c52d7ed049f9f7d6310d7c76f3ee9f54b133b5b5e91405c4b26599e006f2b28
5cff67ddd98ac4518c2f0ea17302f9a63dd4e8c24f7375427a6b396fffa218d1
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ef82fbc23b908eae33239c4d72b925ae1ea4d99cb91795759d9712c26ed0587
5f4866f0e3717fb6ab8886504a51f5e596b87b04bb088629a0c071d1ea32afb6
5fe0a348ab1514f7e456a57a4c604299afedb144ac35409803a4277423de868a
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
65792382cbccbec1d2ea0aa8ebadfe017176baf0f6fd08f70d3709909b356836
66340ed6d754898f2d76ddd8bb51743d46e43abb4b8a754f5ca25ba7d7362e73
6764fd6a3830178964bae23e8c618fcc6e78a24044feea5fa85cd5fddacfbca1
67beeabef8a2e2cab240d88e2b5d214c7387e4902189ac9ed1cd23ec17fca1d3
67d61728a5c9a135b181883feeadf72026cea20f247eb15e98d5ab83c672cf99
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
68d3b3695e9f762feacb3392df8a5fcea37febe2c95acff9b0b21a6b4cf492eb
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba3e5b047575a9950b8af65d886e5af717e3dde77f51da3f78c70ff1ab6fc11
6cfe3c10835cefa5aa4c94884ede24834cdb45f5c32bb38124b360e5aeeb716d
6dfd3cfccb18589b9e98dfa8f04218473eb40a5438f677a9a0ed55e7d8d78c35
6e6315215ab97e283c218d83912504c854ee95d8d030afb76c6fd75923a5481e
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
728ebd85302b4cc99e9cc7c4aa892f023604cc1ff17c82c734c62dfb7782c841
73082d4849583710938e62c042dee43585b3061a3ae3d76319217ca88c260319
732fecbd090575bc7c1c135c2a9776276e8cfdd6dddc6fc7381ff6cb364e39c6
7406d055c6cbe99296f74caa400c20433130a7b4e8111989f7166d7e6616dbb1
74712b71eea9ca3f103b57a62a5b2da78af9e59883074036788839817bc37538
776d2cfaf7272349538db5e8e3091409853fb27d98e3248b13bceaa4b1ab8e3b
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81cf60a6e9528df5f73059241d41842572ba6e35529ce1657312d78c3ac572a0
82a69162121a9f19e52e121617453d1c255797460bb7f903a1c181536cd95266
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
85c7fc0acc4c90e82efb09963151e3252158847a6267165c41cc237ad7671453
86069332d331c17de6b8ad8b320e557e1529dffd742f8f90a8fc5fc0cd3d82c5
869a18dd87b4583077da51c9108d88ac4cb6b5f0299f974393362f99fb1e22c3
8841d69a8f8d692df75af15793fa4cdf6ea6ce551a419cb2883235235128d169
89b55a72376820151b7e740283289ecaefd7def1a920fd7629f88e640d39f62c
8b8f4879c2a0d5f126342a7d1f6c3e0b328b6cd04d7f70c047e4bc31676879b3
8c747fe976d3edef0ca13c9a36f91347f91e6af11b3d4fd257f2ee1101705f2a
8c8e9ef296f8ec79c3d5960569515ee2a684a3e5ee7579190954b32f78be4270
8ceb82a3be090232b169e369bf77ca2544d23098ea211cb6d6d6e420b7af42db
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
91dd97f0544944726873a60c8b73f167ab347968d8c73e17d60a1d9dd5ed0def
9279514b274b76bfbe645986ede0e79f07ad802218b4a6c88f74f3a46747b5dd
929a71d55e958c6e91135e4c8502cf8244c89b38ce327fefe0fef5fd28598274
9337d637fee165c56f18e911ee36fae9a205070c384888d4546365686993d846
9353ef5ee9dc5aa63f593019ef04fa7978dbd9534faa7eb2a0bb3731c72e4c82
939a53d0a6c752ede112df5e7d6da32739764ddfbf8b1e96e3190f5e334122ed
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
941f03c0f39022e1840ebbd61f3f82ae12abe2266b9ff3af170bf78f61ad57c4
94c4acc687f95af2d926f6a71b900e3e141d29ce47a418f164dcfb97e1a173d8
975c88b361c1fba8131773f3f21b5846fcb5fd14be3cdcb24e8ee4acf02dee3d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d027e214c03513af637820c32a39e2d6b16b5790e8276c9132c50f37d657f4
99d3a35cb295c4056ab352e9c427bc40b90a30cedfa64fe1b0f4bc9fff48701a
9a280ca12a2d4400a93d3a9faf5e18bb2f65091a76e4cfe41b78621baab826f2
9ad498922283d143b7abade92e57ea7f0aea2bd35655220dc50a675f463a3c04
9d72c05fc51131fa5df04cae72a43ef21dc1f47490cb90d57a640b552e836c19
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1134d6bd7ae94fc73447e2e43abe6e419d24ce1dd1d92e77c2932166be7dd02
a152deb882dd0461cce156950f66058192be0152aebd37f94003a4731b97cd5a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
a5e263f1cce4e24e66cce27409573e496bd332475b470bc41893c0097df0b78e
a711e49b6f87c58949d9c94ac082bad74fe62c1979ed39ae16a4f4ff367a1211
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a76aa1c97653886eae1fdf25b5f54190cf89130cce7937ef5a63e822b728a105
a880f3013e466ede6d06458533b2b6c8dc9259dcb27dfc2142df9a34dc193ee0
a8c31a85990e61536bfbee3f353b42fe3799672462665bc2648954aa98c5f263
a8c89e4b7033f163d1b067be992e5332cde28e802c54cdd2c97b13a5744ebe93
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af3f350dca72e0309a29b508ce47c6a81588c1f1c4925407a397c53163d541b9
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b35cfe8d093a9cbccaca5987fe6bd77600d53a2e5b371564ae7aa02017b91ba0
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
b5718de47b175cd832d3b5fa835e3b0471162ae3be235d0adcec616c48faaaee
b77e7fd4c21e7e07e0b54923cfb766f06cb1ad5097631bb6d890b66435795e6b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6ed7fe5867d786e7c9e9587a3cc01df051586962da80be341dd0da4b29fafc
bd1a7cb989791276ea23378fbd0989415ac243e6363ed961318a3f75e4d220e7
bd54241a6ef534d4fd55a95d52035292958c4a55c350f8bb38b396ef4f49c1e5
be0d2ef318c65c37c17ccc5f76d95627708c8d04c172866c10726501db8d7f0f
c1038d24c8f0ac01ed910e302b6b4ba16da7dec316e6039d01e5f0aa4e5a5e85
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
ca48fbf161faf17cc5aa63137bcb9a8a4bc033e673d9d02bd3aa25c401695c89
ca81bc4c7927cf0792d37692063e406aa719bd07599e686744f4fe85b6be5d93
cb71555142b0898ed09078970c310e348c56fd4215e3d0de4c8e6884a90f708c
ce0059f5fdd56246c1a6f322af510a903deca40b64fadb33958a1aa00e8e8d0c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d0c0647d225dbc152018f2513db8bdc7f072000719e7a41ccc57907550b54741
d1474ac69d57ced8ca73171aa546b9479f7bdd32848f5bb9874d94b24f7d6cc5
d2c36fc71d6efc7b24236ccb3d8cfaa96d1c312d8ea7e3126b7debbb2b51a5fa
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
d4ab83418e9b970fcd64d5ca286490d8038de6a2c3a254cb3d412fea7cca59b3
d5b5016a7cb5e80ae74f9964b8773a853690a32d1321ad4ee2f26632ca67f308
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d79b05728822038259f59d5da8281d803c712650422122f13c7ee27fb97e06e3
d7d95341403f77253f60a1bba6338060b1e17c328417dd4912554c7d70d67977
d9ee13051b0d1372a52dca4350801ea7fec9ab61d9b8b96cfeb4a4fcd6fa66c5
da7448acd95eb05e58f8b68f4157b6ebd27fecc46a0fa0160d8bc85cb0f0066c
db269470ac8280c9603680a99823b0c721a5b2e757810f589b2aa5a24316eafa
dc235cac2323ee8828b2f31e716086dc03630116d97da63f3417b14a43b6a305
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd1e4f3c15ab5a94ab5e75430b6dfe462d4b29a26a2d1c4786410fbfd168ec9b
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
e009af7aa3b52160130eb7157c1a7f60424fe9757266d0be870a3689815fe0b4
e23d3f85fbcffd67376608d92e5e248c424835023e17df383a1ccd7d16bbc689
e33f9d6f3bffce55b1095840b77bd6bcf2d02405a3dbe853fcbe082461a58137
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fe5d75f9e74ac223091532e75851aba6ca3b69ec69cb9e68559e9e5ba64391
e83cb7b101f824599024cdc06ceb4b50404286f66d423dd5e5d6caf58a5c24d8
eabfe9af04dadbac29b08e11b51df2f3a12062410b68b6f0663140fa5ae19a4f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec897c2ac33fe9171cc74b964d87f9701c9f6c08b9c2867eeff7959c617bcc55
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ee14cb5ce7f59fb3240804e38e3f3a91410e06e5b9db9a06896b13d43b35450d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e8ef8ad4b51e6b8ab3e5e2e41d9c3d1a25fbf6397f08f326ebccf1dbf27485
f1221c4bf1bbef5d8e1fadaa827d6783b05dfa80e6364cc3dbf3009b36190418
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f20ef9fd178edf8a73ebf4271554436642d8c8444311971129691feb90d4e76d
f36fdd855922da4c881741e13f2bc62785b9243b3ea7f7d4d27f361317bed254
f4b95775737b01965c9005c2899973da340f5a957ebeeb13ac8d44d83be0a3de
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd323922eddc0b7e7903cb2b8722cc426c40c7a8bd3431f9080d09da0f20e3f5
fed393f873e036678e4595a74baf543c9f6f457f87d554487d354507390d1f1e
ff9ede93490b6d00ff34238e42820dea6890594714497ee982d5ee768a899fdf